CVE-2026-33376

Daily digests

If you use IPv6 addresses in your Auth Proxy allow-list without specifying a subnet mask, the system defaults to /32 instead of /128. That means your allow-list is effectively meaningless for IPv6, since /32 covers an enormous range and lets unauthorized sources through. Only the Auth Proxy feature is affected. Okta, SAML, LDAP, and other auth methods are fine.

• Daily Digest · May 14, 2026

  OpenTelemetry Azure auth bypass + SOGo SQL injection