CVE-2026-53935 is a medium-severity vulnerability in Cilium, a networking, observability, and security solution. The issue allows users with the ability to create CiliumLocalRedirectPolicies to specify arbitrary ClusterIPs, enabling traffic hijacking to Services in any namespace and bypassing namespace scoping. This affects Cilium versions prior to 1.17.16, 1.18.9, and 1.19.3. The vulnerability is fixed i [truncated]
Cilium's diagnostic utility, cilium-bugtool, inadvertently captures sensitive cryptographic material when WireGuard encryption is active. The tool is designed to collect system state for troubleshooting, but prior to the patched versions, it failed to redact WireGuard private keys from its output. Because bugtool archives are frequently shared with vendors or posted to public issue trackers, this creates [truncated]