Skip to main content

Cilium CVE-2026-49445

| EUVDEUVD-2026-44772 CRITICAL
Missing Authorization (CWE-862)
2026-07-06 https://github.com/cilium/cilium GHSA-3fcv-jvfp-m4q9
9.2
CVSS 3.1 · Vendor: https://github.com/cilium/cilium
Share

Severity by source

Vendor (https://github.com/cilium/cilium) PRIMARY
9.2 CRITICAL
AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H
vuln.today AI
9.2 CRITICAL

Socket is local and world-accessible so AV:L/AC:L/PR:N; Envoy admin control affects other cluster workloads' secrets and traffic giving S:C, C:H and A:H.

3.1 AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H
4.0 AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:H/SI:L/SA:H

Primary rating from Vendor (https://github.com/cilium/cilium).

CVSS VectorVendor: https://github.com/cilium/cilium

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 06, 2026 - 17:30 vuln.today
CVE Published
Jul 06, 2026 - 17:03 github-advisory
CRITICAL 9.2

DescriptionCVE.org

Impact

When Cilium L7 functionality is enabled on a cluster, the Envoy instance supporting this functionality creates a world-accessible socket on cluster nodes. A local attacker would be able to access Envoy admin endpoints. Depending on deployment configuration, this can expose sensitive information or allow disruptive administrative operations, such as:

  • Exposing TLS secrets
  • Disrupting traffic in the cluster
  • Terminating the Envoy process

This issue affects both the embedded and standalone Envoy deployment models.

Patches

This issue affects:

  • Cilium v1.19 between v1.19.0 and v1.19.1 inclusive
  • Cilium v1.18 between v1.18.0 and v1.18.7 inclusive
  • All versions of Cilium prior to v1.17.14

This issue has been patched in https://github.com/cilium/cilium/pull/44512, included in:

  • Cilium v1.19.2
  • Cilium v1.18.8
  • Cilium v1.17.14

Workarounds

There is no known workaround to this issue.

Acknowledgements

The Cilium community has worked together with members of Isovalent to prepare these mitigations. Special thanks to moemen for reporting the issue and 0xch4z for their work on triaging and remediating this issue.

For more information

If there are any questions or comments about this advisory, please reach out on [Slack (https://docs.cilium.io/en/latest/community/community/).

If anyone thinks they have found a vulnerability affecting Cilium, it is strongly encouraged to report it to the security mailing list at [security@cilium.io](mailto:security@cilium.io). This is a private mailing list for the Cilium security team, and the report will be treated as a top priority.

AnalysisAI

Missing authorization on Cilium's Envoy admin socket lets any local user on a cluster node reach privileged Envoy admin endpoints when L7 (Layer 7) network policy functionality is enabled. Affecting Cilium 1.17.x before 1.17.14, 1.18.0-1.18.7, and 1.19.0-1.19.1 in both embedded and standalone Envoy models, it carries a CVSS 9.2 (scope-changing) rating and allows dumping TLS secrets, disrupting cluster traffic, or killing the Envoy proxy. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local access to cluster node
Delivery
Connect to world-accessible Envoy admin socket
Exploit
Query admin endpoints for TLS secrets
Execution
Issue disruptive admin command
Impact
Dump secrets and terminate Envoy proxy

Vulnerability AssessmentAI

Exploitation Exploitation requires (1) Cilium L7 functionality (Layer 7 network policy / Envoy proxy) to be enabled on the cluster - this is the specific feature that creates the world-accessible Envoy admin socket; and (2) local access to a cluster node, i.e. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H yields 9.2 primarily because of the scope change (S:C): a foothold on one node's local socket lets an attacker affect the wider cluster (other workloads' TLS secrets and traffic). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who obtains local code execution on a cluster node - for example via a compromised low-privilege pod or a co-tenant workload - connects to Cilium's world-accessible Envoy admin socket. They query the admin endpoints to dump TLS certificates and keys used for L7 traffic, then issue an admin command to drain listeners or terminate the Envoy process, degrading or cutting cluster traffic. …
Remediation Vendor-released patch: upgrade to Cilium 1.19.2, 1.18.8, or 1.17.14, which contain the fix from https://github.com/cilium/cilium/pull/44512 (advisory GHSA-3fcv-jvfp-m4q9). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit all Cilium clusters to identify affected versions and L7 policy configurations. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-49445 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy