Product
A critical path traversal vulnerability (CVE-2026-53713) exists in the `to_absolute_normalized_path` function of Envoy Gateway due to improper input validation, allowing specially crafted Lua code submitted via an `EnvoyExtensionPolicy` to bypass critical-path checks and read arbitrary sensitive files from the gateway controller pod's filesystem, potentially leading to authentication bypass to the Kubernetes API Server or Gateway XDS server.