是的，你没看错，这个十亿级流量入口、深受用户欢迎、无数生产集群依赖的组件，多年来维护者仅有 1-2 位，他们得利用业余时间、晚间和周末抽空修Bug，与此同时项目复杂度与安全要求却不断上升。

In addition to CVE-2026-24512, the other new vulnerabilities are CVE-2026-24513, considered by Meghu a low risk since an attacker needs to have a config containing specific errors to exploit, and ...

The decision was ultimately made by the Kubernetes SRC to retire the tool in light of a cluster of remote code execution (RCE) vulnerabilities discovered last year, as evolving expectations for ...

How many K8s systems are sat on the internet front porch like that ... Oh, thousands, apparently Cloudy infosec outfit Wiz has discovered serious vulnerabilities in the admission controller component ...

Opinion There were lots of announcements about Kubernetes at KubeCon North America in Atlanta. I should know, I was there from beginning to end. But the biggest Kubernetes story of all didn't get much ...

Kubernetes customers using the popular Ingress NGINX Controller have been urged to patch four newly discovered remote code execution (RCE) flaws assigned a CVSS score of 9.8. Dubbed “IngressNightmare” ...

This week, researchers from Wiz Research released a series of vulnerabilities in the Kubernetes Ingress NGINX Controller that, when chained together, allow an unauthorized attacker to completely take ...