EUVD-2026-16771

Flannel has cross-node remote code execution via extension backend BackendData injection...

CVE-2026-32241 Flannel vulnerable to cross-node remote code execution via extension backend BackendData injection

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...

CVE-2026-32241

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...

CVE-2026-32241

CVE-2026-32241 – Flannel extension backend command injection . The vulnerability affects Flannel prior to v0.28.2 when using the experimental Extension backend. The SubnetAddCommand and SubnetRemoveCommand take attacker-controlled data from the Kubernetes Node annotation flannel.alpha.coreos.com/...

PT-2026-28434

Name of the Vulnerable Software and Affected Versions Flannel versions prior to 0.28.2 Description Flannel, a network fabric for containers designed for Kubernetes, contains a command injection issue in its experimental Extension backend. An attacker who can set Kubernetes Node annotations can...

Open5GS Buffer Overflow Vulnerability (CNVD-2025-18574)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a buffer overflow vulnerability that is caused by incorrect bounds checking in the ogspfcpsubnetadd function in the pfcp library. No detailed...