CVE-2026-52865 in NGINX Ingress Controller情報

要約

〜によって MITRE • 2026年07月15日

When NGINX Ingress Controller processes Ingress or TransportServer resources, an authenticated, remote attacker with permission to create or modify Ingress or TransportServer resources can cause the NGINX Ingress Controller process to terminate.



Impact: The NGINX Ingress Controller control plane process terminates and enters a persistent crash loop while the malformed Ingress or TransportServer resource remains in the cluster. This vulnerability allows a remote, authenticated attacker with at least Ingress or TransportServer resource write access to cause a denial-of-service (DoS) on the NGINX Ingress Controller system. There is no data plane exposure; this is a control plane issue only.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

責任者

F5

予約する

2026年06月18日

モデレーション

承諾済み

エントリ

VDB-379273

EPSS

0.00000

アクティビティ

非常低い

ソース

Do you need the next level of professionalism?

Upgrade your account now!