IngressNightmare: Critical RCE flaws in Kubernetes

A newly disclosed set of five critical vulnerabilities, termed IngressNightmare, threatens Kubernetes security, potentially affecting over 6,500 clusters—many of which are exposed to the public internet. Organizations using NGINX Ingress Controller for Kubernetes are at risk of unauthorized remote code execution (RCE), which could allow attackers to steal secrets, escalate privileges, and take over entire clusters.

Security firm Wiz, which Google announced it intends to acquire, was the first to name the vulnerabilities IngressNightmare and has warned that 43% of cloud environments may be vulnerable. The flaws, affecting the admission controller component, have been assigned CVSS scores as high as 9.8, signaling their severity.

The Kubernetes Security Response Committee has released patches in Ingress NGINX Controller versions 1.12.1, 1.11.5, and 1.10.7.

Learn more now about how these vulnerabilities might impact your Kubernetes environment with our can’t miss latest episode of What You Should Know. We break down the recent string of CVEs affecting the NGINX Ingress Controller for Kubernetes, including CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974. We also discuss how these flaws enable unauthorized remote code execution (RCE), what that means for your organization, key indicators of compromise, and the critical steps you need to take to stay secure. 

Pluralsight helps you build the skills to secure your Kubernetes environments with expert-led courses on container security, threat detection, and best practices for mitigating vulnerabilities.