Known Vulnerabilities for products from Kubernetes
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Kubernetes".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-53474 json | Not Provided | 2026-06-10 | 2026-06-10 | |
| CVE-2026-50570 json | Not Provided | 2026-06-10 | 2026-06-10 | |
| CVE-2026-50569 json | Not Provided | 2026-06-10 | 2026-06-10 | |
| CVE-2026-50568 json | Not Provided | 2026-06-10 | 2026-06-10 | |
| CVE-2026-50567 json | Not Provided | 2026-06-10 | 2026-06-10 | |
| CVE-2026-50566 json | Not Provided | 2026-06-10 | 2026-06-12 | |
| CVE-2026-50565 json | Not Provided | 2026-06-10 | 2026-06-10 | |
| CVE-2026-50564 json | Not Provided | 2026-06-10 | 2026-06-10 | |
| CVE-2026-50563 json | Not Provided | 2026-06-10 | 2026-06-10 | |
| CVE-2026-50545 json | Not Provided | 2026-06-10 | 2026-06-10 | |
| CVE-2026-33519 json | An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernete... | Not Provided | 2026-04-21 | 2026-05-18 |
| CVE-2026-4342 json | A security issue was discovered in ingress-nginx where a combination of Ingress annotations can be used to inject configurati... | Not Provided | 2026-03-19 | 2026-05-19 |
| CVE-2026-3288 json | A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/rewrite-target` Ingress annotation ca... | Not Provided | 2026-03-09 | 2026-05-06 |
| CVE-2023-5528 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-14 | 2023-11-30 |
| CVE-2023-5044 json | Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation. | 8.8 - HIGH | 2023-10-25 | 2023-11-02 |
| CVE-2023-5043 json | Ingress nginx annotation injection causes arbitrary command execution. | 8.8 - HIGH | 2023-10-25 | 2023-11-02 |
| CVE-2023-3955 json | A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to ... | 8.8 - HIGH | 2023-10-31 | 2023-11-08 |
| CVE-2023-3893 json | A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-prox... | 8.8 - HIGH | 2023-11-03 | 2023-11-14 |
| CVE-2023-3676 json | A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to ... | 8.8 - HIGH | 2023-10-31 | 2023-11-30 |
| CVE-2023-2878 json | Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs. | 5.5 - MEDIUM | 2023-06-07 | 2023-10-02 |
Known software with vulnerabilities from Kubernetes
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Kubernetes | Container Storage Interface Snapshotter | 0.4.0 |
| Application | Kubernetes | Cri-o | 0.0.0 |
| Application | Kubernetes | External-provisioner | 0.2.0 |
| Application | Kubernetes | External-resizer | 0.1.0 |
| Application | Kubernetes | External-snapshotter | 0.4.0 |
| Application | Kubernetes | Ingress-nginx | - |
| Application | Kubernetes | Java | - |
| Application | Kubernetes | Kube-state-metrics | 0.1.0 |
| Application | Kubernetes | Kubernetes | 0.10.0 |
| Application | Kubernetes | Minikube | 0.1.0 |
| Application | Kubernetes | Nginx Ingress Controller | 0.10.0 |
| Application | Kubernetes | Secrets Store Csi Driver | 0.0.1 |