| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-26330 | Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly | envoyproxy | envoy | Medium | 5.3 | 2026-03-10 19:19:53 | Deep Dive |
| CVE-2026-26311 | Envoy HTTP: filter chain execution on reset streams causing UAF crash | envoyproxy | envoy | Medium | 5.9 | 2026-03-10 19:14:42 | Deep Dive |
| CVE-2026-26310 | Crash for scoped ip address in Envoy during DNS | envoyproxy | envoy | Medium | 5.9 | 2026-03-10 19:08:22 | Deep Dive |
| CVE-2026-26309 | Envoy has an off-by-one write in JsonEscaper::escapeString() | envoyproxy | envoy | Medium | 5.3 | 2026-03-10 19:04:21 | Deep Dive |
| CVE-2026-26308 | Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation | envoyproxy | envoy | High | 7.5 | 2026-03-10 19:01:28 | Deep Dive |
| CVE-2026-22771 | Envoy Extension Policy lua scripts injection causes arbitrary command execution | envoyproxy | gateway | High | 8.8 | 2026-01-12 18:08:23 | Deep Dive |
| CVE-2025-66220 | Envoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte | envoyproxy | envoy | Medium | 5.0 | 2025-12-03 18:31:50 | Deep Dive |
| CVE-2025-64763 | Envoy forwards early CONNECT data in TCP proxy mode | envoyproxy | envoy | Low | 3.7 | 2025-12-03 18:13:58 | Deep Dive |
| CVE-2025-64527 | Envoy crashes when JWT authentication is configured with the remote JWKS fetching | envoyproxy | envoy | Medium | 6.5 | 2025-12-03 18:04:35 | Deep Dive |
| CVE-2025-62504 | Envoy Lua filter use-after-free when oversized rewritten response body causes crash | envoyproxy | envoy | Medium | 6.5 | 2025-10-16 21:23:42 | Deep Dive |
| CVE-2025-62409 | Envoy allows large requests and responses to cause TCP connection pool crash | envoyproxy | envoy | - | - | 2025-10-16 17:47:26 | Deep Dive |
| CVE-2025-55162 | Envoy: oAuth2 Filter Signout route will not clear cookies because of missing "secure;" flag | envoyproxy | envoy | Medium | 6.3 | 2025-09-03 19:51:51 | Deep Dive |
| CVE-2025-54588 | Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults | envoyproxy | envoy | High | 7.5 | 2025-09-02 23:39:07 | Deep Dive |
| CVE-2025-46821 | Envoy vulnerable to bypass of RBAC uri_template permission | envoyproxy | envoy | Medium | 5.3 | 2025-05-07 21:24:08 | Deep Dive |
| CVE-2025-30157 | Envoy crashes when HTTP ext_proc processes local replies | envoyproxy | envoy | Medium | 6.5 | 2025-03-21 14:49:18 | Deep Dive |
| CVE-2025-25294 | Envoy Gateway Log Injection Vulnerability | envoyproxy | gateway | Medium | 5.3 | 2025-03-06 18:46:24 | Deep Dive |
| CVE-2025-24030 | Envoy Admin Interface Exposed through prometheus metrics endpoint | envoyproxy | gateway | High | 7.1 | 2025-01-23 03:20:28 | Deep Dive |
| CVE-2024-53271 | HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy | envoyproxy | envoy | High | 7.1 | 2024-12-18 19:12:21 | Deep Dive |
| CVE-2024-53270 | HTTP/1: sending overload crashes when the request is reset beforehand in envoy | envoyproxy | envoy | High | 7.5 | 2024-12-18 19:12:19 | Deep Dive |
| CVE-2024-53269 | Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy | envoyproxy | envoy | Medium | 4.5 | 2024-12-18 19:12:17 | Deep Dive |