CVE-2026-56742 Overview
CVE-2026-56742 is a missing authorization vulnerability [CWE-862] in Cilium, an open-source networking, observability, and security solution for Kubernetes. Cilium clusters using Gateway API allow users with permissions to create or update namespaced HTTPRoutes to mirror HTTP traffic to any Service in any namespace, bypassing the ReferenceGrant authorization mechanism. The flaw affects Cilium versions prior to 1.17.17, 1.18.11, and 1.19.5. Gateway API functionality is disabled by default, which limits the exposed attack surface. The issue is fixed in versions 1.17.17, 1.18.11, and 1.19.5.
Critical Impact
Users with permission to manage namespaced HTTPRoutes can mirror HTTP traffic from any Service in any namespace, exposing sensitive request data across tenant boundaries in multi-tenant Kubernetes clusters.
Affected Products
- Cilium versions prior to 1.17.17
- Cilium versions prior to 1.18.11 (1.18.x branch)
- Cilium versions prior to 1.19.5 (1.19.x branch)
Discovery Timeline
- 2026-07-15 - CVE-2026-56742 published to NVD
- 2026-07-15 - Last updated in NVD database
Technical Details for CVE-2026-56742
Vulnerability Analysis
Cilium implements the Kubernetes Gateway API to route external traffic to workloads. The Gateway API uses ReferenceGrant objects to authorize cross-namespace references between HTTPRoute resources and backend Services. This authorization boundary is central to multi-tenant isolation in a shared cluster.
The HTTPRouteFilterRequestMirror filter allows an HTTPRoute to duplicate incoming traffic to a specified backend for observability or testing. Prior to the fix, Cilium's ingestion logic in operator/pkg/model/ingestion/gateway.go did not evaluate ReferenceGrant when processing RequestMirror backend references. A tenant with write access to HTTPRoute in their own namespace could configure a mirror target pointing at a Service in a foreign namespace and receive a copy of that traffic.
Root Cause
The root cause is a missing authorization check [CWE-862] on the RequestMirror filter path. Other backend reference paths in Cilium's Gateway API implementation invoked IsBackendReferenceAllowed to consult ReferenceGrant, but the mirror filter path bypassed that verification and directly resolved the target Service.
Attack Vector
An attacker requires namespaced permissions to create or update HTTPRoute resources. The attacker crafts an HTTPRoute with a RequestMirror filter whose backendRef.namespace targets a Service in a different namespace. Cilium accepts the configuration and mirrors production traffic to the attacker-controlled workload without a matching ReferenceGrant.
// Security patch in operator/pkg/model/ingestion/gateway.go
// Adds ReferenceGrant enforcement for request-mirror backends
case gatewayv1.HTTPRouteFilterURLRewrite:
rewriteFilter = toHTTPRewriteFilter(f.URLRewrite)
case gatewayv1.HTTPRouteFilterRequestMirror:
if f.RequestMirror == nil {
continue
}
if !helpers.IsBackendReferenceAllowed(hr.GetNamespace(),
gatewayv1.BackendRef{BackendObjectReference: f.RequestMirror.BackendRef},
gatewayv1.SchemeGroupVersion.WithKind("HTTPRoute"), grants) {
continue
}
svc := getServiceSpec(string(f.RequestMirror.BackendRef.Name),
helpers.NamespaceDerefOr(f.RequestMirror.BackendRef.Namespace, hr.Namespace), services)
if svc != nil {
requestMirrors = append(requestMirrors, toHTTPRequestMirror(*svc, f.RequestMirror, hr.Namespace))
}
Source: Cilium commit 7422068
Detection Methods for CVE-2026-56742
Indicators of Compromise
- HTTPRoute resources containing filters of type RequestMirror whose backendRef.namespace differs from the route's own namespace.
- Absence of a corresponding ReferenceGrant in the target namespace that permits the cross-namespace reference from HTTPRoute.
- Unexpected outbound HTTP traffic from cluster workloads to Services owned by other tenants or namespaces.
Detection Strategies
- Audit all HTTPRoute objects in the cluster and flag any with RequestMirror filters that reference Services outside the route's namespace.
- Compare mirror backend references against the set of authorized ReferenceGrant objects to identify unauthorized cross-namespace mirrors.
- Enable Kubernetes audit logging on httproutes.gateway.networking.k8s.io create and update events and alert on filter definitions of kind RequestMirror.
Monitoring Recommendations
- Monitor Cilium operator logs for Gateway API ingestion events referencing cross-namespace backends.
- Track network flows using Hubble or equivalent observability tooling to detect duplicated traffic destined for unexpected Services.
- Alert on RBAC grants that provide create or update verbs on HTTPRoute resources in tenant namespaces.
How to Mitigate CVE-2026-56742
Immediate Actions Required
- Upgrade Cilium to 1.17.17, 1.18.11, or 1.19.5 depending on the deployed minor version branch.
- Inventory all HTTPRoute resources with RequestMirror filters and validate that each cross-namespace backend has a corresponding ReferenceGrant.
- Restrict RBAC permissions for HTTPRoute create and update verbs to trusted operators until the upgrade completes.
Patch Information
The fix adds an explicit call to helpers.IsBackendReferenceAllowed for RequestMirror filter backends before resolving the target Service. See the GitHub Security Advisory GHSA-w7c2-w76w-5hmj and releases v1.17.17, v1.18.11, and v1.19.5.
Workarounds
- Disable Gateway API support in Cilium if not required. This feature is disabled by default.
- Enforce OPA Gatekeeper or Kyverno admission policies that reject HTTPRoute resources containing RequestMirror filters with cross-namespace backendRef values.
- Limit HTTPRoute write permissions to cluster administrators and remove them from tenant service accounts.
# Verify Cilium version and upgrade using Helm
cilium version
helm upgrade cilium cilium/cilium --version 1.19.5 --namespace kube-system --reuse-values
# Audit HTTPRoutes for cross-namespace RequestMirror filters
kubectl get httproutes.gateway.networking.k8s.io -A -o json | \
jq '.items[] | select(.spec.rules[]?.filters[]? | select(.type=="RequestMirror" and .requestMirror.backendRef.namespace != null))'
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

