Skip to main content

Kubernetes CVE-2026-33726

MEDIUM
Improper Access Control (CWE-284)
2026-03-26 https://github.com/cilium/cilium
5.4
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.4 MEDIUM
AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
SUSE
MEDIUM
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

3
Analysis Generated
Mar 26, 2026 - 17:00 vuln.today
Patch released
Mar 26, 2026 - 17:00 nvd
Patch available
CVE Published
Mar 26, 2026 - 16:48 nvd
MEDIUM 5.4

DescriptionGitHub Advisory

Impact

Ingress Network Policies are not enforced for traffic from pods to L7 Services (Envoy, GAMMA) with a local backend on the same node, when Per-Endpoint Routing is enabled and BPF Host Routing is disabled.

Per-Endpoint Routing is disabled by default, but is automatically enabled in deployments using cloud IPAM, including Cilium ENI on EKS (eni.enabled), AlibabaCloud ENI (alibabacloud.enabled), Azure IPAM (azure.enabled, but not AKS BYOCNI), and some GKE deployments (gke.enabled; managed offerings such as GKE Dataplane V2 may use different defaults). It is typically not enabled in tunneled deployments, and chaining deployments are not affected. In practice, Amazon EKS with Cilium ENI mode is likely the most common affected environment.

Patches

This issue was fixed by #44693.

This issue affects:

  • Cilium v1.19 between v1.19.0 and v1.19.1 inclusive
  • Cilium v1.18 between v1.18.0 and v1.18.7 inclusive
  • All versions of Cilium prior to v1.17.13

This issue is fixed in:

  • Cilium v1.19.2
  • Cilium v1.18.8
  • Cilium v1.17.14

Workarounds

Disclaimer: There is currently no officially verified or comprehensive workaround for this issue. The only option would be to disable per-endpoint routes, but this will likely cause disruptions to ongoing connections, and potential conflicts if running in cloud providers.

Acknowledgements

The Cilium community has worked together with members of the Northflank and Isovalent teams to prepare these mitigations. Cilium thanks @sudeephb and @Champ-Goblem for reporting the issue and to @smagnani96 and @julianwiedmann for helping with the resolution.

For more information

Anyone who believes a vulnerability affecting Cilium has been found is strongly encouraged to report it to the security mailing list at security@cilium.io. This is a private mailing list for the Cilium security team, and any such report will be treated as top priority. Please also address any comments or questions on this advisory to the same mailing list.

AnalysisAI

Cilium Network Policy enforcement is bypassed for traffic from pods to L7 Services with local backends on the same node when Per-Endpoint Routing is enabled and BPF Host Routing is disabled, allowing authenticated local attackers to circumvent ingress network policies and access restricted services. This affects Cilium v1.19.0-v1.19.1, v1.18.0-v1.18.7, and all versions prior to v1.17.13, with the most common vulnerable deployment being Amazon EKS with Cilium ENI mode. Vendor-released patches are available (v1.19.2, v1.18.8, v1.17.14), and no public exploit code has been identified at the time of analysis.

Technical ContextAI

Cilium is a container networking and security platform for Kubernetes that uses eBPF (extended Berkeley Packet Filter) and BPF Host Routing to enforce network policies at the kernel level (CPE: pkg:go/github.com_cilium_cilium). The vulnerability resides in the interaction between Per-Endpoint Routing (a feature that creates individual routes per service endpoint, commonly auto-enabled by cloud IPAM providers including AWS ENI, AlibabaCloud ENI, Azure IPAM, and some GKE deployments) and the absence of BPF Host Routing (which provides optimized in-kernel packet forwarding). When Per-Endpoint Routing is active without BPF Host Routing, the eBPF-based ingress Network Policy enforcement mechanism fails to properly intercept and validate traffic destined for L7 Services (Envoy-based or GAMMA protocol services) whose backends reside on the same node as the source pod. This is fundamentally a policy enforcement bypass rooted in CWE-284 (Improper Access Control), where the kernel-level policy checks are not executed for a specific traffic pattern due to routing configuration interaction.

RemediationAI

Upgrade Cilium to v1.19.2, v1.18.8, or v1.17.14 or later, as these versions include the fix from PR #44693. No officially verified comprehensive workaround exists; the only potential mitigation is to disable per-endpoint routes via configuration (e.g., set kubeProxyReplacement to 'strict' or adjust routing.podCIDR settings), though this approach may cause connection disruptions and conflicts in cloud provider deployments and is not recommended as a long-term solution. For Amazon EKS deployments using Cilium ENI, prioritize patching to a fixed version immediately given that EKS with Cilium ENI is identified as the most common vulnerable configuration. Consult https://docs.cilium.io/en/stable/network/concepts/routing/#routing and the Cilium upgrade documentation for version-specific migration guidance.

CVE-2025-1974 CRITICAL POC
9.8 Mar 25

A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2025-1098 HIGH POC
8.8 Mar 25

Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress

CVE-2025-24514 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres

CVE-2025-1097 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c

CVE-2020-8554 MEDIUM POC
6.3 Jan 21

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter

CVE-2025-55190 CRITICAL POC
9.9 Sep 04

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne

CVE-2018-18843 CRITICAL POC
10.0 Dec 04

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4

CVE-2026-22039 CRITICAL POC
9.9 Jan 27

Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass

CVE-2024-42480 CRITICAL POC
9.9 Aug 12

Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem

CVE-2023-28110 CRITICAL POC
9.9 Mar 16

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref

CVE-2026-25996 CRITICAL POC
9.8 Feb 12

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Leap 15.6 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP5 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP6 Fixed
openSUSE Leap 15.5 Fixed

Share

CVE-2026-33726 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy