| CVE-2026-41520 |
medium |
4.4 |
4.4 |
|
|
|
21d ago |
Cillium exposes sensitive information included in the cilium-bugtool debug archive |
| CVE-2026-33726 |
unknown |
— |
— |
|
|
|
2mo ago |
Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic in github.com/cilium/cilium |
| CVE-2026-26963 |
unknown |
— |
— |
|
|
|
3mo ago |
Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled in github.com/cilium/cilium |
| CVE-2025-64715 |
unknown |
— |
— |
|
|
|
6mo ago |
Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium |
| CVE-2025-32793 |
unknown |
— |
— |
|
|
|
1y ago |
In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters in github.com/cilium/cilium |
| CVE-2025-30163 |
unknown |
— |
— |
|
|
|
1y ago |
Cilium node based network policies may incorrectly allow workload traffic in github.com/cilium/cilium |
| CVE-2025-30162 |
unknown |
— |
— |
|
|
|
1y ago |
Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers in github.com/cilium/cilium |
| CVE-2025-23047 |
unknown |
— |
— |
|
|
|
1y ago |
Cilium has an information leakage via insecure default Hubble UI CORS header in github.com/cilium/cilium |
| CVE-2025-23028 |
unknown |
— |
— |
|
|
|
1y ago |
DoS in Cilium agent DNS proxy from crafted DNS responses in github.com/cilium/cilium |
| CVE-2024-52529 |
unknown |
— |
— |
|
|
|
2y ago |
Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges in github.com/cilium/cilium |
| CVE-2024-47825 |
unknown |
— |
— |
|
|
|
2y ago |
Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present in github.com/cilium/cilium |
| CVE-2024-42486 |
unknown |
— |
— |
|
|
|
2y ago |
Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API in github.com/cilium/cilium |
| CVE-2024-42487 |
unknown |
— |
— |
|
|
|
2y ago |
Gateway API route matching order contradicts specification in github.com/cilium/cilium |
| CVE-2024-42488 |
unknown |
— |
— |
|
|
|
2y ago |
Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium |
| CVE-2024-37307 |
unknown |
— |
— |
|
|
|
2y ago |
Cilium leaks sensitive information in cilium-bugtool in github.com/cilium/cilium |
| CVE-2024-28860 |
unknown |
— |
— |
|
|
|
2y ago |
Insecure IPsec transparent encryption in github.com/cilium/cilium |
| CVE-2024-28250 |
unknown |
— |
— |
|
|
|
2y ago |
Unencrypted traffic between nodes with WireGuard in github.com/cilium/cilium |
| CVE-2024-28249 |
unknown |
— |
— |
|
|
|
2y ago |
Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium |
| CVE-2024-28248 |
unknown |
— |
— |
|
|
|
2y ago |
HTTP policy bypass in github.com/cilium/cilium |
| CVE-2024-25631 |
unknown |
— |
— |
|
|
|
2y ago |
Unencrypted traffic between pods when using Wireguard and an external kvstore in github.com/cilium/cilium |
| CVE-2024-25630 |
unknown |
— |
— |
|
|
|
2y ago |
Unencrypted ingress/health traffic when using Wireguard transparent encryption in github.com/cilium/cilium |
| CVE-2023-41333 |
unknown |
— |
— |
|
|
|
3y ago |
Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy in github.com/cilium/cilium |
| CVE-2023-41332 |
unknown |
— |
— |
|
|
|
3y ago |
Specific Cilium configurations vulnerable to DoS via Kubernetes annotations in github.com/cilium/cilium |
| CVE-2023-39347 |
unknown |
— |
— |
|
|
|
3y ago |
Kubernetes users may update Pod labels to bypass network policy in github.com/cilium/cilium |
| CVE-2023-34242 |
unknown |
— |
— |
|
|
|
3y ago |
Cilium vulnerable to information leakage via incorrect ReferenceGrant handling in github.com/cilium/cilium |
| CVE-2023-30851 |
unknown |
— |
— |
|
|
|
3y ago |
Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium |
| CVE-2023-29002 |
unknown |
— |
— |
|
|
|
3y ago |
Debug mode leaks confidential data in Cilium in github.com/cilium/cilium |
| CVE-2023-27595 |
unknown |
— |
— |
|
|
|
3y ago |
Cilium eBPF filters may be temporarily removed during agent restart in github.com/cilium/cilium |
| CVE-2023-27594 |
unknown |
— |
— |
|
|
|
3y ago |
Potential network policy bypass when routing IPv6 traffic in github.com/cilium/cilium |
| CVE-2023-27593 |
unknown |
— |
— |
|
|
|
3y ago |
cilium-agent container can access the host via `hostPath` mount |
| CVE-2022-29179 |
unknown |
— |
— |
|
|
|
4y ago |
Improper Privilege Management in Cilium in github.com/cilium/cilium |
| CVE-2022-29178 |
unknown |
— |
— |
|
|
|
4y ago |
Access to Unix domain socket can lead to privileges escalation in Cilium in github.com/cilium/cilium |