CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Kube-Router: >> Kube-Router Security Vulnerabilities

CVE-2026-32254

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds include enabling DenyServiceExternalIPs feature gate, deploying admission policy, restricting service creation RBAC, monitoring service changes, and applying BGP prefix filtering.

CVSS Score

7.1

EPSS Score

0.001

Published

2026-03-18

Page 1

Vulnerabilities

Vulnerable Software

Kube-Router: >> Kube-Router Security Vulnerabilities

Products

Pricing

Contact Us