Github.com/envoyproxy/envoy

This hub aggregates every CVE we track for Github.com/envoyproxy/envoy, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 11 most recently published vulnerabilities affecting Github.com/envoyproxy/envoy.

• CVE-2026-26330Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly5.3Mar 10, 2026
• CVE-2026-26311Envoy HTTP: filter chain execution on reset streams causing UAF crash5.9Mar 10, 2026
• CVE-2026-26310Crash for scoped ip address in Envoy during DNS5.9Mar 10, 2026
• CVE-2026-26309Envoy has an off-by-one write in JsonEscaper::escapeString()5.3Mar 10, 2026
• CVE-2026-26308Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation7.5Mar 10, 2026
• CVE-2025-66220Envoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte5.0Dec 3, 2025
• CVE-2025-64763Envoy forwards early CONNECT data in TCP proxy mode3.7Dec 3, 2025
• CVE-2025-64527Envoy crashes when JWT authentication is configured with the remote JWKS fetching6.5Dec 3, 2025
• CVE-2025-54588Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults7.5Sep 2, 2025
• CVE-2025-30157Envoy crashes when HTTP ext_proc processes local replies6.5Mar 21, 2025
• CVE-2019-9901Envoy 1.9.0 and before does not normalize HTTP URL paths. A remote attacker may craft a relative path, e.g., something/../admin, to bypass access control, e.g., a block on /admin. A backend server ...6.5Apr 25, 2019