CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2026-3864 – CSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS server
https://notcve.org/view.php?id=CVE-2026-3864
20 Mar 2026 — A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequences (../). During volume deletion or cleanup operations, the driver could operate on unintended directories outside the intended managed path within the NFS export. This may lead to deletion or modification of direct... • https://github.com/kubernetes/kubernetes/issues/137797 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2026-4342 – ingress-nginx comment-based nginx configuration injection
https://notcve.org/view.php?id=CVE-2026-4342
19 Mar 2026 — A security issue was discovered in ingress-nginx where a combination of Ingress annotations can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) Se descubrió un problema de seguridad en ingress-nginx donde una combinación de anotaciones de Ingress puede utilizarse para inyectar... • https://github.com/kubernetes/kubernetes/issues/137893 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2026-3288 – ingress-nginx rewrite-target nginx configuration injection
https://notcve.org/view.php?id=CVE-2026-3288
09 Mar 2026 — A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/rewrite-target` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) Se descubrió un problema de seguridad en ingress-nginx donde la anotación Ingress 'nginx.ingress.kuber... • https://github.com/kubernetes/kubernetes/issues/137560 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-15566 – ingress-nginx auth-proxy-set-headers nginx configuration injection
https://notcve.org/view.php?id=CVE-2025-15566
06 Feb 2026 — A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) • https://github.com/kubernetes/kubernetes/issues/136789 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-24514 – ingress-nginx Admission Controller denial of service
https://notcve.org/view.php?id=CVE-2026-24514
03 Feb 2026 — A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx controller pod being killed or the node running out of memory. This update for govulncheck-vulndb fixes the following issues. • https://github.com/kubernetes/kubernetes/issues/136680 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 0CVE-2026-24513 – ingress-nginx auth-url protection bypass
https://notcve.org/view.php?id=CVE-2026-24513
03 Feb 2026 — A security issue was discovered in ingress-nginx where the protection afforded by the `auth-url` Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration that includes HTTP errors 401 or 403, and if the configured default custom-errors backend is defective and fails to respect the X-Code HTTP header, then an Ingress with the `auth-url` annotation may be accessed even when authentication fa... • https://github.com/kubernetes/kubernetes/issues/136679 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-24512 – ingress-nginx auth-method nginx configuration injection
https://notcve.org/view.php?id=CVE-2026-24512
03 Feb 2026 — A security issue was discovered in ingress-nginx cthe `rules.http.paths.path` Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) A security issue was discovered in ingress-nginx where the `rules.http.paths.path` Ingress field can be used to inject configuration ... • https://github.com/kubernetes/kubernetes/issues/136678 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-1580 – ingress-nginx auth-method nginx configuration injection
https://notcve.org/view.php?id=CVE-2026-1580
03 Feb 2026 — A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-method` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) This update for govulncheck-vulndb fixes the following issues. • https://github.com/kubernetes/kubernetes/issues/136677 • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-13281 – Portworx Half-Blind SSRF in kube-controller-manager
https://notcve.org/view.php?id=CVE-2025-13281
14 Dec 2025 — A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services). This update for govulncheck-vulndb fixes the following issues. • https://github.com/kubernetes/kubernetes/issues/135525 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-9708 – Kubernetes C# Client: improper certificate validation in custom CA mode may lead to man-in-the-middle attacks
https://notcve.org/view.php?id=CVE-2025-9708
16 Sep 2025 — A vulnerability exists in the Kubernetes C# client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority (CA) without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially intercept or manipulate communication with the Kubernetes API server, leading to possible man-in-the-middle attacks and API impersonation. • https://github.com/kubernetes/kubernetes/issues/134063 • CWE-295: Improper Certificate Validation •