BIT-CILIUM-OPERATOR-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...

BIT-CILIUM-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...

CVE-2026-26963

CVE-2026-26963 affects Cilium: vulnerable in versions 1.18.0–1.18.5 where traffic from Pods on other nodes can bypass isolation when Native Routing, WireGuard and Node Encryption are enabled. Root cause is the eBPF datapath handling allowing cross-node traffic leakage under those configurations. ...

CVE-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...

Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Impact Host Policies will incorrectly permit traffic from Pods on other nodes when all of the following configurations are enabled: Native Routing WireGuard Node Encryption beta These options are disabled by default in Cilium. Patches This issue was fixed by 42892. This issue affects: Cilium v1.1...

CVE-2025-55018

An inconsistent interpretation of http requests 'http request smuggling' vulnerability in Fortinet FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4.3 through 6.4.16 may allow an unauthenticated attacker to smuggle an unlogged http request...

EUVD-2019-0849

Malware in sbrugna...

Programmable Data Planes for Network Security

The emergence of programmable data planes, and particularly switches supporting the P4 language, has transformed network security by enabling customized, line-rate packet processing. These switches, originally intended for flexible forwarding, now play a broader role: detecting and mitigating...

CVE-2023-41675

A use after free vulnerability CWE-416 in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching pro...

PT-2023-6016 · Fortinet · Fortinet Ips Engine +1

Name of the Vulnerable Software and Affected Versions: Fortinet IPS Engine versions 6.158, 7.166, 7.321 Description: The issue is related to an interpretation conflict in the Fortinet IPS Engine, which can be exploited by an attacker to evade IPS features. This can be achieved via crafted TCP...

Protect

A use after free vulnerability CWE-416 in FortiOS & FortiProxy may allow an unauthenticated remote attacker to crash the Web Proxy process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection...

PT-2023-6002 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.0.0 through 7.0.10 FortiOS versions 7.2.0 through 7.2.4 FortiProxy versions 7.0.0 through 7.0.8 FortiProxy versions 7.2.0 through 7.2.2 Description: A use after free vulnerability in FortiOS and FortiProxy may allow an...

CVE-2023-33308

A stack-based overflow vulnerability CWE-124 in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy...

Stack overflow

A stack-based overflow vulnerability CWE-124 in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy...

CVE-2023-33308

CVE-2023-33308 impacts Fortinet FortiOS (versions 7.0.0–7.0.10, 7.2.0–7.2.3) and FortiProxy (7.0.0–7.0.9, 7.2.0–7.2.2). A stack-based overflow (CWE-124) may allow a remote, unauthenticated attacker to execute arbitrary code via crafted packets that reach proxy or firewall policies when SSL deep p...

CVE-2023-33308

A stack-based overflow vulnerability CWE-124 in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy...

CVE-2023-33308

A stack-based overflow vulnerability CWE-124 in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy...

Siemens SCALANCE Missing Encryption of Sensitive Data (CVE-2021-37731)

A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versions: Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address...

SA40971 - Pulse One On-Premise Remote Information Disclosure Vulnerability

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Pulse One On-Premise software version 2.0.1649 does not properly validate requests which allows remote users to query and obtain sensitive information. This issue is exploitable only f...

Fortinet FSSO Collector Agent 授权问题漏洞

The Fortinet FSSO Collector Agent is a small software program from Fortinet, Inc. that notifies the N4L Managed Router when a user authenticates to the network. An authorization issue vulnerability exists in FSSO Collector that stems from the system's efforts to properly restrict access from...