T

Tigera Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Tigera products.

2 known CVE vulnerabilities tracked

Critical
0
High
0
Medium
2
Low
0
None
0

Vulnerabilities By Year

2
2026

Products Affected

Calico 2

All Tigera CVEs

Recent Highest Score Oldest
CVE-2026-41185
6.5 medium

When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map (stdinData) at INFO level to /var/

Calico May 28, 2026
CVE-2026-41184
6.5 medium

In Calico, the install-cni init container logs the rendered CNI configuration to standard output. When the configuration template uses the __SERVICEACCOUNT_TOKEN__ placeholder (Canal/Flannel-Calico deployments), the installer substitutes the live Kubernetes ServiceAccount bearer token before logging

Calico May 28, 2026