CVE-2025-1974

CVE-2025-1974: The IngressNightmare in Kubernetes - https://t.co/dKwYpryFPv https://t.co/rcRllIHFc6 #k8s #kubernetes #containers #docker #devops

CVE-2025-1974 hits Ingress-NGINX. Time to patch and audit annotations. Secure your clusters now. https://t.co/xpVE6jaubH #Kubernetes #CVE

Experts are calling it 'IngressNightmare' for a reason. ⚠️ Researchers discovered "IngressNightmare" (including CVE-2025-1974) in Ingress-NGINX, potentially allowing attackers to gain full control of your systems. This blog from FG Labs breaks down the vulnerabilities, shows

CVE-2025-1974: A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx. https://t.co/iWGlp4i5vz https://t.co/Po9anPcGui

Critical vulnerabilities in Kubernetes Ingress-NGINX, known as IngressNightmare, expose users to remote code execution (CVE-2025-1974) via unauthenticated requests. Urgent remediation needed! 🔒 #Kubernetes #IngressNGINX #USA link: https://t.co/Ax3CX573w9 https://t.co/qEAWzQcP

Recently, the cloud security platform Wiz Research disclosed five security vulnerabilities in Ingress Nginx, specifically CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974. These are unauthenticated remote code execution vulnerabilities in the Kubernetes Ingress htt

Recently, the cloud security platform Wiz Research disclosed five security vulnerabilities in Ingress Nginx, specifically CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974. These are unauthenticated remote code execution vulnerabilities in the Kubernetes Ingress htt

IngressNightmare: CVE-2025-1974 - 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX Over 40% of cloud environments are vulnerable to RCE, likely leading to a complete cluster takeover. https://t.co/Q4ldpLvQ29 #Kubernetes #CloudNative

In Nuclei-Templates, we don’t just add CVEs — we continuously update them to reduce false negatives and introduce regular enhancements 🛠️ Recently, we added IngressNightmare (CVE-2025-1974). Today, we’ve updated it and expanded coverage by adding the following related https://t

🚨 Alerta de Seguridad: CVE-2025-1974 🚨 Ejecución Remota de Código en Ingress NGINX para Kubernetes Se ha identificado una vulnerabilidad en Ingress NGINX para Kubernetes que permite a un atacante no autenticado ejecutar código en el controlador ingress-nginx. https://t.co/rRv

🚨 Critical Alert: "IngressNightmare" Vulnerabilities in NGINX for Kubernetes—CVSS 9.8 Threat Demands Immediate Action Why This Matters: A CVSS 9.8 Threat in NGINX The CVSS score of 9.8 for CVE-2025-1974 isn’t just a number—it’s a red flag. This score indicates a near-perfect

Actively exploited CVE : CVE-2025-1974

Actively exploited CVE : CVE-2025-1974

Actively exploited CVE : CVE-2025-1974

💥 FLASH NOTICE 💥 CVE-2025-1974 is a critical vulnerability in the #Kubernetes Ingress NGINX Controller that permits unauthenticated #RCE. With a CVSS score of 9.8, users are advised to patch ASAP. More details & mitigation info can be found here: https://t.co/xMJfnCVeiW ht

CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/QeoxJBRLwf https://t.co/wwtWqOL4AR

Kubernetes Ingress-nginx远程代码执行漏洞(CVE-2025-1974)Ingress-nginx是Kubernetes项目提供的开源Ingress控制器，基于nginx实现，用于管理Kubernetes集群中的网络流量，功能强大、易于使用且初步强。绿盟科技已成功修复此漏洞 https://t.co/cIApTSG2p8

🚨 IngressNightmare: Critical Kubernetes Flaws! 🚨 Severe RCE vulnerabilities found in Ingress NGINX Controller! 🚑 CVE-2025-1974 CVSS 9.8 lets unauth attackers execute arbitrary code via the pod network. 🛑 Patch now: versions 1.12.1, 1.11.5, 1.10.7.

Actively exploited CVE : CVE-2025-1974

CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/9Lid64NsNm https://t.co/a9RJUkGLNZ

🚨 New CVE: CVE-2025-1974 Name: Ingress-Nginx Controller - Unauthenticated Remote Code Execution Severity: CRITICAL Desc: A security issue was discovered in ingress-nginx w... 🔍 https://t.co/8uNwWej9ko #NucleiTemplates #CVE

🚨 #Kubernetes presenta una vulnerabilidad crítica (CVE-2025-1974) en el Ingress NGINX Controller, permitiendo a atacantes no autenticados ejecutar código malicioso sin credenciales. Se recomienda actualizar a las versiones v1.11.5 o v1.12.1. Mantente alerta y aplica parches. htt

After my last post analyzing the NGINX #IngressNightmare vulnerability, I’m excited to share a new addition to my Kubernetes Security: Advanced Exploitation series! Inspired by the excellent research from the Wiz team on CVE-2025-1974, I’ve created a hands-on lab that walks you

CVE-2025-1974: Vuln in Kubernetes Ingress Controller, 9.8 rating 🔥 In some cases, an unauth attacker may be able to RCE in the context of the ingress-nginx controller. https://t.co/l83QLMTcfL

