Ingress-NGINX Flaw Enables Arbitrary Code Execution Attacks - gbhackers.com

Ingress-NGINX Flaw CVE/vulnerabilityCyber Security NewsVulnerability 2 min.Read Ingress-NGINX Flaw Enables Arbitrary Code Execution Attacks By Divya February 4, 2026 Share Facebook Twitter Pinterest WhatsApp A high-severity vulnerability has been discovered in the Kubernetes ingress-nginx controller, allowing attackers to execute arbitrary code and potentially compromise entire clusters. Tracked as CVE-2026-24512, this high-severity flaw enables malicious actors to inject configuration directives through the ingress controller and gain unauthorized access to cluster secrets. Vulnerability Overview CVE-2026-24512 affects the ingress-nginx controller, a widely deployed component used to manage network traffic in Kubernetes environments. The vulnerability stems from improper input validation in the rules.http.paths.path Ingress field, which can be exploited to inject a malicious configuration into nginx. Attribute Value CVE ID CVE-2026-24512 CVSS Score 8.8 (High) Attack Vector Network (AV:N) When successfully exploited, attackers can execute arbitrary code within the context of the ingress-nginx controller and access secrets that the controller can read. In default installations, the ingress-nginx controller typically has cluster-wide access to all Kubernetes secrets, making this vulnerability particularly dangerous. A successful attack could result in complete cluster compromise, enabling threat actors to steal sensitive credentials, manipulate workloads, and establish persistent access to the infrastructure. Affected Versions and CVSS Score This vulnerability has been assigned a CVSS v3.1 score of 8.8 (High), reflecting its significant risk to Kubernetes deployments. The scoring breakdown indicates a network-based attack vector, low attack complexity, a requirement for low privileges, and high impact on confidentiality, integrity, and availability. The following ingress-nginx versions are affected: All versions below v1.13.7 All versions below v1.14.3 Organizations running any version of ingress-nginx before these patched releases should consider themselves vulnerable and take immediate action.​ Mitigation and Remediation The Kubernetes security response committee has released patched versions to address this vulnerability. Organizations must upgrade to ingress-nginx v1.13.7, v1.14.3, or a later version to remediate the flaw fully. The ingress-nginx maintainers have published detailed upgrade documentation to guide administrators through the patching process. Security teams should monitor their Kubernetes environments for signs of exploitation. Suspicious indicators include unusual or malformed data within the rules.http.paths.path field of Ingress resources. Organizations should review existing Ingress objects for anomalous path values that contain special characters, escape sequences, or nginx configuration directives.​ Administrators can verify if their clusters run ingress-nginx by executing the command: kubectl get pods –all-namespaces –selector app.kubernetes.io/name=ingress-nginx. If ingress-nginx pods are present, immediate action should be taken to assess vulnerability status and apply patches. This vulnerability disclosure comes as the Kubernetes community has announced plans to retire the ingress-nginx project. Maintenance will cease in March 2026, after which no further security updates or bug fixes will be provided. Organizations using ingress-nginx should begin planning migration to alternative ingress controllers to ensure continued security and support. The retirement decision follows a series of critical vulnerabilities discovered in ingress-nginx throughout 2025, including the IngressNightmare vulnerability chain (CVE-2025-1974 and related issues). These security incidents highlighted the challenges of maintaining the widely deployed but complex ingress controller. Organizations should prioritize upgrading to the patched versions immediately while simultaneously evaluating long-term alternatives to ingress-nginx before the March 2026 retirement deadline. Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google. Tags cyber security Cyber Security News Vulnerability Divya Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. Hot this week Infosec- Resources How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities June 4, 2023 1 What is Deep Web The deep web, invisible web, or... SOC Architecture How to Build and Run a Security Operations Center (SOC Guide) – 2023 June 3, 2023 12 Today’s Cyber security operations center (CSOC) should have everything... Cyber Security News Network Penetration Testing Checklist – 2025 March 2, 2025 0 Network penetration testing is a cybersecurity practice that simulates... Cyber Security News Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component October 18, 2023 0 TeamViewer's popularity and remote access capabilities make it an... Checklist Web Server Penetration Testing Checklist – 2026 January 6, 2026 0 Web server pentesting is performed under three significant categories: identity,... Topics AcquisitionAdobeAdwareAIAmazonAmazon AWSAMDAndroidAnti VirusAntimalwareAntispoofingANY RUNApacheAPIAppleAPTArtificial IntelligenceAvastAWSAzureBackdoorBitcoinBluetoothBotnetBrowserBuffer over flowBug BountyBusinessChatbotsChatGPTChecklistChromeCiscoCISOCISO AdvisoryCloudCloud SecurityCloudflareComputer SecurityCourseCPUCross site ScriptingcryptocurrencyCryptocurrency hackCVE/vulnerabilityCyber AdvisoryCyber AICyber AttackCyber Crimecyber securityCyber security CourseCyber Security NewsCyber Security ResourcesDark WebData BreachData GovernanceDDOSDealsDeepSeekDiscordDNSDos AttackDriveDropboxEducationEmailEmail SecurityEthical HackingExploitExploitation ToolsExtratorrentsFACEBOOKFeaturedFirefoxFirefox NewsFirewallForensics ToolsgameGenAIGitHubGitLabGmailGoogleGoogle dorksGovernanceGRCHacking BooksHacksHardware HackingHBOHTMLHTTPIBMIISIncident ResponseInformation GatheringInformation Security RisksInfosec- ResourcesInsider ThreatsInstagramMore cyber security Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries 0 Hackers are abusing adversary-in-the-middle (AiTM) session hijacking to steal... cyber security EngageSDK Vulnerability puts millions of crypto wallets at risk 0 A newly disclosed vulnerability in the widely used Android... CVE/vulnerability Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data 0 A high-severity flaw in GitHub Copilot Chat recently allowed... cyber security Fake BTS Tour Ticket Scams Target Fans Worldwide 0 Cybercriminals are exploiting the massive hype around BTS’s return... APT Iranian APT alert: 5,219 Rockwell PLCs exposed online 0 Censys has warned that more than 5,000 Rockwell Automation/Allen-Bradley... cyber security Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy 0 Hackers are impersonating popular secure messaging apps to deploy... CVE/vulnerability HPE Aruba Private 5G Vulnerability Opens Door to Credential Theft Attacks 0 A newly disclosed security flaw in HPE Aruba Networking... CVE/vulnerability TP-Link Devices at Risk as Multiple Security Flaws Enable Takeover 0 Cybersecurity researchers have uncovered five significant security vulnerabilities in... Related Articles Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries cyber security April 10, 2026 EngageSDK Vulnerability puts millions of crypto wallets at risk cyber security April 10, 2026 Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data CVE/vulnerability April 10, 2026 Fake BTS Tour Ticket Scams Target Fans Worldwide cyber security April 10, 2026 Iranian APT alert: 5,219 Rockwell PLCs exposed online APT April 10, 2026 Recent News Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries Mayura Kathir - April 10, 2026 EngageSDK Vulnerability puts millions of crypto wallets at risk Mayura Kathir - April 10, 2026 Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data Divya - April 10, 2026 Fake BTS Tour Ticket Scams Target Fans Worldwide Mayura Kathir - April 10, 2026 Iranian APT alert: 5,219 Rockwell PLCs exposed online Mayura Kathir - April 10, 2026 Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy Mayura Kathir - April 10, 2026