CVE-2026-39350 — Istio is an open platform to connect, manage, and secure
Image via images.unsplash.com
CVE-2026-39350 — Istio is an open platform to connect, manage, and secure microservices. In versions 1.25.0 through 1.27.8, 1.28.0 through 1.28.5, 1.29.0, and 1.29.1, the serviceAccounts and notServiceAccounts fields in AuthorizationPolicy incorrectly interpret dots (.) as a regular expression match
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-39350 | vulnerability | CVE-2026-39350 |
| CWE-185 | weakness | CWE-185 |
| CWE-863 | weakness | CWE-863 |
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 16, 2026 at 02:16 UTC |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Related Posts
Critical WordPress Plugin Flaw Grants Admin Privileges
CVE-2026-4880 — The Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) plugin for WordPress is vulnerable to privilege escalation...
Free5GC UDR Service Leaks 5G Subscriber Identifiers
CVE-2026-40245 — Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions 4.2.1 and below contain an information disclosure vulnerability...
Maddy Mail Server Hit by Critical LDAP Injection Flaw
CVE-2026-40193 — maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module where user-supplied usernames...