Tigera Calico
4 CVEs affecting Tigera Calico. Latest disclosed: 2026-05-28. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-33522 | Medium | 6.7 | 2024-04-29 | In vulnerable versions of Calico (v3.27.2 and below), Calico Enterprise (v3.19.0-1, v3.18.1, v3.17.3 and below), and Calico Cloud (v19.2.0 and below), an attac… |
CVE-2026-41185 | Medium | 6.5 | 2026-05-28 | When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegati… |
CVE-2026-41184 | Medium | 6.5 | 2026-05-28 | In Calico, the install-cni init container logs the rendered CNI configuration to standard output. When the configuration template uses the __SERVICEACCOUNT_TOK… |
CVE-2026-6720 | | 2026-05-28 | When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stde… |