CVE-2026-39821 affecting package flannel for versions less than 0.24.2-28

CVE-2026-39821 affecting package flannel for versions less than 0.24.2-28. A patched version of the package is available...

CLEANSTART-2026-TZ10716 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289 applied in versions: 1.6.0-r0

Multiple security vulnerabilities affect the cni-plugin-flannel package. These issues are resolved in later releases. See references for individual vulnerability details...

ROS-20260506-73-0042

Vulnerability in flannel due to failure to clean data at the management level. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...

Security update for flannel (important)

openSUSE Security Update: Security update for flannel Announcement ID: openSUSE-SU-2026:0149-1 Rating: important References: 1260847 1260853 Cross-References: CVE-2026-33343 CVE-2026-33413 CVSS scores: CVE-2026-33343 SUSE: 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N...

Security update for flannel (important)

openSUSE Security Update: Security update for flannel Announcement ID: openSUSE-SU-2026:0150-1 Rating: important References: 1260847 1260853 Cross-References: CVE-2026-33343 CVE-2026-33413 CVSS scores: CVE-2026-33343 SUSE: 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N...

flannel-0.28.4-1.1 on GA media (moderate)

flannel-0.28.4-1.1 on GA media Announcement ID: openSUSE-SU-2026:10562-1 Rating: moderate Cross-References: CVE-2026-33413 CVSS scores: CVE-2026-33413 SUSE : 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2026-33413 SUSE : 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N...

OPENSUSE-SU-2026:10562-1 flannel-0.28.4-1.1 on GA media

These are all security issues fixed in the flannel-0.28.4-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: grafana-pyroscope, ipfs-cluster, migrate, snyk-cli, kaf, secrets-store-csi-driver-provider-azure, prometheus-blackbox-exporter, q, k3s, whereabouts, azurefile-csi, incert, smokescreen, nri-f5, spark-operator, hey, mongodb-kubernetes-operator, envconsul,...

CVE-2026-32241 affecting package flannel for versions less than 0.24.2-25

CVE-2026-32241 affecting package flannel for versions less than 0.24.2-25. A patched version of the package is available...

GO-2026-4894 Flannel has cross-node remote code execution via extension backend BackendData injection in github.com/flannel-io/flannel

Flannel has cross-node remote code execution via extension backend BackendData injection in github.com/flannel-io/flannel...

PT-2026-29941

Flannel has cross-node remote code execution via extension backend BackendData injection in github.com/flannel-io/flannel...

SUSE CVE-2026-32241

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...

Flannel vulnerable to cross-node remote code execution via extension backend BackendData injection

...

CVE-2026-32241

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...

GHSA-VCHX-5PR6-FFX2 Flannel has cross-node remote code execution via extension backend BackendData injection

Background The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. This backend uses shell commands stored in Kubernetes annotations to configure network connectivity on the node. Note: consumers are only affected by this vulnerabili...

EUVD-2026-16771

Flannel has cross-node remote code execution via extension backend BackendData injection...

CVE-2026-32241

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...

CVE-2026-32241

CVE-2026-32241 – Flannel extension backend command injection . The vulnerability affects Flannel prior to v0.28.2 when using the experimental Extension backend. The SubnetAddCommand and SubnetRemoveCommand take attacker-controlled data from the Kubernetes Node annotation flannel.alpha.coreos.com/...

CVE-2026-32241

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...

CVE-2026-32241 Flannel vulnerable to cross-node remote code execution via extension backend BackendData injection

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...