CVE-2026-26963 - Vulnerability Details

CVE-2026-26963 - Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00007.

Key SSVC decision points have not yet been added.

Vendors	Products
Cilium Subscribe	Cilium Subscribe

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Cilium Subscribe	Cilium Subscribe

Advisories

Source	ID	Title
Github GHSA	GHSA-5r23-prx4-mqg3	Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/cilium/cilium/commit/88e28e1e62c0b1a02c3f0fc22d888ac9eefbe885
https://github.com/cilium/cilium/pull/42892
https://github.com/cilium/cilium/releases/tag/v1.18.6
https://github.com/cilium/cilium/security/advisories/GHSA-5r23-prx4-mqg3
https://nvd.nist.gov/vuln/detail/CVE-2026-26963
https://www.cve.org/CVERecord?id=CVE-2026-26963

History

Fri, 20 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-266
References		https://nvd.nist.gov/vuln/detail/CVE-2026-26963 https://www.cve.org/CVERecord?id=CVE-2026-26963
Metrics	threat_severity `None`	threat_severity `Moderate`

Fri, 20 Feb 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cilium Cilium cilium
Vendors & Products		Cilium Cilium cilium

Fri, 20 Feb 2026 00:00:00 +0000

Type	Values Removed	Values Added
Description		Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6.
Title		Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled
Weaknesses		CWE-863
References		https://github.com/cilium/cilium/commit/88e28e1e62c0b1a02c3f0fc22d888ac9eefbe885 https://github.com/cilium/cilium/pull/42892 https://github.com/cilium/cilium/releases/tag/v1.18.6 https://github.com/cilium/cilium/security/advisories/GHSA-5r23-prx4-mqg3
Metrics		cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-02-19T23:38:36.110Z

Updated: 2026-02-19T23:38:36.110Z

Reserved: 2026-02-16T22:20:28.612Z

Link: CVE-2026-26963

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-02-20T00:16:16.167

Modified: 2026-02-20T13:49:47.623

Link: CVE-2026-26963

Redhat

Severity : Moderate

Publid Date: 2026-02-19T23:38:36Z

Links: CVE-2026-26963 - Bugzilla

OpenCVE Enrichment

Updated: 2026-02-20T09:53:17Z

Weaknesses

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object