Product
When Cilium L7 functionality is enabled, a world-accessible Envoy admin socket is inadvertently created on cluster nodes. This misconfiguration (CVE-2026-49445) allows a local attacker to gain unauthorized access to Envoy's administrative endpoints, leading to sensitive information disclosure, such as the exposure of TLS secrets, and significant cluster disruption, including the interruption of traffic and the termination of Envoy processes.