CVE-2026-23742HIGH 8.8EPSS p37.1%

CVE-2026-23742CVE-2026-23742

Description

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The configuration inline allows these user to create a script that is able to read the filesystem accessible to the skipper process and if the user has access to read the logs, they an read skipper secrets. This vulnerability is fixed in 0.23.0.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.47% probability of exploitation · percentile 37.1% · 2026-06-19T12:03:05Z
Published2026-01-16
Last modified2026-02-18

Underlying weaknesses· 3

CWE-94CWE-250CWE-522

References

  1. https://github.com/zalando/skipper/commit/0b52894570773b29e2f3c571b94b4211ef8fa714
  2. https://github.com/zalando/skipper/releases/tag/v0.23.0
  3. https://github.com/zalando/skipper/security/advisories/GHSA-cc8m-98fm-rc9g

3

TypeTargetConfidenceTier
WeaknessExecution with Unnecessary Privilegescwe-2500%live
WeaknessInsufficiently Protected Credentialscwe-5220%live
WeaknessImproper Control of Generation of Code ('Code Injection')cwe-940%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-24470
CVE
CVE-2026-24512
CVE
CVE-2026-4342
CVE
CVE-2026-42353
CVE
CVE-2026-44774
CVE
CVE-2025-24937
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.