Tag

#kubernetes

3 posts tagged #kubernetes.

Analysis · May 28, 2026 · Colten Anderson

Ingress-nginx got archived in March. The first critical CVE arrived in May.

The Kubernetes community archived ingress-nginx seven weeks before an 18-year-old heap overflow dropped in the NGINX core it ships. The fix path is now a migration project, not a patch.
Analysis · May 11, 2026 · Colten Anderson

Kubernetes 1.36 is the upgrade that quietly rewrites your RBAC

The headline features in 1.36 are user namespaces and SELinux. The thing that will actually bite you on Monday is a single locked-on feature gate that turns every nodes/proxy grant in your cluster into an audit finding.
Analysis · May 3, 2026 · Colten Anderson

Copy Fail is a 732-byte root shell. Patch your Linux fleet this week.

CVE-2026-31431 is a deterministic privilege escalation in the Linux kernel affecting versions 4.14 through 6.19. A Python script gives any local user root. Every major distro is affected, containers don't help, and the mitigation is trivial.