🔐 CVE Alert

CVE-2026-11311

HIGH 8.1

NGINX Gateway Fabric vulnerability

CVSS Score
8.1
EPSS Score
0.0%
EPSS Percentile
0th

When NGINX Plus is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition serverTokens field and the AuthenticationFilter Custom Resource Definition extraAuthArgs field are rendered directly into NGINX configuration templates without sanitization or escaping. An authenticated attacker with permission to create or modify these Custom Resource Definitions may craft values that inject arbitrary NGINX configuration directives. This is a control plane issue; there is no data plane exposure from the vulnerability trigger itself. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CWE CWE-76
Vendor f5
Product nginx gateway fabric
Published Jun 17, 2026
Last Updated Jun 17, 2026
Stay Ahead of the Next One

Get instant alerts for f5 nginx gateway fabric

Be the first to know when new high vulnerabilities affecting f5 nginx gateway fabric are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Affected Versions

F5 / NGINX Gateway Fabric
2.5.0 < 2.6.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗
my.f5.com: https://my.f5.com/manage/s/article/K000161611

Credits

F5