Wiz researchers found critical IngressNightmare vulnerabilities in the Ingress NGINX Controller for Kubernetes, allowing remote code execution through an insecure admission controller. Affecting 41% of internet-facing clusters, these flaws could enable attackers to take control of systems. Users are urged to update to patched versions 1.12.1 or 1.11.5 or apply mitigations.

‍