Kubernetes Networking Vulnerability in Cilium from Isovalent
CVE-2026-56743
5.4MEDIUM
What is CVE-2026-56743?
Cilium, a networking, observability, and security solution for Kubernetes, presents a vulnerability in versions 1.19.0 to 1.19.4. In these versions, the use of standard Kubernetes NetworkPolicy specifications with CIDR-based ipBlock rules can lead to a wildcard namespace allow rule when configured with a custom clusterName. This issue arises due to the implementation errors in the parser that incorrectly creates a pod selector for selectorless definitions. Consequently, this flaw permits unauthorized traffic from other workloads in the same namespace, potentially exposing sensitive data and resources. The vulnerability has been addressed in version 1.19.5.
Affected Version(s)
cilium >= 1.19.0, < 1.19.5
