Kubernetes RBAC in 2026: From nodes/proxy to AKS CVE-10.0 — Three Real Paths to Cluster-Admin
Three documented Kubernetes privilege escalation paths from 2026: Graham Helton's nodes/proxy → cluster-wide RCE disclosure (January), CVE-2026-33105 in Azure Kubernetes Service (CVSS 10.0, April), and Kyverno's ConfigMap context bypass for multi-ten




