{"api_version":"1","generated_at":"2026-07-16T18:19:06+00:00","cve":"CVE-2026-56742","urls":{"html":"https://cve.report/CVE-2026-56742","api":"https://cve.report/api/cve/CVE-2026-56742.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-56742","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-56742"},"summary":{"title":"Cilium: Namespaced HTTPRoutes can redirect traffic to other namespaces","description":"Cilium is a networking, observability, and security solution. Prior to 1.17.17, 1.18.11, and 1.19.5, Cilium clusters using Gateway API allow users with permissions to create or update namespaced HTTPRoutes to mirror HTTP traffic to any Service in any namespace, bypassing the ReferenceGrant authorization mechanism. Gateway API functionality is disabled by default. This issue is fixed in versions 1.17.17, 1.18.11, and 1.19.5.","state":"PUBLISHED","assigner":"GitHub_M","published_at":"2026-07-15 20:17:51","updated_at":"2026-07-16 14:16:55"},"problem_types":["CWE-862","CWE-862 CWE-862: Missing Authorization"],"metrics":[{"version":"3.1","source":"security-advisories@github.com","type":"Secondary","score":"5.9","severity":"MEDIUM","vector":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"5.9","severity":"MEDIUM","vector":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","data":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"HIGH","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","version":"3.1"}}],"references":[{"url":"https://github.com/cilium/cilium/releases/tag/v1.19.5","name":"https://github.com/cilium/cilium/releases/tag/v1.19.5","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/cilium/cilium/commit/f23929cff682d6ed0dc158070812cb302fc0032b","name":"https://github.com/cilium/cilium/commit/f23929cff682d6ed0dc158070812cb302fc0032b","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/cilium/cilium/commit/7422068aff67ac77c7dcc57aa5b9240c91333deb","name":"https://github.com/cilium/cilium/commit/7422068aff67ac77c7dcc57aa5b9240c91333deb","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/cilium/cilium/commit/e0b1cef513ff910323f3743e9f3e3d86721e4857","name":"https://github.com/cilium/cilium/commit/e0b1cef513ff910323f3743e9f3e3d86721e4857","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/cilium/cilium/releases/tag/v1.17.17","name":"https://github.com/cilium/cilium/releases/tag/v1.17.17","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/cilium/cilium/security/advisories/GHSA-w7c2-w76w-5hmj","name":"https://github.com/cilium/cilium/security/advisories/GHSA-w7c2-w76w-5hmj","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/cilium/cilium/commit/fd47963ea394d5e8fa4a88c40a79063430c512ca","name":"https://github.com/cilium/cilium/commit/fd47963ea394d5e8fa4a88c40a79063430c512ca","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/cilium/cilium/releases/tag/v1.18.11","name":"https://github.com/cilium/cilium/releases/tag/v1.18.11","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-56742","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-56742","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"cilium","product":"cilium","version":"affected < 1.17.17","platforms":[]},{"source":"CNA","vendor":"cilium","product":"cilium","version":"affected >= 1.18.0, < 1.18.11","platforms":[]},{"source":"CNA","vendor":"cilium","product":"cilium","version":"affected >= 1.19.0, < 1.19.5","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-56742","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-07-16T12:56:22.128191Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-07-16T12:57:08.040Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"cilium","vendor":"cilium","versions":[{"status":"affected","version":"< 1.17.17"},{"status":"affected","version":">= 1.18.0, < 1.18.11"},{"status":"affected","version":">= 1.19.0, < 1.19.5"}]}],"descriptions":[{"lang":"en","value":"Cilium is a networking, observability, and security solution. Prior to 1.17.17, 1.18.11, and 1.19.5, Cilium clusters using Gateway API allow users with permissions to create or update namespaced HTTPRoutes to mirror HTTP traffic to any Service in any namespace, bypassing the ReferenceGrant authorization mechanism. Gateway API functionality is disabled by default. This issue is fixed in versions 1.17.17, 1.18.11, and 1.19.5."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"HIGH","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-862","description":"CWE-862: Missing Authorization","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-07-15T19:14:07.617Z","orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M"},"references":[{"name":"https://github.com/cilium/cilium/security/advisories/GHSA-w7c2-w76w-5hmj","tags":["x_refsource_CONFIRM"],"url":"https://github.com/cilium/cilium/security/advisories/GHSA-w7c2-w76w-5hmj"},{"name":"https://github.com/cilium/cilium/commit/7422068aff67ac77c7dcc57aa5b9240c91333deb","tags":["x_refsource_MISC"],"url":"https://github.com/cilium/cilium/commit/7422068aff67ac77c7dcc57aa5b9240c91333deb"},{"name":"https://github.com/cilium/cilium/commit/e0b1cef513ff910323f3743e9f3e3d86721e4857","tags":["x_refsource_MISC"],"url":"https://github.com/cilium/cilium/commit/e0b1cef513ff910323f3743e9f3e3d86721e4857"},{"name":"https://github.com/cilium/cilium/commit/f23929cff682d6ed0dc158070812cb302fc0032b","tags":["x_refsource_MISC"],"url":"https://github.com/cilium/cilium/commit/f23929cff682d6ed0dc158070812cb302fc0032b"},{"name":"https://github.com/cilium/cilium/commit/fd47963ea394d5e8fa4a88c40a79063430c512ca","tags":["x_refsource_MISC"],"url":"https://github.com/cilium/cilium/commit/fd47963ea394d5e8fa4a88c40a79063430c512ca"},{"name":"https://github.com/cilium/cilium/releases/tag/v1.17.17","tags":["x_refsource_MISC"],"url":"https://github.com/cilium/cilium/releases/tag/v1.17.17"},{"name":"https://github.com/cilium/cilium/releases/tag/v1.18.11","tags":["x_refsource_MISC"],"url":"https://github.com/cilium/cilium/releases/tag/v1.18.11"},{"name":"https://github.com/cilium/cilium/releases/tag/v1.19.5","tags":["x_refsource_MISC"],"url":"https://github.com/cilium/cilium/releases/tag/v1.19.5"}],"source":{"advisory":"GHSA-w7c2-w76w-5hmj","discovery":"UNKNOWN"},"title":"Cilium: Namespaced HTTPRoutes can redirect traffic to other namespaces"}},"cveMetadata":{"assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","cveId":"CVE-2026-56742","datePublished":"2026-07-15T19:14:07.617Z","dateReserved":"2026-06-22T19:17:28.959Z","dateUpdated":"2026-07-16T12:57:08.040Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-07-15 20:17:51","lastModifiedDate":"2026-07-16 14:16:55","problem_types":["CWE-862","CWE-862 CWE-862: Missing Authorization"],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.7,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-16T12:56:22.128191Z","id":"CVE-2026-56742","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"56742","Ordinal":"1","Title":"Cilium: Namespaced HTTPRoutes can redirect traffic to other name","CVE":"CVE-2026-56742","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"56742","Ordinal":"1","NoteData":"Cilium is a networking, observability, and security solution. Prior to 1.17.17, 1.18.11, and 1.19.5, Cilium clusters using Gateway API allow users with permissions to create or update namespaced HTTPRoutes to mirror HTTP traffic to any Service in any namespace, bypassing the ReferenceGrant authorization mechanism. Gateway API functionality is disabled by default. This issue is fixed in versions 1.17.17, 1.18.11, and 1.19.5.","Type":"Description","Title":"Cilium: Namespaced HTTPRoutes can redirect traffic to other name"}]}}}