{"id":"CVE-2026-24514","details":"A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx controller pod being killed or the node running out of memory.","aliases":["GHSA-2pf9-vr92-6h3v","GO-2026-4417"],"modified":"2026-05-20T08:11:46.680378692Z","published":"2026-02-03T23:16:07.280Z","withdrawn":"2026-05-04T08:41:42.910318Z","related":["SUSE-SU-2026:0403-1"],"references":[{"type":"REPORT","url":"https://github.com/kubernetes/kubernetes/issues/136680"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24514.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}