Skip to main content

NGINX Ingress Controller EUVDEUVD-2026-44681

| CVE-2026-52865 HIGH
NULL Pointer Dereference (CWE-476)
2026-07-15 f5 GHSA-gv6x-94m7-c6hh
7.1
CVSS 4.0 · Vendor: f5
Share

Severity by source

Vendor (f5) PRIMARY
7.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
6.5 MEDIUM

Network-reachable with low complexity and no interaction, but requires RBAC write privileges (PR:L); impact is an availability-only crash loop, so C:N/I:N/A:H with scope unchanged.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (f5).

CVSS VectorVendor: f5

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Analysis Generated
Jul 15, 2026 - 15:31 vuln.today
Severity Changed
Jul 15, 2026 - 15:22 NVD
MEDIUM HIGH
CVSS changed
Jul 15, 2026 - 15:22 NVD
6.5 (MEDIUM) 7.1 (HIGH)
CVE Published
Jul 15, 2026 - 14:33 cve.org
HIGH 7.1

DescriptionCVE.org

When NGINX Ingress Controller processes Ingress or TransportServer resources, an authenticated, remote attacker with permission to create or modify Ingress or TransportServer resources can cause the NGINX Ingress Controller process to terminate.

Impact: The NGINX Ingress Controller control plane process terminates and enters a persistent crash loop while the malformed Ingress or TransportServer resource remains in the cluster. This vulnerability allows a remote, authenticated attacker with at least Ingress or TransportServer resource write access to cause a denial-of-service (DoS) on the NGINX Ingress Controller system. There is no data plane exposure; this is a control plane issue only.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

AnalysisAI

Denial of service in F5 NGINX Ingress Controller allows an authenticated remote attacker holding write access to Ingress or TransportServer resources to crash the control plane by submitting a malformed resource. Because the offending resource persists in the cluster, the controller re-reads it and re-crashes, producing a durable crash loop rather than a one-time outage. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain RBAC write to Ingress/TransportServer
Delivery
Craft malformed resource spec
Exploit
Apply resource to cluster
Execution
Controller dereferences null pointer
Persist
Control plane crash loops
Impact
Cluster-wide ingress DoS

Vulnerability AssessmentAI

Exploitation The attacker must be an authenticated principal with Kubernetes RBAC write access (create or modify) to Ingress or TransportServer resources processed by the F5 NGINX Ingress Controller - this is the exact, concrete prerequisite reflected in CVSS PR:L. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor CVSS 4.0 score is 7.1 (AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H) - network-reachable, low complexity, no user interaction, but requiring low privileges and yielding only availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained a Kubernetes account with namespaced permission to create Ingress or TransportServer resources - for example a tenant in a shared cluster or a compromised CI/CD pipeline service account - submits a specially malformed resource. The NGINX Ingress Controller reads the object, hits the null pointer dereference, and crashes; because the resource remains in etcd, the controller crash-loops on every restart, denying ingress reconciliation cluster-wide. …
Remediation Patch available per vendor advisory - upgrade F5 NGINX Ingress Controller to the fixed release listed in F5 article K000161834 (https://my.f5.com/manage/s/article/K000161834); the exact fixed version is not enumerated in the provided data and must be taken from that advisory. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all F5 NGINX Ingress Controller deployments and document their versions against the vendor advisory for CVE-2026-52865. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-44681 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy