BIT-cilium-operator-2026-26963

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/cilium-operator/BIT-cilium-operator-2026-26963.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-cilium-operator-2026-26963

Aliases

Published

2026-02-21T08:36:53.458Z

Modified

2026-02-21T10:55:57.123242Z

Summary

Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Details

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6.

Database specific

{
    "severity": "Medium",
    "cpes": [
        "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*"
    ]
}

References

Affected packages

Bitnami / cilium-operator

Package

Name: cilium-operator
Purl: pkg:bitnami/cilium-operator

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

1.18.0

Fixed

1.18.6

Database specific

source

"https://github.com/bitnami/vulndb/tree/main/data/cilium-operator/BIT-cilium-operator-2026-26963.json"