CVE-2026-32241
Published: 27 March 2026
Summary
CVE-2026-32241 is a high-severity Command Injection (CWE-77) vulnerability in Flannel-Io Flannel. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 15.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-32241 is a command injection vulnerability in the experimental Extension backend of Flannel, an overlay network fabric designed for Kubernetes container orchestration. Affecting Flannel versions prior to 0.28.2, the flaw occurs because the Extension backend's SubnetAddCommand and SubnetRemoveCommand processes attacker-controlled data from the Kubernetes Node annotation `flannel.alpha.coreos.com/backend-data`. This data is unmarshalled and piped directly to a shell command without validation, enabling injection. Only the Extension backend is impacted; other backends like vxlan and wireguard remain unaffected.
An attacker with low privileges who can set Kubernetes Node annotations (consistent with the CVSS v3.1 base score of 7.5: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) can exploit this to achieve root-level arbitrary command execution on every Flannel node in the cluster. The attack requires network access and high complexity, such as crafting malicious annotation data that exploits the stdin-fed shell invocation (CWE-77: Command Injection).
The Flannel security advisory (GHSA-vchx-5pr6-ffx2) and release notes for v0.28.2 confirm the issue is fixed in that version. As a workaround, administrators should switch to a different backend such as vxlan or wireguard to avoid using the vulnerable Extension backend entirely.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-16771
Vulnerability details
Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to…
more
a command injection that allows an attacker who can set Kubernetes Node annotations to achieve root-level arbitrary command execution on every flannel node in the cluster. The Extension backend's SubnetAddCommand and SubnetRemoveCommand receive attacker-controlled data via stdin (from the `flannel.alpha.coreos.com/backend-data` Node annotation). The content of this annotation is unmarshalled and piped directly to a shell command without checks. Kubernetes clusters using Flannel with the Extension backend are affected by this vulnerability. Other backends such as vxlan and wireguard are unaffected. The vulnerability is fixed in version v0.28.2. As a workaround, use Flannel with another backend such as vxlan or wireguard.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Command injection via Kubernetes Node annotations enables low-privileged attackers to execute arbitrary root shell commands on Flannel nodes, directly facilitating exploitation for privilege escalation (T1068), Unix Shell execution (T1059.004), and container escape to host (T1611).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents command injection by requiring validation of attacker-controlled Node annotation data before processing or piping to shell commands in Flannel's Extension backend.
Remediates the specific command injection flaw by requiring timely patching of Flannel to version 0.28.2 or later.
Mitigates exploitation by restricting Flannel to least functionality, such as prohibiting the experimental Extension backend and using only secure alternatives like vxlan or wireguard.