CVE Vulnerabilities

CVE-2026-15738

Improper Isolation or Compartmentalization

Published: Jul 14, 2026 | Modified: Jul 14, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

Incorrect behavior order in the Gateway API listener-rule generation in Amazon AWS Load Balancer Controller before 3.4.2 might allow an authenticated remote user to intercept, spoof, or deny another namespaces gRPC traffic on a shared Gateway via a crafted HTTPRoute resource.

To mitigate this issue, users should upgrade to version 3.4.2.

Weakness

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

Potential Mitigations

References