Description

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds include enabling DenyServiceExternalIPs feature gate, deploying admission policy, restricting service creation RBAC, monitoring service changes, and applying BGP prefix filtering.

INFO

Published Date :

2026-03-18T03:14:39.392Z

Last Modified :

2026-03-18T13:35:56.647Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-32254 vulnerability.

Vendors Products
Cloudnativelabs
  • Kube-router
Kube-router
  • Kube-router
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-32254.

URL Resource
https://github.com/cloudnativelabs/kube-router/commit/a1f0b2eea3ee0f66b9a5b5c49dcb714619ccd456 cve-icon cve-icon
https://github.com/cloudnativelabs/kube-router/releases/tag/v2.8.0 cve-icon cve-icon
https://github.com/cloudnativelabs/kube-router/security/advisories/GHSA-phqm-jgc3-qf8g cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact