GO-2025-3416 — Vulnetix

Try Vulnetix Request Demo

GO-2025-3416 PUBLISHED CVSS 8.699999809265137 HIGH

Cilium has an information leakage via insecure default Hubble UI CORS header in github.com/cilium/cilium

Risk Scores

CVSS v4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
github.com	cilium/cilium	1.14.0, 1.15.0, 1.16.0

Timeline

Jan 28, 2025 CVE Published
Feb 4, 2026 CVE Updated
May 1, 2026 Security Advisory

References

Open in Interactive Console →