637 matches found
BIT-CILIUM-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...
BIT-CILIUM-OPERATOR-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...
CVE-2026-26963
A flaw was found in Cilium. When specific network configurations, including Native Routing, WireGuard, and Node Encryption, are enabled, Cilium incorrectly allows network traffic from Pods on other nodes. This can lead to unauthorized access to network communications and potential information...
CVE-2026-26963
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...
UBUNTU-CVE-2026-26963
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...
Cilium 安全漏洞
Cilium is an open-source software developed by Cilium contributors. It is used to provide and transparently protect network connections and load balancing between application workloads, such as application containers or processes. Versions of Cilium from 1.18.0 to 1.18.5 contain security...
CVE-2026-26963
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...
CVE-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to incorrect handling of network traffic permissions when certain network configurations, such as Native Routing, WireGuard, and Node Encryption, are enabled. An attacker can gain unauthorized access t...
CVE-2026-26963
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...
CVE-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...
CVE-2026-26963
CVE-2026-26963 affects Cilium: vulnerable in versions 1.18.0–1.18.5 where traffic from Pods on other nodes can bypass isolation when Native Routing, WireGuard and Node Encryption are enabled. Root cause is the eBPF datapath handling allowing cross-node traffic leakage under those configurations. ...
CVE-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...
GHSA-5R23-PRX4-MQG3 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled
Impact Host Policies will incorrectly permit traffic from Pods on other nodes when all of the following configurations are enabled: Native Routing WireGuard Node Encryption beta These options are disabled by default in Cilium. Patches This issue was fixed by 42892. This issue affects: Cilium v1.1...
Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled
Impact Host Policies will incorrectly permit traffic from Pods on other nodes when all of the following configurations are enabled: Native Routing WireGuard Node Encryption beta These options are disabled by default in Cilium. Patches This issue was fixed by 42892. This issue affects: Cilium v1.1...
PT-2026-20966
Name of the Vulnerable Software and Affected Versions Cilium versions 1.18.0 through 1.18.5 Description Cilium, a networking, observability, and security solution utilizing an eBPF-based dataplane, is affected by an issue where traffic from Pods on other nodes may be incorrectly permitted. This...
CVE-2026-25760
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.6.11, a path traversal in the website content subsystem lets an authenticated operator read arbitrary files on the Sliver server host. This is an authenticated path traversal / arbitrary file read issue, a...
CVE-2026-25760 Website Path Traversal / Arbitrary File Read (Authenticated) in Sliver
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.6.11, a path traversal in the website content subsystem lets an authenticated operator read arbitrary files on the Sliver server host. This is an authenticated path traversal / arbitrary file read issue, a...
GO-2026-4398 WireGuard Portal v2 has Open Redirect Vulnerability in OAuth Authentication Flow in github.com/h44z/wg-portal
WireGuard Portal v2 has Open Redirect Vulnerability in OAuth Authentication Flow in github.com/h44z/wg-portal. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports fr...
GHSA-GRH9-37G7-53MJ WireGuard Portal v2 has Open Redirect Vulnerability in OAuth Authentication Flow
Summary An Open Redirect vulnerability exists in the OAuth authentication flow that allows attackers to redirect users to external malicious websites after authentication. The vulnerability is caused by insufficient validation of the return parameter in the OAuth login initialization endpoint...