Kubernetes
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Kubernetes product.
RSS Feeds for Kubernetes security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Kubernetes products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Kubernetes Sorted by Most Security Vulnerabilities since 2018
Kubernetes62 vulnerabilities
Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.
By the Year
In 2026 there have been 6 vulnerabilities in Kubernetes with an average score of 7.5 out of ten. Last year, in 2025 Kubernetes had 11 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Kubernetes in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.17
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 6 | 7.47 |
| 2025 | 11 | 7.64 |
| 2024 | 6 | 8.35 |
| 2023 | 22 | 7.50 |
| 2022 | 11 | 6.24 |
| 2021 | 12 | 5.61 |
| 2020 | 15 | 5.46 |
| 2019 | 17 | 6.74 |
| 2018 | 6 | 8.54 |
It may take a day or so for new Kubernetes vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Kubernetes Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-3288 | Mar 09, 2026 |
Ingress-Nginx Rewrite-Target Annotation Enables NGX Config InjectionA security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/rewrite-target` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) |
Ingress Nginx
|
| CVE-2025-15566 | Feb 06, 2026 |
Ingress-nginx Auth-Proxy Header Injection Enables Code Exec & Secret DisclosureA security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) |
Ingress Nginx
|
| CVE-2026-24514 | Feb 03, 2026 |
Ingress-nginx Vulnerable Validating Admission Controller Denial-of-ServiceA security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx controller pod being killed or the node running out of memory. |
Ingress Nginx
|
| CVE-2026-24513 | Feb 03, 2026 |
Ingress-nginx Auth-URL Bypass via Misconfigured Custom-ErrorsA security issue was discovered in ingress-nginx where the protection afforded by the `auth-url` Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration that includes HTTP errors 401 or 403, and if the configured default custom-errors backend is defective and fails to respect the X-Code HTTP header, then an Ingress with the `auth-url` annotation may be accessed even when authentication fails. Note that the built-in custom-errors backend works correctly. To trigger this issue requires an administrator to specifically configure ingress-nginx with a broken external component. |
Ingress Nginx
|
| CVE-2026-24512 | Feb 03, 2026 |
Ingress-nginx Path Injection Arbitrary Exec & Secret LeakA security issue was discovered in ingress-nginx where the `rules.http.paths.path` Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) |
Ingress Nginx
|
| CVE-2026-1580 | Feb 03, 2026 |
ingress-nginx Auth-Annotation Injection -> Arbitrary Code ExecA security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-method` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) |
Ingress Nginx
|
| CVE-2025-13281 | Dec 14, 2025 |
Kubernetes kube-controller-manager SSRF via Portworx StorageClassA half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control planes host network (including link-local or loopback services). |
Kubernetes
|
| CVE-2025-9708 | Sep 16, 2025 |
Kubernetes C# Client CA Validation Bypass Enables MITMA vulnerability exists in the Kubernetes C# client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority (CA) without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially intercept or manipulate communication with the Kubernetes API server, leading to possible man-in-the-middle attacks and API impersonation. |
Kubernetes
|
| CVE-2025-7342 | Aug 17, 2025 |
Kubernetes Image Builder: Default Credentials Enabled in Nutanix/OVA VM ImagesA security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the Windows image build process when using the Nutanix or VMware OVA providers. These credentials, which allow root access, are disabled at the conclusion of the build. Kubernetes clusters are only affected if their nodes use VM images created via the Image Builder project and the vulnerability was exploited during the build process, which requires an attacker to access the build VM and modify the image while the build is in progress. |
Image Builder
|
| CVE-2025-4563 | Jun 23, 2025 |
NodeRestriction ADCL PrivEsc via DynamicResourceAllocation in KubernetesA vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods that access unauthorized dynamic resources, potentially leading to privilege escalation. |
Kubernetes
|
