Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: envoy Clear
ID Title
CVE-2026-47220 Vulnerability in envoyproxy (CVE-2026-47220)
vulnerability in envoyproxy (CVE-2026-47220). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `1.37.5` or later.
CVE-2026-48090 Use-After-Free in dos (CVE-2026-48090)
vulnerability in dos (CVE-2026-48090). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.37.5` or later.
CVE-2026-47205 Use-After-Free in envoyproxy (CVE-2026-47205)
vulnerability in envoyproxy (CVE-2026-47205). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.36.9` or later.
CVE-2026-48706 Vulnerability in envoyproxy (CVE-2026-48706)
vulnerability in envoyproxy (CVE-2026-48706). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-48743 Vulnerability in envoyproxy (CVE-2026-48743)
vulnerability in envoyproxy (CVE-2026-48743). Data can be tampered with by attackers. Exploitable via `GET /pwn`. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47221 Vulnerability in dos (CVE-2026-47221)
vulnerability in dos (CVE-2026-47221). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47692 Vulnerability in envoyproxy (CVE-2026-47692)
vulnerability in envoyproxy (CVE-2026-47692). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47775 Vulnerability in envoyproxy (CVE-2026-47775)
vulnerability in envoyproxy (CVE-2026-47775). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47778 Vulnerability in c (CVE-2026-47778)
vulnerability in c (CVE-2026-47778). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47204 Vulnerability in envoyproxy (CVE-2026-47204)
vulnerability in envoyproxy (CVE-2026-47204). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47207 Use-After-Free in envoyproxy (CVE-2026-47207)
vulnerability in envoyproxy (CVE-2026-47207). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47774 Vulnerability in dos (CVE-2026-47774)
vulnerability in dos (CVE-2026-47774). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
CVE-2023-44487 KEV [KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →