Affected by GO-2026-4724
and 2 other vulnerabilities
GO-2026-4724: Kube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoS in github.com/cloudnativelabs/kube-router
GO-2026-5354: kube-router: BGP Peer Passwords Exposed in Logs at Verbose Logging Level in github.com/cloudnativelabs/kube-router
GO-2026-5653: kube-router: GoBGP gRPC Admin Port Exposed on Node Primary IP Without Authentication, Allowing Cluster-Wide BGP Route Injection in github.com/cloudnativelabs/kube-router