🚨 IngressNightmare (CVE-2025-1974) hits Kubernetes clusters hard—unauth RCE via Ingress-NGINX. • Affects 40%+ cloud envs • Bypass via auth annotations & UID injection • Cluster secrets exposed Read the blog: https://t.co/bjfKFs9dl8 #Kubernetes #NGINX #IngressController ht

Actively exploited CVE : CVE-2025-1974

Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/UyZeLktPnH

📢 La récente vulnérabilité CVE-2025-1974, découverte dans #Kubernetes, permet à un attaquant non authentifié d'exécuter du code arbitraire dans le contexte du contrôleur ingress-nginx. Cela peut entraîner la divulgation des secrets du cluster. https://t.co/IwmyYbMdnk 🔐 https

Actively exploited CVE : CVE-2025-1974

Wiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. https://t.co/DKk60FqzHY

🚨PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) https://t.co/DifyO9PFuI https://t.co/1wwKpK8hcj

Kubernetes Ingress-nginx リモートコード実行の脆弱性 (CVE-2025-1974) Kubernetes Ingress-nginx Remote Code Execution Vulnerability (CVE-2025-1974) #SecurityBoulevard (Mar 27) https://t.co/IHSnqimCmW

🚨 Major Kubernetes Vulnerability! Remote Code Execution - Kubernetes ingress-nginx (CVE-2025-1974). Remote attackers can steal cluster-wide secrets. Public exploits available! #Kubernetes #IngressNightmare ➡️ https://t.co/fRZvkhPDD0 https://t.co/XqSmz5tACj

For the last few days we are also scanning & reporting out exposed Ingress NGINX Controller for Kubernetes (Admission Controller feature). These may possibly be also vulnerable to CVE-2025-1974 & other recently disclosed vulnerabilities. We see around 4000 IPs exposed. h

IngressNightmare PoC available (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) https://t.co/tWWdrj0eLw

Hay @grok Is IngressNightmare CVE Number CVE-2025-1974, impacting private kubernetes cluster? #Vulnerabilities #ITSecurity #kubernetes

🚨 Critical #Kubernetes security alert! CVE-2025-1974 & 4 other "IngressNightmare" flaws in Ingress NGINX could lead to unauth RCE. Patch now! 🛡️ #CyberSecurity 🔗 Read more: https://t.co/xhrQvnIEBY https://t.co/xhrQvnIEBY

NIST サイトの CVE-2025-1974 のリンクがおかしい (https:// がダブってる) ので、誰か教えてあげてください https://t.co/Ki0rcSXGSg https://t.co/ZpMNWC8d5O

[CVE-2025-2787: HIGH] KNIME Business Hub faces Ingress-nginx CVE-2025-1974 vulnerability. Update to versions 1.13.3 or above to mitigate risks of cluster takeover by IngressNightmare.#cybersecurity,#vulnerability https://t.co/aiVPw97daD https://t.co/PUX6YMibbD

🚨 Critical Kubernetes RCE – CVE-2025-1974 Threat actors are actively exploiting a flaw in Ingress-NGINX, enabling cluster wide compromise. CyberSib is tracking the attacks and helping organizations secure their Kubernetes environments. #CyberSib #CVE20251974 #cybersecuritytips

Ingress-nginx CVE-2025-1974: What You Need to Know Read more: https://t.co/A44CodbJ6Z

Our team has just successfully reproduced the IngressNightmare vulnerability (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) and created a custom exploit achieving RCE. It's a Pre-Auth RCE affecting Ingress NGINX that allows complete cluster takeover. We'll htt

Safeguard Kubernetes from critical RCE threats (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974). Explore ASPM, remediation strategies, and Phoenix Security insights to secure your NGINX ingress and block advanced attacks. #kubernetes #vulnerability #nginx #aspm https

CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/ndSChz8g50 https://t.co/VSSptdSAm7

IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX #IngressNightmare CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 CVE-2025-1974, https://t.co/s8USBfedJJ

CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/0QPPHQeRNI https://t.co/e3UFJ0twAu

GitHub - sandumjacob/IngressNightmare-POCs: Worlds First Public POC for CVE-2025-1974 lol https://t.co/5PehAF7yvn

🚨 Critical Vulnerabilities found in Kubernetes Ingress-NGINX (CVE-2025-1974). See the @ncsc_gov_ie advisory for more info: https://t.co/A1Hs3JBNr9

🚨 Critical RCE flaws in #ingressnginx threaten 6,500+ #Kubernetes clusters. 🔹 CVE-2025-1974 (CVSS 9.8) + 4 others 🔹 Impact: RCE, secrets exposure, cluster compromise ✅ Patch to v1.12.1 or v1.11.5 https://t.co/5NxoImCaRD

ingress-nginxの脆弱性（CVE-2025-1974）、なかなか影響大きそうですな。「Ingressどうする？」「とりあえずnginxでええやろ」ぐらいの感じでめっちゃ使われてるので https://t.co/kjKzg5veu6