CVE-2026-32254 in kube-routerИнформация

Сводка

по MITRE • 18.03.2026

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds include enabling DenyServiceExternalIPs feature gate, deploying admission policy, restricting service creation RBAC, monitoring service changes, and applying BGP prefix filtering.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

GitHub M

Резервировать

11.03.2026

Раскрытие

18.03.2026

Модерация

принято

Вход

VDB-351483

CPE

готов

CWE

CWE-284 (Подтверждённый)

CVSS

7.1 (CNA)

EPSS

0.00063

KEV

Нет

Деятельности

Очень низкий

Сектор

Homeoffice, Telecommunication, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-32254
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-32254
CVE Details	https://www.cvedetails.com/cve/CVE-2026-32254/

◂ Предыдущий Обзор Далее ▸

Do you know our Splunk app?

Download it now for free!