CVE-2026-24514
Denial of Service in ingress-nginx Validating Admission Controller
Publication date: 2026-02-03
Last updated on: 2026-02-03
Assigner: Kubernetes
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ingress-nginx | ingress-nginx | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in ingress-nginx's validating admission controller feature. An attacker can exploit it by sending large requests to the validating admission controller, which causes excessive memory consumption.
As a result, the ingress-nginx controller pod may be killed or the node running it may run out of memory, leading to a denial of service condition.
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service condition. Specifically, it can cause the ingress-nginx controller pod to be terminated or cause the node to run out of memory.
This can disrupt the availability of services relying on ingress-nginx, potentially causing downtime or degraded performance.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know