Ingress-NGINX

Ingress-NGINX Rewrite Injection (CVE-2026-3288): Safe Upgrade and Validation Playbook for Engineering Teams Kubernetes disclosed CVE-2026-3288 on March 9, 2026. The issue affects ingress-nginx when the nginx.ingress.kubernetes.io/rewrite-target annotation can be used to inject configuration into nginx, creating risk of code execution in the controller context and disclosure of Secrets the controller can access. The advisory lists […]

Ingress-NGINX Retirement: 7 Migration Guardrails to Move to Gateway API Without Breaking Auth, Routing, or TLS Ingress-NGINX retirement is no longer a future planning item. It is a live platform deadline. Kubernetes has stated that Ingress NGINX maintenance stops in March 2026, with no further bug fixes, releases, or security updates after retirement. It also