A vulnerability described as critical has been identified in cloudnativelabs kube-router up to 2.7.x . Affected is an unknown function of the component DenyServiceExternalIPs Feature . Such manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2026-32254 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.