Back to overview

CVE-2026-49445

CRITICAL
9.2
CVSS 3.1
Description
Cilium is a networking, observability, and security solution. Prior to 1.17.14, 1.18.8, and 1.19.2, when Cilium L7 functionality is enabled, the embedded or standalone Envoy instance creates a world-accessible admin.sock on cluster nodes, allowing a local attacker to access Envoy admin endpoints, expose TLS secrets, disrupt cluster traffic, or terminate Envoy. This issue is fixed in versions 1.17.14, 1.18.8, and 1.19.2.

Metadata

CVE ID
CVE-2026-49445
State
PUBLISHED
Assigner
GitHub_M
Reserved
2026-05-30 02:43 UTC
Published
2026-07-15 19:11 UTC
Last updated
2026-07-15 19:11 UTC
Primary CWE
CWE-732
CWE-732: Incorrect Permission Assignment for Critical Resour…
Vendor / Product
cilium / cilium
Sources
cve.org  ·  NVD

Severity & Metrics

9.2 CRITICAL CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H
Affected products (1)
VendorProductPlatformVersions
cilium cilium < 1.17.14, >= 1.18.0, < 1.18.8, >= 1.19.0, < 1.19.2
Weakness (CWE)
CWESourceDescription
CWE-732 cna CWE-732: Incorrect Permission Assignment for Critical Resource
CVSS scores (1)
ScoreSeverityVersionSourceVector
9.2 CRITICAL 3.1 cna CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H
References (6)
Back to overview