Kubernetes Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by kubernetes
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Ingress-nginx Configuration Vulnerability in Kubernetes
CVE-2025-1097KubernetesIngress-nginx📈👾🟡📰8.8HIGHArbitrary Code Execution Vulnerability in Ingress-Nginx Controller of Kubernetes
CVE-2025-1974KubernetesIngress-nginx📈👾🟡EPSS 83%📰9.8CRITICALArbitrary Code Execution Vulnerability in Ingress-Nginx by Kubernetes
CVE-2025-1098KubernetesIngress-nginx8.8HIGHArbitrary Code Execution Vulnerability in nginx Ingress Controller by Kubernetes
CVE-2025-24514KubernetesIngress-nginx8.8HIGHArbitrary Command Execution Vulnerability in Kubernetes Kubelet Component
CVE-2024-10220KubernetesKubelet👾🟡EPSS 10%📰8.1HIGHKubernetes kube-controller-manager vulnerability discovered
CVE-2024-0793kubernetes7.7HIGHDefault Credentials Vulnerability in Kubernetes Image Builder by Nutanix
CVE-2024-9594KubernetesImage Builder📰8.1HIGHDefault Credentials Enabled in Kubernetes Image Builder, Affecting Proxmox Virtual Machine Images
CVE-2024-9486KubernetesImage Builder📈👾📰9.8CRITICALSecurity Issue in Kubernetes Clusters Affecting Admin Privileges
CVE-2023-5528KubernetesKubelet👾EPSS 12%📰8.8HIGHKubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation
CVE-2023-3893KubernetesCsi-proxy8.8HIGHKubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
CVE-2022-3172KubernetesKube-apiserver8.2HIGHKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
CVE-2023-3955KubernetesKubelet8.8HIGHKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
CVE-2023-3676KubernetesKubeletEPSS 15%8.8HIGHIngress nginx annotation injection causes arbitrary command execution
CVE-2023-5043KubernetesIngress-nginx👾🟡EPSS 11%8.8HIGHPermanent Redirect Vulnerability in Nginx Ingress
CVE-2023-5044KubernetesIngress-nginx👾🟡EPSS 22%8.8HIGHPrivilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
CVE-2023-1943KubernetesKops8HIGHIngress-nginx `path` sanitization can be bypassed with newline character
CVE-2021-25748KubernetesKubernetes Ingress-nginx7.6HIGH[minikube] ssh server with default password
CVE-2023-1944KubernetesMinikube8.4HIGH[minikube] Network Port exposure in minikube running on macOS using Docker driver
CVE-2023-1174KubernetesMinikube9.8CRITICALrunAsNonRoot logic bypass for Windows containers
CVE-2021-25749KubernetesKubernetes7.8HIGHKubernetes Dashboard Vulnerability in Minikube by Kubernetes
CVE-2018-1002103KubernetesMinikube8.1HIGHSensitive Information Disclosure in CRI-O Container Engine by Red Hat
CVE-2022-2995KubernetesCri-o7.1HIGHAccessKeyID validation bypass
CVE-2022-2385KubernetesAws-iam-authenticator8.1HIGHResource Exhaustion Vulnerability in CRI-O from Red Hat
CVE-2022-1708KubernetesCri-o7.5HIGHIngress-nginx directive injection via annotations
CVE-2021-25746KubernetesKubernetes Ingress-nginx7.6HIGH