Lucene search
+L

36 matches found

Cvelist
Cvelist
added 3 days ago38 views

CVE-2026-52865 NGINX Ingress Controller vulnerability

When NGINX Ingress Controller processes Ingress or TransportServer resources, an authenticated, remote attacker with permission to create or modify Ingress or TransportServer resources can cause the NGINX Ingress Controller process to terminate. Impact: The NGINX Ingress Controller control plane...

7.1CVSS0.00286EPSS
Exploits0References1
CVE
CVE
added 3 days ago18 views

CVE-2026-52865

CVE-2026-52865 affects the NGINX Ingress Controller. When processing Ingress or TransportServer resources, an authenticated remote attacker with write access to create/modify those resources can cause the NGINX Ingress Controller process to terminate, leading to a persistent crash loop in the con...

7.1CVSS6.2AI score0.00286EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-44680

When NGINX Ingress Controller is configured with Custom Resource Definitions CRDs or Ingress annotations, an injection vulnerability exists in the configuration generator of NGINX Ingress Controller. Multiple user-controllable fields are written into the generated NGINX configuration without...

8.7CVSS6.2AI score0.00293EPSS
Exploits0References1
F5 Networks
F5 Networks
added 3 days ago16 views

K000161837: Out-of-band Security Notification (July 15, 2026)

Security Advisory Description On July 15, 2026, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. Article CVE|...

9.2CVSS6.1AI score0.0083EPSS
Exploits0
F5 Networks
F5 Networks
added 3 days ago7 views

K000161834: NGINX Ingress Controller vulnerability CVE-2026-52865

Security Advisory Description When NGINX Ingress Controller processes Ingress or TransportServer resources, an authenticated, remote attacker with permission to create or modify Ingress or TransportServer resources can cause the NGINX Ingress Controller process to terminate. CVE-2026-52865 Impact...

7.1CVSS6.1AI score0.00286EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 3 days ago10 views

K000161800: NGINX Ingress Controller vulnerability CVE-2026-55723

Security Advisory Description When NGINX Ingress Controller is configured with Custom Resource Definitions CRDs or Ingress annotations, an injection vulnerability exists in the configuration generator of NGINX Ingress Controller. Multiple user-controllable fields are written into the generated...

8.7CVSS6.1AI score0.00293EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-60183

Name of the Vulnerable Software and Affected Versions NGINX Ingress Controller affected versions not specified Description An injection flaw exists in the configuration generator when the software is configured with Custom Resource Definitions CRDs or Ingress annotations. Multiple user-controllab...

8.7CVSS6.2AI score0.00293EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/17 6:31 p.m.8 views

EUVD-2025-203903

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.4AI score0.00379EPSS
Exploits0References2
NVD
NVD
added 2025/12/17 4:16 p.m.16 views

CVE-2025-14727

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00379EPSS
Exploits0References1
OSV
OSV
added 2025/12/17 4:16 p.m.6 views

CVE-2025-14727

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.8AI score
Exploits0References1
CVE
CVE
added 2025/12/17 3:48 p.m.50 views

CVE-2025-14727

CVE-2025-14727 affects the NGINX Ingress Controller due to improper validation of the nginx.org/rewrite-target annotation, enabling a path traversal style issue. The F5 advisory notes that the vulnerability is present in the 5.x line (5.3.0) and fixes were introduced in 5.3.1; other branches have...

8.7CVSS6.5AI score0.00379EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/17 3:48 p.m.37 views

CVE-2025-14727 NGINX Ingress Controller vulnerability

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00379EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/17 3:48 p.m.4 views

CVE-2025-14727 NGINX Ingress Controller vulnerability

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.5AI score0.00379EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.8 views

PT-2025-51836

Name of the Vulnerable Software and Affected Versions NGINX Ingress Controller affected versions not specified Description A security issue exists in the NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. The issue concerns validation of the annotation. Software versions...

8.7CVSS6.3AI score0.00379EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-10173

Malware in sbrugna...

6.5CVSS6.4AI score0.00739EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2022-52395

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00607EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:17 p.m.11 views

CVE-2021-23055

On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls snippet use with NGINX Ingress Controller does not apply to Ingress objects. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.5CVSS7AI score0.00739EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/03/24 7:0 a.m.31 views

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

9.8CVSS7.5AI score0.99098EPSS
Exploits21
Microsoft CVE
Microsoft CVE
added 2025/03/24 7:0 a.m.26 views

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

9.8CVSS7.5AI score0.99098EPSS
Exploits21
Microsoft CVE
Microsoft CVE
added 2025/03/24 7:0 a.m.21 views

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

9.8CVSS7.5AI score0.99098EPSS
Exploits21
Rows per page
Query Builder