top of page
perceptive_background_267k.jpg

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IP…

Published:

17 maart 2026 om 23:00:00

Alert date:

18 maart 2026 om 15:08:05

Source:

nvd.nist.gov

Click to open the original link from this advisory

Cloud & Virtualization, Network Infrastructure

CVE-2026-32254 affects Kube-router, a Kubernetes networking solution. Prior to version 2.8.0, the proxy module fails to validate externalIPs or loadBalancer IPs before programming them into node network configuration. This vulnerability allows potential network configuration manipulation. Version 2.8.0 contains a patch, and several workarounds are available including enabling DenyServiceExternalIPs feature gate, deploying admission policies, restricting service creation RBAC, monitoring service changes, and applying BGP prefix filtering.

Technical details

Mitigation steps:

Affected products:

Kube-router

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-32254
https://github.com/cloudnativelabs/kube-router/commit/a1f0b2eea3ee0f66b9a5b5c49dcb714619ccd456
https://github.com/cloudnativelabs/kube-router/releases/tag/v2.8.0
https://github.com/cloudnativelabs/kube-router/security/advisories/GHSA-phqm-jgc3-qf8g

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page