Nginx ingress controller
This hub aggregates every CVE we track for Nginx ingress controller, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
25
CVEs tracked
1
Critical
12
High
1
In CISA KEV
Severity distribution
HIGH12MEDIUM12CRITICAL1
Monthly trend
0
1
0
0
1
0
0
0
5
0
0
0
0
0
0
0
0
1
0
1
1
0
7
1
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Nginx ingress controller.
- CVE-2026-48142NGINX ngx_http_charset_module vulnerability4.8
- CVE-2026-9256NGINX ngx_http_rewrite_module vulnerability8.1
- CVE-2026-40460NGINX ngx_quic_module vulnerability6.5
- CVE-2026-42926NGINX ngx_http_proxy_v2_module vulnerability5.8
- CVE-2026-42934NGINX ngx_http_charset_module vulnerability4.8
- CVE-2026-42946NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability6.5
- CVE-2026-40701NGINX ngx_http_ssl_module vulnerability4.8
- CVE-2026-42945NGINX ngx_http_rewrite_module vulnerability8.1
- CVE-2026-4342ingress-nginx comment-based nginx configuration injection8.8
- CVE-2026-1642NGINX vulnerability5.9
- CVE-2025-14727NGINX Ingress Controller vulnerability8.3
- CVE-2025-24514ingress-nginx controller - configuration injection via unsanitized auth-url annotation8.8
- CVE-2025-24513ingress-nginx controller - auth secret file path traversal vulnerability4.8
- CVE-2025-1098ingress-nginx controller - configuration injection via unsanitized mirror annotations8.8
- CVE-2025-1097ingress-nginx controller - configuration injection via unsanitized auth-tls-match-cn annotation8.8
Product normalization is registry-driven with AI assist and human review. How it works