github.com/cilium/cilium vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-41520Highgithub.com/cilium/cilium: Cillium exposes sensitive information included in the cilium-bugtool debug archiveCVE-2026-33726Mediumgithub.com/cilium/cilium: Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node trafficCVE-2026-26963Mediumgithub.com/cilium/cilium: Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption…CVE-2025-64715Mediumgithub.com/cilium/cilium: Cilium with misconfigured toGroups in policies can lead to unrestricted egress trafficCVE-2025-32793Mediumgithub.com/cilium/cilium: In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clustersCVE-2025-30163Lowgithub.com/cilium/cilium: Cilium node based network policies may incorrectly allow workload trafficCVE-2025-30162Lowgithub.com/cilium/cilium: Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load…CVE-2025-23047Mediumgithub.com/cilium/cilium: Cilium has an information leakage via insecure default Hubble UI CORS headerCVE-2025-23028Mediumgithub.com/cilium/cilium: DoS in Cilium agent DNS proxy from crafted DNS responsesCVE-2024-52529Mediumgithub.com/cilium/cilium: Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port rangesCVE-2024-47825Mediumgithub.com/cilium/cilium: Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is presentCVE-2024-42486Mediumgithub.com/cilium/cilium: Cilium leaks information via incorrect ReferenceGrant update logic in Gateway APICVE-2024-42487Mediumgithub.com/cilium/cilium: Gateway API route matching order contradicts specificationCVE-2024-42488Mediumgithub.com/cilium/cilium: Policy bypass for Host Firewall policy due to race condition in Cilium agentCVE-2024-37307Highgithub.com/cilium/cilium: Cilium leaks sensitive information in cilium-bugtoolCVE-2024-28860Highgithub.com/cilium/cilium: Cilium has insecure IPsec transport encryptionCVE-2024-28250Mediumgithub.com/cilium/cilium: Unencrypted traffic between nodes when using WireGuard and L7 policiesCVE-2024-28249Mediumgithub.com/cilium/cilium: Unencrypted traffic between nodes when using IPsec and L7 policiesCVE-2024-28248Highgithub.com/cilium/cilium: Intermittent HTTP policy bypassCVE-2024-25631Mediumgithub.com/cilium/cilium: Unencrypted traffic between pods when using Wireguard and an external kvstoreCVE-2024-25630Mediumgithub.com/cilium/cilium: Unencrypted ingress/health traffic when using Wireguard transparent encryptionCVE-2023-41333Mediumgithub.com/cilium/cilium: Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy CVE-2023-41332Lowgithub.com/cilium/cilium: Specific Cilium configurations vulnerable to DoS via Kubernetes annotationsCVE-2023-39347Mediumgithub.com/cilium/cilium: Kubernetes users may update Pod labels to bypass network policyCVE-2023-34242Lowgithub.com/cilium/cilium: Cilium vulnerable to information leakage via incorrect ReferenceGrant handling

Stop the waste.
Protect your environment with Kodem.