cbcvebase.
CVE-2026-4342
published 2026-03-19

CVE-2026-4342: A security issue was discovered in ingress-nginx where a combination of Ingress annotations can be used to inject configuration into nginx. This can lead to…

PriorityP359high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.49%
70.9th percentile
A security issue was discovered in ingress-nginx where a combination of Ingress annotations can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

Affected

7 ranges
VendorProductVersion rangeFixed in
k8s.ioingress-nginx>= 0 < 0.0.0-20260319175635-5183b7d861370.0.0-20260319175635-5183b7d86137
kubernetesingress-nginx< 1.13.91.13.9
kubernetesingress-nginx< 1.14.51.14.5
kubernetesingress-nginx< 1.15.11.15.1
kubernetesnginx_ingress_controller< 1.13.91.13.9
kubernetesnginx_ingress_controller
kubernetesnginx_ingress_controller>= 1.14.0 < 1.14.51.14.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.