{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33726", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-23T17:34:57.559Z", "datePublished": "2026-03-27T00:23:21.795Z", "dateUpdated": "2026-03-27T13:50:24.672Z"}, "containers": {"cna": {"title": "Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic", "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-863", "lang": "en", "description": "CWE-863: Incorrect Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/cilium/cilium/security/advisories/GHSA-hxv8-4j4r-cqgv", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/cilium/cilium/security/advisories/GHSA-hxv8-4j4r-cqgv"}, {"name": "https://github.com/cilium/cilium/pull/44693", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/pull/44693"}, {"name": "https://docs.cilium.io/en/stable/network/concepts/routing/#routing", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/network/concepts/routing/#routing"}, {"name": "https://docs.cilium.io/en/stable/network/kubernetes/policy/#network-policy", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/network/kubernetes/policy/#network-policy"}, {"name": "https://docs.cilium.io/en/stable/network/servicemesh/l7-traffic-management", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/network/servicemesh/l7-traffic-management"}, {"name": "https://docs.cilium.io/en/stable/operations/performance/tuning/#ebpf-host-routing", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/operations/performance/tuning/#ebpf-host-routing"}], "affected": [{"vendor": "cilium", "product": "cilium", "versions": [{"version": "< 1.17.14", "status": "affected"}, {"version": ">= 1.18.0, < 1.18.8", "status": "affected"}, {"version": ">= 1.19.0, < 1.19.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-27T00:23:21.795Z"}, "descriptions": [{"lang": "en", "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pods to L7 Services (Envoy, GAMMA) with a local backend on the same node, when Per-Endpoint Routing is enabled and BPF Host Routing is disabled. Per-Endpoint Routing is disabled by default, but is automatically enabled in deployments using cloud IPAM, including Cilium ENI on EKS (`eni.enabled`), AlibabaCloud ENI (`alibabacloud.enabled`), Azure IPAM (`azure.enabled`, but not AKS BYOCNI), and some GKE deployments (`gke.enabled`; managed offerings such as GKE Dataplane V2 may use different defaults). It is typically not enabled in tunneled deployments, and chaining deployments are not affected. In practice, Amazon EKS with Cilium ENI mode is likely the most common affected environment. Versions 1.17.14, 1.18.8, and 1.19.2 contain a patch. There is currently no officially verified or comprehensive workaround for this issue. The only option would be to disable per-endpoint routes, but this will likely cause disruptions to ongoing connections, and potential conflicts if running in cloud providers."}], "source": {"advisory": "GHSA-hxv8-4j4r-cqgv", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T13:24:20.808024Z", "id": "CVE-2026-33726", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T13:50:24.672Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33726", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-23T17:34:57.559Z", "datePublished": "2026-03-27T00:23:21.795Z", "dateUpdated": "2026-03-27T13:50:24.672Z"}, "containers": {"cna": {"title": "Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic", "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-863", "lang": "en", "description": "CWE-863: Incorrect Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/cilium/cilium/security/advisories/GHSA-hxv8-4j4r-cqgv", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/cilium/cilium/security/advisories/GHSA-hxv8-4j4r-cqgv"}, {"name": "https://github.com/cilium/cilium/pull/44693", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/pull/44693"}, {"name": "https://docs.cilium.io/en/stable/network/concepts/routing/#routing", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/network/concepts/routing/#routing"}, {"name": "https://docs.cilium.io/en/stable/network/kubernetes/policy/#network-policy", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/network/kubernetes/policy/#network-policy"}, {"name": "https://docs.cilium.io/en/stable/network/servicemesh/l7-traffic-management", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/network/servicemesh/l7-traffic-management"}, {"name": "https://docs.cilium.io/en/stable/operations/performance/tuning/#ebpf-host-routing", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/operations/performance/tuning/#ebpf-host-routing"}], "affected": [{"vendor": "cilium", "product": "cilium", "versions": [{"version": "< 1.17.14", "status": "affected"}, {"version": ">= 1.18.0, < 1.18.8", "status": "affected"}, {"version": ">= 1.19.0, < 1.19.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-27T00:23:21.795Z"}, "descriptions": [{"lang": "en", "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pods to L7 Services (Envoy, GAMMA) with a local backend on the same node, when Per-Endpoint Routing is enabled and BPF Host Routing is disabled. Per-Endpoint Routing is disabled by default, but is automatically enabled in deployments using cloud IPAM, including Cilium ENI on EKS (`eni.enabled`), AlibabaCloud ENI (`alibabacloud.enabled`), Azure IPAM (`azure.enabled`, but not AKS BYOCNI), and some GKE deployments (`gke.enabled`; managed offerings such as GKE Dataplane V2 may use different defaults). It is typically not enabled in tunneled deployments, and chaining deployments are not affected. In practice, Amazon EKS with Cilium ENI mode is likely the most common affected environment. Versions 1.17.14, 1.18.8, and 1.19.2 contain a patch. There is currently no officially verified or comprehensive workaround for this issue. The only option would be to disable per-endpoint routes, but this will likely cause disruptions to ongoing connections, and potential conflicts if running in cloud providers."