CVE-2026-22771 — Vulnetix

CVE-2026-22771 PUBLISHED

Envoy Extension Policy lua scripts injection causes arbitrary command execution

EPSS 0.00% · 0.2th percentile

Risk Scores

EPSS Score

0.00%

0.2th percentile

Affected Products

Vendor	Product	Versions
Bitnami	envoy-gateway	0, 1.6.0
Bitnami	envoy-gateway	0, 1.6.0, 0

Timeline

Jan 12, 2026 CVE Published
Jan 12, 2026 PoC Published
Jan 12, 2026 PoC Published
Jan 12, 2026 PoC Published
Jan 12, 2026 PoC Published
Jan 13, 2026 EPSS Score
Jan 16, 2026 EPSS Score
Jan 19, 2026 EPSS Score
Jan 22, 2026 EPSS Score
Jan 25, 2026 EPSS Score
Jan 28, 2026 EPSS Score
Jan 31, 2026 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›