50 matches found
CVE-2026-33726
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pods to L7 Services Envoy, GAMMA with a local backend on the same node, when Per-Endpoint Routing is...
PT-2026-28513
Name of the Vulnerable Software and Affected Versions Cilium versions prior to 1.17.14 Cilium versions 1.18.0 through 1.18.7 Cilium versions 1.19.0 through 1.19.1 Description Cilium is a networking, observability, and security solution utilizing an eBPF-based dataplane. Ingress Network Policies a...
GHSA-P77J-4MVH-X3M3 vulnerabilities
Vulnerabilities for packages: coredns, container-object-storage-interface, etcd, op-geth, vault-benchmark, terraform, minio, ko, falco-no-driver, buildah, prometheus-blackbox-exporter, kyverno-policy-reporter, cloud-provider-azure, cosign, gitea, cloudnative-pg, velero, azure-service-operator,...
📄 Cilium 1.18.5 Traffic Bypass
This Python proof of concept script performs a comprehensive node-level analysis to assess a vulnerability in Cilium versions 1.18.0 through 1.18.5 that allows cross-node Pod traffic to bypass Host Firewall policies when Native Routing, WireGuard, and Node Encryption are enabled...
Linux Distros Unpatched Vulnerability : CVE-2026-26963
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from...
CVE-2026-26963
A flaw was found in Cilium. When specific network configurations, including Native Routing, WireGuard, and Node Encryption, are enabled, Cilium incorrectly allows network traffic from Pods on other nodes. This can lead to unauthorized access to network communications and potential information...
EUVD-2023-1875
Malicious code in bioql PyPI...
EUVD-2025-0150
Malicious code in bioql PyPI...
EUVD-2023-1092
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-30163
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly...
Linux Distros Unpatched Vulnerability : CVE-2025-30162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services an...
CVE-2024-28249
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...
CVE-2023-30851
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...
CVE-2023-27595
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This ca...
BIT-CILIUM-2025-32793 Cilium packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can lea...
BIT-CILIUM-OPERATOR-2025-32793 Cilium packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can lea...
GHSA-5VXX-C285-PCQ4 In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters
Impact When using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can leave the source node without encryption due to a race condition in how traffic is processed by Cilium. Patches This issue has been patched in...
CVE-2025-32793
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can lea...
CVE-2025-32793 Cilium packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can lea...
CVE-2025-32793
CVE-2025-32793 affects Cilium’s eBPF dataplane when WireGuard transparent encryption is enabled. Versions 1.15.0–1.15.15, 1.16.0–1.16.8, and 1.17.0–1.17.2 are vulnerable to a race condition where packets from a terminating endpoint may leave the source node unencrypted. The issue is fixed in 1.15...