Auth bypass in Antrea-io Antrea

CVE-2026-25804

Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to versions 2.3.2 and 2.4.3, Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority…

Vulnerability class: Broken Authentication

EPSS: 0.000 (5.5th percentile) — read the EPSS interpretation.

Affected products

Antrea-io Antrea — versions < 2.3.2, >= 2.4.0, < 2.4.3

Weakness classification (CWE)

References

https://github.com/antrea-io/antrea/security/advisories/GHSA-86x4-wp9f-wrr9 (x_refsource_CONFIRM)
https://github.com/antrea-io/antrea/pull/7496 (x_refsource_MISC)
https://github.com/antrea-io/antrea/commit/86c4b6010f3be536866f339b632621c23d7186fa (x_refsource_MISC)