CVE-2026-41520

EUVD-2026-28845
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been patched in versions 1.17.15, 1.18.9, and 1.19.3.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
GitHub_MCNA
7.9 HIGH
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
ciliumcilium
𝑥
< 1.17.15
CNA
Common Weakness Enumeration
References
https://github.com/cilium/cilium/releases/tag/v1.17.15
https://github.com/cilium/cilium/releases/tag/v1.18.9
https://github.com/cilium/cilium/releases/tag/v1.19.3
https://github.com/cilium/cilium/security/advisories/GHSA-gj49-89wh-h4gj