CyberRota
← Ana sayfaya dön

CVE-2026-52865

MEDIUM · CVSS 6.5

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-15T15:16:44.587 · Çekilme zamanı: 2026-07-15T18:35:52.602300+00:00

CyberRota Yorumu

Uzaktan istismar edilebilir olabilir.

CVE
CVE-2026-52865
Severity
MEDIUM
CVSS
6.5
EPSS
Yok
Nginx

Orijinal NVD Açıklaması

When NGINX Ingress Controller processes Ingress or TransportServer resources, an authenticated, remote attacker with permission to create or modify Ingress or TransportServer resources can cause the NGINX Ingress Controller process to terminate. Impact: The NGINX Ingress Controller control plane process terminates and enters a persistent crash loop while the malformed Ingress or TransportServer resource remains in the cluster. This vulnerability allows a remote, authenticated attacker with at least Ingress or TransportServer resource write access to cause a denial-of-service (DoS) on the NGINX Ingress Controller system. There is no data plane exposure; this is a control plane issue only. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.