Kubernetes Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by kubernetes
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Ingress-nginx Configuration Vulnerability in Kubernetes
CVE-2025-1097KubernetesIngress-nginx๐๐พ๐ก๐ฐ8.8HIGHArbitrary Code Execution Vulnerability in Ingress-Nginx by Kubernetes
CVE-2025-1098KubernetesIngress-nginxEPSS 26%8.8HIGHArbitrary Code Execution Vulnerability in nginx Ingress Controller by Kubernetes
CVE-2025-24514KubernetesIngress-nginxEPSS 29%8.8HIGHArbitrary Code Execution Vulnerability in Ingress-Nginx Controller of Kubernetes
CVE-2025-1974KubernetesIngress-nginx๐๐พ๐กEPSS 80%๐ฐ9.8CRITICALArbitrary Command Execution Vulnerability in Kubernetes Kubelet Component
CVE-2024-10220KubernetesKubelet๐พ๐กEPSS 11%๐ฐ8.1HIGHKubernetes kube-controller-manager vulnerability discovered
CVE-2024-0793kubernetes7.7HIGHDefault Credentials Vulnerability in Kubernetes Image Builder by Nutanix
CVE-2024-9594KubernetesImage Builder๐ฐ8.1HIGHDefault Credentials Enabled in Kubernetes Image Builder, Affecting Proxmox Virtual Machine Images
CVE-2024-9486KubernetesImage Builder๐๐พ๐ฐ9.8CRITICALSecurity Issue in Kubernetes Clusters Affecting Admin Privileges
CVE-2023-5528KubernetesKubelet๐พEPSS 12%๐ฐ8.8HIGHKubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation
CVE-2023-3893KubernetesCsi-proxy8.8HIGHKubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
CVE-2022-3172KubernetesKube-apiserver8.2HIGHKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
CVE-2023-3955KubernetesKubelet8.8HIGHKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
CVE-2023-3676KubernetesKubeletEPSS 32%8.8HIGHPermanent Redirect Vulnerability in Nginx Ingress
CVE-2023-5044KubernetesIngress-nginx๐พ๐ก8.8HIGHIngress nginx annotation injection causes arbitrary command execution
CVE-2023-5043KubernetesIngress-nginx๐พ๐ก8.8HIGHPrivilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
CVE-2023-1943KubernetesKops8HIGHrunAsNonRoot logic bypass for Windows containers
CVE-2021-25749KubernetesKubernetes7.8HIGHIngress-nginx `path` sanitization can be bypassed with newline character
CVE-2021-25748KubernetesKubernetes Ingress-nginx7.6HIGH[minikube] ssh server with default password
CVE-2023-1944KubernetesMinikube8.4HIGH[minikube] Network Port exposure in minikube running on macOS using Docker driver
CVE-2023-1174KubernetesMinikube9.8CRITICALKubernetes Dashboard Vulnerability in Minikube by Kubernetes
CVE-2018-1002103KubernetesMinikube8.1HIGHSensitive Information Disclosure in CRI-O Container Engine by Red Hat
CVE-2022-2995KubernetesCri-o7.1HIGHAccessKeyID validation bypass
CVE-2022-2385KubernetesAws-iam-authenticator8.1HIGHResource Exhaustion Vulnerability in CRI-O from Red Hat
CVE-2022-1708KubernetesCri-o7.5HIGHIngress-nginx directive injection via annotations
CVE-2021-25746KubernetesKubernetes Ingress-nginx7.6HIGH