}], "source": {"advisory": "GHSA-hxv8-4j4r-cqgv", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33726", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-27T13:24:20.808024Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T13:24:24.487Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pods to L7 Services (Envoy, GAMMA) with a local backend on the same node, when Per-Endpoint Routing is enabled and BPF Host Routing is disabled. Per-Endpoint Routing is disabled by default, but is automatically enabled in deployments using cloud IPAM, including Cilium ENI on EKS (`eni.enabled`), AlibabaCloud ENI (`alibabacloud.enabled`), Azure IPAM (`azure.enabled`, but not AKS BYOCNI), and some GKE deployments (`gke.enabled`; managed offerings such as GKE Dataplane V2 may use different defaults). It is typically not enabled in tunneled deployments, and chaining deployments are not affected. In practice, Amazon EKS with Cilium ENI mode is likely the most common affected environment. Versions 1.17.14, 1.18.8, and 1.19.2 contain a patch. There is currently no officially verified or comprehensive workaround for this issue. The only option would be to disable per-endpoint routes, but this will likely cause disruptions to ongoing connections, and potential conflicts if running in cloud providers."}], "id": "CVE-2026-33726", "lastModified": "2026-03-27T01:16:20.007", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-27T01:16:20.007", "references": [{"source": "security-advisories@github.com", "url": "https://docs.cilium.io/en/stable/network/concepts/routing/#routing"}, {"source": "security-advisories@github.com", "url": "https://docs.cilium.io/en/stable/network/kubernetes/policy/#network-policy"}, {"source": "security-advisories@github.com", "url": "https://docs.cilium.io/en/stable/network/servicemesh/l7-traffic-management"}, {"source": "security-advisories@github.com", "url": "https://docs.cilium.io/en/stable/operations/performance/tuning/#ebpf-host-routing"}, {"source": "security-advisories@github.com", "url": "https://github.com/cilium/cilium/pull/44693"}, {"source": "security-advisories@github.com", "url": "https://github.com/cilium/cilium/security/advisories/GHSA-hxv8-4j4r-cqgv"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-863"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.17.14)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.18.0,1.18.8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.19.0,1.19.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "cilium", "source": "cna", "vendor": "cilium"}, "product": "cilium", "vendor": "cilium"}], "analysis": {"en": {"generated_at": "2026-03-27T06:24:54.962453+00:00", "value": {"mitigation_remediation": ["Upgrade Cilium to version 1.17.14, 1.18.8, or 1.19.2 or later to apply the official patch.", "If upgrade is not immediately possible, disable Per\u2011Endpoint Routing to prevent the policy bypass, noting potential connection disruptions.", "Verify that BPF Host Routing is enabled when Per\u2011Endpoint Routing is required and monitor NetworkPolicy enforcement for L7 services."], "summary": {"action": "Patch", "impact": "Network Policy Bypass"}, "threat_synthesis": {"affected_systems": "Affected deployments involve the open\u2011source Cilium networking solution prior to version 1.17.14, 1.18.8, or 1.19.2. The issue manifests when cloud IPAM configurations such as the Cilium ENI mode on Amazon EKS, AlibabaCloud ENI, Azure IPAM (excluding AKS BYOCNI), or various GKE deployments enable per\u2011endpoint routing. The most common affected environment is Amazon EKS when Cilium ENI mode is used, but any Kubernetes cluster that automatically enables per\u2011endpoint routing while disabling BPF Host Routing can be vulnerable.", "description_and_impact": "The vulnerability arises when Cilium\u2019s L7 proxy allows traffic between pods and local L7 services on the same node to bypass Kubernetes NetworkPolicy enforcement under certain configuration conditions. With per\u2011endpoint routing enabled and BPF Host Routing disabled, traffic that should be filtered by Ingress NetworkPolicies is instead routed directly to the service backend. Attackers can exploit this by creating or compromising pods to send traffic that bypasses policy restrictions, potentially exposing workloads to unauthorized data flows or disrupting communication integrity. The weakness corresponds to improper access control (CWE\u2011284).", "risk_and_exploitability": "The CVSS score is 5.4, indicating a moderate risk, and there is no EPSS data available; the vulnerability is not currently listed in CISA\u2019s KEV catalog. Exploitation requires that per\u2011endpoint routing be active and BPF Host Routing be turned off\u2014conditions that are often true for cloud\u2011provider deployments that auto\u2011enable per\u2011endpoint routing. Because no official workaround has been verified, the primary mitigation is to upgrade to a patched release or, if upgrading is not immediately possible, to disable per\u2011endpoint routing, acknowledging that this may interfere with existing connections on some cloud platforms."}}}}, "created": "2026-03-27T08:31:12.526838+00:00", "updated": "2026-03-27T09:22:34.802102+00:00", "vendors": ["cilium", "cilium$PRODUCT$cilium"]}