CVE-2026-33726
Received Received - Intake
Ingress Network Policy Bypass in Cilium Per-Endpoint Routing

Publication date: 2026-03-27

Last updated on: 2026-04-01

Assigner: GitHub, Inc.

Description
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pods to L7 Services (Envoy, GAMMA) with a local backend on the same node, when Per-Endpoint Routing is enabled and BPF Host Routing is disabled. Per-Endpoint Routing is disabled by default, but is automatically enabled in deployments using cloud IPAM, including Cilium ENI on EKS (`eni.enabled`), AlibabaCloud ENI (`alibabacloud.enabled`), Azure IPAM (`azure.enabled`, but not AKS BYOCNI), and some GKE deployments (`gke.enabled`; managed offerings such as GKE Dataplane V2 may use different defaults). It is typically not enabled in tunneled deployments, and chaining deployments are not affected. In practice, Amazon EKS with Cilium ENI mode is likely the most common affected environment. Versions 1.17.14, 1.18.8, and 1.19.2 contain a patch. There is currently no officially verified or comprehensive workaround for this issue. The only option would be to disable per-endpoint routes, but this will likely cause disruptions to ongoing connections, and potential conflicts if running in cloud providers.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-27
Last Modified
2026-04-01
Generated
2026-05-07
AI Q&A
2026-03-27
EPSS Evaluated
2026-05-05
NVD
CVE-2026-33726
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
cilium cilium to 1.17.14 (exc)
cilium cilium From 1.18.0 (inc) to 1.18.8 (exc)
cilium cilium From 1.19.0 (inc) to 1.19.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-33726 is a vulnerability in Cilium's networking solution where ingress Network Policies are not enforced for traffic from pods to Layer 7 (L7) services with a local backend on the same node. This happens when Per-Endpoint Routing is enabled and BPF Host Routing is disabled. Per-Endpoint Routing is disabled by default but is automatically enabled in many cloud IPAM deployments such as Amazon EKS with Cilium ENI, AlibabaCloud ENI, Azure IPAM, and some GKE deployments.

The issue allows traffic to bypass Kubernetes NetworkPolicy enforcement for same-node traffic destined to L7 services like Envoy or GAMMA, effectively allowing unauthorized communication that should have been blocked by ingress policies.

The root cause is that when Per-Endpoint Routing is enabled, packets destined for local backend pods are handled directly in a code path that skips ingress policy enforcement. The fix involves recirculating packets to ensure ingress policies are applied correctly.

This vulnerability affects Cilium versions prior to 1.17.14, versions 1.18.0 through 1.18.7, and versions 1.19.0 through 1.19.1. Fixed versions include 1.17.14, 1.18.8, and 1.19.2.


How can this vulnerability impact me? :

This vulnerability can impact you by allowing traffic from pods to L7 services on the same node to bypass ingress Network Policies that are intended to restrict or control network communication.

As a result, unauthorized or unintended traffic may reach services that should have been protected, potentially leading to information disclosure or integrity issues within your Kubernetes cluster.

The vulnerability has a moderate severity with a CVSS v3.1 base score of 5.4, indicating that it requires network adjacency and low privileges but can change the scope of affected resources and impact confidentiality and integrity.

There is no comprehensive or officially verified workaround; disabling Per-Endpoint Routing may mitigate the issue but can cause disruptions and conflicts in cloud provider environments.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability can be mitigated by upgrading Cilium to one of the patched versions: 1.17.14, 1.18.8, or 1.19.2.

There is currently no officially verified or comprehensive workaround.

Disabling Per-Endpoint Routing is a potential mitigation step, but it may cause disruptions to ongoing connections and conflicts in cloud provider environments.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

CVE-2026-33726 allows bypassing Kubernetes NetworkPolicy enforcement for traffic from pods to Layer 7 services with a local backend on the same node under certain routing configurations. This bypass can lead to unauthorized network traffic flows that are not properly restricted by ingress policies.

Such a vulnerability could impact compliance with common security standards and regulations like GDPR and HIPAA, which require strict controls on data access and network security to protect sensitive information. The inability to enforce network policies as intended may increase the risk of unauthorized data access or leakage.

However, the provided information does not explicitly discuss compliance implications or specific regulatory impacts.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart