IngressNightmare: How New ingress-nginx Vulnerabilities Threaten Kubernetes Clusters

Hexagonal icon with an N inside on a pink gradient background with angular lines. Text: IngressNightmare: Admission Webhook Flaw Leading to Remote Code Execution (CVE-2025-1974).

Kubernetes administrators take note: a critical set of vulnerabilities in the popular ingress-nginx controller—collectively dubbed “IngressNightmare”—could put your entire cluster at risk. In particular, CVE-2025-1974, with a CVSS score of 9.8, allows attackers to take over Kubernetes clusters simply by exploiting the Validating Admission Controller feature. Because ingress-nginx runs in roughly 40% of Kubernetes deployments, […]