The Kubernetes project has released patches for five vulnerabilities in a widely used popular component called the Ingress NGINX Controller that’s used to route external traffic to Kubernetes services. If exploited, the flaw could allow attackers to completely take over entire clusters.
“Based on our analysis, about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering over 6,500 clusters, including Fortune 500 companies, that publicly expose vulnerable Kubernetes ingress controllers’ admission controllers to the public internet — putting them at immediate critical risk,” wrote researchers from cloud security firm Wiz who found and reported the flaws.
Collectively dubbed IngressNightmare by the Wiz research team, the vulnerabilities are tracked as CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974. They were fixed in versions 1.12.1 and 1.11.5 of Ingress NGINX Controller (Ingress-NGINX) released on Monday.