| CVE-2025-1974 | Mar 25, 2025 |
Ingress-nginx: Arbitrary Exec via Pod Network in K8sA security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) |
Ingress Nginx
|
| CVE-2025-1097 | Mar 25, 2025 |
Ingress-nginx auth-tls-match-cn Injection Enables Code ExecutionA security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) |
Ingress Nginx
|
| CVE-2025-1098 | Mar 25, 2025 |
ingress-nginx mirror-annotations enable arbitrary config injection & code execA security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) |
Ingress Nginx
|
| CVE-2025-24513 | Mar 25, 2025 |
Directory Traversal via Admission Controller File Inclusion in ingress-nginxA security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster. |
Ingress Nginx
|
| CVE-2025-24514 | Mar 25, 2025 |
Ingress- Nginx auth-url Annotation RCE Leading to Secrets ExposureA security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) |
Ingress Nginx
|
| CVE-2024-7598 | Mar 20, 2025 |
Kubernetes NS Deletion Bypass: Policies Deleted Before PodsA security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for network policies to be deleted before the pods that they protect. This can lead to a brief period in which the pods are running, but network policies that should apply to connections to and from the pods are not enforced. |
Kubernetes
|
| CVE-2025-1767 | Mar 13, 2025 |
Kubernetes In-Tree gitRepo Vol Vulnerability (CVE-2025-1767)This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable. |
Kubernetes
|
| CVE-2024-8676 | Nov 26, 2024 |
CRI-O Container Restore Mount Validation Bypass VulnerabilityA vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the pod spec, verifying that the pod has access to the mounts it specifies are not applicable to a restored container. This flaw allows a malicious user to trick CRI-O into restoring a pod that doesn't have access to host mounts. The user needs access to the kubelet or cri-o socket to call the restore endpoint and trigger the restore. |
Cri O
|
| CVE-2024-9486 | Oct 15, 2024 |
Kubernetes Image Builder <=0.1.37 Default Credentials via Proxmox VMA security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be accessible via these default credentials. The credentials can be used to gain root access. Kubernetes clusters are only affected if their nodes use VM images created via the Image Builder project with its Proxmox provider. |
Image Builder
|
| CVE-2024-9594 | Oct 15, 2024 |
Kubernetes Image Builder <=v0.1.37: Default Credentials Leak During BuildA security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusion of the image build process. Kubernetes clusters are only affected if their nodes use VM images created via the Image Builder project. Because these images were vulnerable during the image build process, they are affected only if an attacker was able to reach the VM where the image build was happening and used the vulnerability to modify the image at the time the image build was occurring. |
Image Builder
|
| CVE-2024-5321 | Jul 18, 2024 |
K8s Windows Nodes Expose Log Read/Write via Auth/UsersA security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs. |
Kubernetes
|
| CVE-2024-5154 | Jun 12, 2024 |
cri-o Symlink Traversal Enables Host File Read/WriteA flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (../). This flaw allows the container to read and write to arbitrary files on the host system. |
Cri O
|
| CVE-2024-3177 | Apr 22, 2024 |
Kubernetes Secrets Bypass: ServiceAccount Mount Policy Violation (CVE-2024-3177)A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service accounts secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. |
Kubernetes
|
| CVE-2023-5528 | Nov 14, 2023 |
K8s Win Node Privilege Escalation via Pod & PVC in In-Tree StorageA security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes. |
Kubernetes
|
| CVE-2022-3172 | Nov 03, 2023 |
kube-apiserver Arbitrary URL Redirect (CVE-2022-3172)A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties. |
Apiserver
Kubernetes
|
| CVE-2023-3893 | Nov 03, 2023 |
Kubernetes CSIProxy Windows Node Privilege Escalation via Pod CreationA security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy. |
Csi Proxy
Kubernetes
|
| CVE-2023-3676 | Oct 31, 2023 |
K8s Windows Node PrivEsc via Pod Creation on Windows NodesA security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. |
Kubernetes
|
| CVE-2023-3955 | Oct 31, 2023 |
Kubernetes Windows Node Pod Escalation to Admin PrivilegesA security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. |
Kubernetes
|
| CVE-2021-25736 | Oct 30, 2023 |
Kube-Proxy Windows Traffic Forwarding Bug (CVE-2021-25736)Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (spec.ports[*].port) as a LoadBalancer Service when the LoadBalancer controller does not set the status.loadBalancer.ingress[].ip field. Clusters where the LoadBalancer controller sets the status.loadBalancer.ingress[].ip field are unaffected. |
Kubernetes
|
| CVE-2022-4886 | Oct 25, 2023 |
Ingress-nginx path sanitization bypass via log_formatIngress-nginx `path` sanitization can be bypassed with `log_format` directive. |
Ingress Nginx
|
| CVE-2023-5043 | Oct 25, 2023 |
NGINX Ingress Annotation Injection -> Arbitrary Cmd ExecIngress nginx annotation injection causes arbitrary command execution. |
Ingress Nginx
|
| CVE-2023-5044 | Oct 25, 2023 |
Code Injection via NGINX Ingress AnnotationCode injection via nginx.ingress.kubernetes.io/permanent-redirect annotation. |
Ingress Nginx
|
| CVE-2023-1943 | Oct 12, 2023 |
Privilege Escalation in kOps GCE Provider Gossip Mode (CVE-2023-1943)Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode. |
Operations
|
| CVE-2022-4318 | Sep 25, 2023 |
Cri-O: Arbitrary /etc/passwd Injection via Crafted ENV VariableA vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable. |
Cri O
|
| CVE-2023-1260 | Sep 24, 2023 |
Auth Bypass in kube-apiserver (K8s) Enables Privileged Pod EscalationAn authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod. |
Kube Apiserver
|
| CVE-2022-3466 | Sep 15, 2023 |
OCP cri-o execve Capability Elevation via Missing CVE-2022-27652 Fix (OCP<4.9.48)The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600. This issue could allow an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. For more details, see https://access.redhat.com/security/cve/CVE-2022-27652. |
Cri O
|
| CVE-2023-2727 | Jul 03, 2023 |
Kubernetes ImagePolicyWebhook allows arbitrary container launches via ephemeralsUsers may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers. |
Kubernetes
|
| CVE-2023-2728 | Jul 03, 2023 |
K8s ServiceAccount Admission bypasses mountablesecrets policy in containersUsers may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service accounts secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers. |
Kubernetes
|
| CVE-2023-2431 | Jun 16, 2023 |
Kubelet Seccomp Bypass via Empty Localhost ProfileA security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet. |
Kubernetes
|
| CVE-2023-2878 | Jun 07, 2023 |
K8s secrets-store-csi-driver <=1.3.3 SA Token Log LeakKubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs. |
Secrets Store Csi Driver
|
| CVE-2021-25748 | May 24, 2023 |
Ingress-Nginx Path Sanitization Bypass via Newline Expose Cluster SecretsA security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. |
Ingress Nginx
|
| CVE-2023-1944 | May 24, 2023 |
Minikube SSH Remote Access via Default Credentials (CVE-2023-1944)This vulnerability enables ssh access to minikube container using a default password. |
Minikube
|
| CVE-2021-25749 | May 24, 2023 |
Docker Windows Containers: RunAsNonRoot Ignored, Enabling Admin PrivilegesWindows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. |
Kubernetes
|
| CVE-2022-3162 | Mar 01, 2023 |
CVE-2022-3162: Undocumented Read Escalation via Namespaced CRDs in K8sUsers authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group. |
Kubernetes
|
| CVE-2022-3294 | Mar 01, 2023 |
K8s API Server Bypass Kubelet Node Proxy Validation for Private Network AccessUsers may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network. |
Kubernetes
|
| CVE-2022-2995 | Sep 19, 2022 |
CRIO: Supplementary Group MisHandlingInfo Disclosure/ModificationIncorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. |
Cri O
|
| CVE-2022-2385 | Jul 12, 2022 |
A security issue was discovered in aws-iam-authenticator where anA security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. |
Aws Iam Authenticator
|
| CVE-2022-1708 | Jun 07, 2022 |
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube APIA vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability. |
Cri O
|
| CVE-2021-25745 | May 06, 2022 |
A security issue was discovered in ingress-nginx where a userA security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. |
Ingress Nginx
|
| CVE-2021-25746 | May 06, 2022 |
A security issue was discovered in ingress-nginx where a userA security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. |
Ingress Nginx
|