Kubernetes Official CVE Feed

CVE-2026-4342

1 week ago

ingress-nginx comment-based nginx configuration injection

CVE-2026-3864

Kubernetes Official CVE Feed

1 week 3 days ago

CSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS server

CVE-2025-15566

Kubernetes Official CVE Feed

1 month 3 weeks ago

ingress-nginx auth-proxy-set-headers nginx configuration injection

CVE-2026-24514

Kubernetes Official CVE Feed

1 month 3 weeks ago

ingress-nginx Admission Controller denial of service

CVE-2026-24513

Kubernetes Official CVE Feed

1 month 3 weeks ago

ingress-nginx auth-url protection bypass

CVE-2026-24512

Kubernetes Official CVE Feed

1 month 3 weeks ago

ingress-nginx rules.http.paths.path nginx configuration injection

CVE-2026-1580

Kubernetes Official CVE Feed

1 month 3 weeks ago

ingress-nginx auth-method nginx configuration injection

CVE-2025-14269

Kubernetes Official CVE Feed

3 months 1 week ago

Credential caching in Headlamp with Helm enabled

CVE-2025-13281

Kubernetes Official CVE Feed

3 months 3 weeks ago

Portworx Half-Blind SSRF in kube-controller-manager

CVE-2025-9708

Kubernetes Official CVE Feed

6 months 1 week ago

Kubernetes C# Client: improper certificate validation in custom CA mode may lead to man-in-the-middle attacks

CVE-2025-7445

Kubernetes Official CVE Feed

6 months 3 weeks ago

secrets-store-sync-controller discloses service account tokens in logs

CVE-2025-5187

Kubernetes Official CVE Feed

7 months 2 weeks ago

Nodes can delete themselves by adding an OwnerReference

CVE-2025-7342

Kubernetes Official CVE Feed

8 months ago

VM images built with Kubernetes Image Builder Nutanix or OVA providers use default credentials for Windows images if user did not override

CVE-2025-4563

Kubernetes Official CVE Feed

9 months 2 weeks ago

Nodes can bypass dynamic resource allocation authorization checks

CVE-2025-1974

Kubernetes Official CVE Feed

1 year ago

ingress-nginx admission controller RCE escalation

CVE-2025-1098

Kubernetes Official CVE Feed

1 year ago

ingress-nginx controller configuration injection via unsanitized mirror annotations

CVE-2025-1097

Kubernetes Official CVE Feed

1 year ago

ingress-nginx controller configuration injection via unsanitized auth-tls-match-cn annotation

CVE-2025-24514

Kubernetes Official CVE Feed

1 year ago

ingress-nginx controller configuration injection via unsanitized auth-url annotation

CVE-2025-24513

Kubernetes Official CVE Feed

1 year ago

ingress-nginx controller auth secret file path traversal vulnerability

CVE-2025-1767

Kubernetes Official CVE Feed

1 year ago

GitRepo Volume Inadvertent Local Repository Access

Checked

1 hour 38 minutes ago

Auto-refreshing official CVE feed for Kubernetes repository

URL

https://kubernetes.io/docs/reference/issues-security/official-cve-feed/

Kubernetes Official CVE Feed feed

Kubernetes Official CVE Feed

Managed ad