CVE-2026-22771 — HIGH (8.8)

Q: How severe is CVE-2026-22771?

CVE-2026-22771 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-22771?

Check the references section above for vendor advisories and patch information. Affected products include: Envoyproxy Gateway.

Vulnerability Description

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Prior to 1.5.7 and 1.6.2, EnvoyExtensionPolicy Lua scripts executed by Envoy proxy can be used to leak the proxy's credentials. These credentials can then be used to communicate with the control plane and gain access to all secrets that are used by Envoy proxy, e.g. TLS private keys and credentials used for downstream and upstream communication. This vulnerability is fixed in 1.5.7 and 1.6.2.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Envoyproxy	Gateway	< 1.5.7

Related Weaknesses (CWE)

CWE-94

References

https://github.com/envoyproxy/gateway/security/advisories/GHSA-xrwg-mqj6-6m22ExploitVendor AdvisoryMitigation

FAQ

What is CVE-2026-22771?

CVE-2026-22771 is a vulnerability with a CVSS score of 8.8 (HIGH). Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Prior to 1.5.7 and 1.6.2, EnvoyExtensionPolicy Lua scripts executed by Envoy p...

How severe is CVE-2026-22771?

CVE-2026-22771 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-22771?

Check the references section above for vendor advisories and patch information. Affected products include: Envoyproxy Gateway.