CVE-2026-23766

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

EUVD-2026-2704

Istio through 1.28.2 allows iptables rule injection for changing firewall behavior via the traffic.sidecar.istio.io/excludeInterfaces annotation. NOTE: the reporter's position is "this doesn't represent a security vulnerability pod creators can already exclude sidecar injection entirely."...

CVE-2026-23766

...

CVE-2026-23766

Istio (through 1.28.2) is affected. A local, low-privilege user can inject iptables firewall rules via the traffic.sidecar.istio.io/excludeInterfaces annotation to alter firewall behavior, potentially impacting system integrity. Public descriptions acknowledge this may not represent a traditional...

PT-2026-3101

Name of the Vulnerable Software and Affected Versions Istio versions through 1.28.2 Description Istio versions through 1.28.2 permit the injection of iptables rules, potentially altering firewall behavior. This is achieved through the traffic.sidecar.istio.io/excludeInterfaces annotation. The...