Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

cilium — Vulnerabilities & Security Advisories 32

All 32 CVE vulnerabilities found in cilium, with AI-generated Chinese analysis, references, and POCs.

This page is a comprehensive vulnerability aggregation resource for cilium, focusing on software weaknesses associated with this open-source networking and security platform. It collects and organizes known security issues, ranging from code injection flaws and memory corruption vulnerabilities to misconfiguration risks and permission escalation errors that have been identified in various releases of the software. The data covers all publicly disclosed vulnerabilities from the inception of the project through the most recent updates, ensuring a complete historical perspective on the product's security landscape. Here, users can track vendor advisories released by the cilium community and associated maintainers to stay informed about critical patches and mitigation strategies. Readers can also gain a deeper understanding of specific weakness classes, such as Common Weakness Enumeration (CWE) categories, as they apply to network policy enforcement and eBPF-based technologies. Additionally, the page allows for detailed exploration of the product's vulnerability history, enabling security professionals to analyze trends, assess risk exposure over time, and evaluate the effectiveness of past remediation efforts. This centralized approach facilitates better threat intelligence gathering and supports more informed decision-making regarding deployment and update schedules. By consolidating disparate sources of vulnerability information, this resource serves as a vital tool for administrators, developers, and security analysts seeking to maintain the integrity and stability of cilium-based infrastructure.

Vendor: cilium

CVE IDTitleCVSSSeverityPublished
CVE-2026-41520 Cillium exposes sensitive information included in the cilium-bugtool debug archive CWE-200 7.9 High2026-05-08
CVE-2026-33726 Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic CWE-284 5.4 Medium2026-03-27
CVE-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled CWE-863 6.1 Medium2026-02-19
CVE-2025-64715 Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic CWE-284 4.0 Medium2025-11-29
CVE-2025-32793 Cilium packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters CWE-319 4.0 Medium2025-04-21
CVE-2025-30163 Node based network policies may incorrectly allow workload traffic CWE-863 3.4 Low2025-03-24
CVE-2025-30162 East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers CWE-863 3.2 Low2025-03-24
CVE-2025-23047 Cilium vulnerable to information leakage via insecure default Hubble UI CORS header CWE-200 6.5 Medium2025-01-22
CVE-2025-23028 DoS in Cilium agent DNS proxy from crafted DNS responses CWE-770 5.3 Medium2025-01-22
CVE-2024-52529 Layer 7 policy enforcement may not occur in policies with wildcarded port ranges in Cilium CWE-755 5.8 Medium2024-11-25
CVE-2024-47825 CIDR deny policies may not take effect when a more narrow CIDR allow is present CWE-276 4.0 Medium2024-10-21
CVE-2024-42486 Cilium vulnerable to information leakage via incorrect ReferenceGrant update logic in Gateway API CWE-200 5.4 Medium2024-08-16
CVE-2024-42488 Cilium agent's race condition may lead to policy bypass for Host Firewall policy CWE-362 6.8 Medium2024-08-15
CVE-2024-42487 Cilium's Gateway API route matching order contradicts specification CWE-113 4.0 Medium2024-08-15
CVE-2024-37307 Cilium leaks sensitive information in cilium-bugtool CWE-200 7.9 High2024-06-13
CVE-2024-28860 Insecure IPsec transport encryption in Cilium CWE-326 8.0 High2024-03-27
CVE-2024-28250 Cilium has possible unencrypted traffic between nodes when using WireGuard and L7 policies CWE-311 6.1 Medium2024-03-18
CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies CWE-311 6.1 Medium2024-03-18
CVE-2024-28248 Cilium intermittent HTTP policy bypass CWE-693 7.2 High2024-03-18
CVE-2024-25631 Unencrypted traffic between pods when using Wireguard and an external kvstore CWE-311 6.1 Medium2024-02-20
CVE-2024-25630 Cilium has unencrypted ingress/health traffic when using Wireguard transparent encryption CWE-311 6.1 Medium2024-02-20
CVE-2023-41332 Denial of service via Kubernetes annotations in specific Cilium configurations CWE-755 3.5 Low2023-09-26
CVE-2023-41333 Bypass of namespace restrictions in CiliumNetworkPolicy CWE-306 6.9 Medium2023-09-26
CVE-2023-39347 Cilium NetworkPolicy bypass via pod labels CWE-345 7.6 High2023-09-26
CVE-2023-34242 Cilium vulnerable to information leakage via incorrect ReferenceGrant handling CWE-200 3.4 Low2023-06-15
CVE-2023-30851 Potential HTTP policy bypass when using header rules in Cilium CWE-693 2.6 Low2023-05-25
CVE-2023-29002 Debug mode leaks confidential data in Cilium CWE-532 7.2 High2023-04-18
CVE-2023-27595 Cilium eBPF filters may be temporarily removed during agent restart CWE-755 6.5 Medium2023-03-17
CVE-2023-27594 Cilium vulnerable to potential network policy bypass when routing IPv6 traffic CWE-285 4.2 Medium2023-03-17
CVE-2023-27593 cilium-agent container can access the host via `hostPath` mount CWE-276 4.4 Medium2023-03-17

All 32 known CVE vulnerabilities affecting cilium with full Chinese analysis, references, and POCs where available.