| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4342 | ingress-nginx comment-based nginx configuration injection | Kubernetes | ingress-nginx | High | 8.8 | 2026-03-19 21:50:18 | Deep Dive |
| CVE-2026-3288 | ingress-nginx rewrite-target nginx configuration injection | Kubernetes | ingress-nginx | High | 8.8 | 2026-03-09 21:00:48 | Deep Dive |
| CVE-2025-15566 | ingress-nginx auth-proxy-set-headers nginx configuration injection | Kubernetes | ingress-nginx | High | 8.8 | 2026-02-06 03:13:52 | Deep Dive |
| CVE-2026-24514 | ingress-nginx Admission Controller denial of service | Kubernetes | ingress-nginx | Medium | 6.5 | 2026-02-03 22:17:25 | Deep Dive |
| CVE-2026-24513 | ingress-nginx auth-url protection bypass | Kubernetes | ingress-nginx | Low | 3.1 | 2026-02-03 22:17:17 | Deep Dive |
| CVE-2026-24512 | ingress-nginx auth-method nginx configuration injection | Kubernetes | ingress-nginx | High | 8.8 | 2026-02-03 22:17:09 | Deep Dive |
| CVE-2026-1580 | ingress-nginx auth-method nginx configuration injection | Kubernetes | ingress-nginx | High | 8.8 | 2026-02-03 22:16:47 | Deep Dive |
| CVE-2025-24514 | ingress-nginx controller - configuration injection via unsanitized auth-url annotation | kubernetes | ingress-nginx | High | 8.8 | 2025-03-24 23:29:37 | Deep Dive |
| CVE-2025-24513 | ingress-nginx controller - auth secret file path traversal vulnerability | kubernetes | ingress-nginx | Medium | 4.8 | 2025-03-24 23:29:25 | Deep Dive |
| CVE-2025-1098 | ingress-nginx controller - configuration injection via unsanitized mirror annotations | kubernetes | ingress-nginx | High | 8.8 | 2025-03-24 23:29:16 | Deep Dive |
| CVE-2025-1097 | ingress-nginx controller - configuration injection via unsanitized auth-tls-match-cn annotation | kubernetes | ingress-nginx | High | 8.8 | 2025-03-24 23:29:06 | Deep Dive |
| CVE-2025-1974 | ingress-nginx admission controller RCE escalation | kubernetes | ingress-nginx | Critical | 9.8 | 2025-03-24 23:28:49 | Deep Dive |
| CVE-2024-7646 | Ingress NGINX Controller 安全漏洞 | Kubernetes | ingress-nginx | High | 8.8 | 2024-08-16 17:36:54 | Deep Dive |
| CVE-2023-5044 | Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation | Kubernetes | ingress-nginx | High | 7.6 | 2023-10-25 19:19:08 | Deep Dive |
| CVE-2023-5043 | Ingress nginx annotation injection causes arbitrary command execution | Kubernetes | ingress-nginx | High | 7.6 | 2023-10-25 19:18:58 | Deep Dive |
| CVE-2022-4886 | Ingress-nginx `path` sanitization can be bypassed with `log_format` directive | Kubernetes | ingress-nginx | High | 8.8 | 2023-10-25 19:18:46 | Deep Dive |
| CVE-2021-25748 | Ingress-nginx `path` sanitization can be bypassed with newline character | Kubernetes | Kubernetes ingress-nginx | High | 7.6 | 2023-05-24 00:00:00 | Deep Dive |
| CVE-2021-25746 | Ingress-nginx directive injection via annotations | Kubernetes | Kubernetes ingress-nginx | High | 7.6 | 2022-05-06 00:50:16 | Deep Dive |
| CVE-2021-25745 | Ingress-nginx path can be pointed to service account token file | Kubernetes | Kubernetes ingress-nginx | High | 7.6 | 2022-05-06 00:50:14 | Deep Dive |
| CVE-2021-25742 | Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces | Kubernetes | Kubernetes ingress-nginx | High | 7.6 | 2021-10-29 04:05:11 | Deep Dive |