Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been patched in versions 1.17.15, 1.18.9, and 1.19.3.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Cilium |
|
No data.
No data.
References
History
Fri, 08 May 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Cilium
Cilium cilium |
|
| Vendors & Products |
Cilium
Cilium cilium |
Fri, 08 May 2026 22:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been patched in versions 1.17.15, 1.18.9, and 1.19.3. | |
| Title | Cillium exposes sensitive information included in the cilium-bugtool debug archive | |
| Weaknesses | CWE-200 CWE-312 |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-05-08T22:01:08.394Z
Reserved: 2026-04-20T18:18:50.682Z
Link: CVE-2026-41520
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-05-08T23:16:35.597
Modified: 2026-05-08T23:16:35.597
Link: CVE-2026-41520
Redhat
No data.