Home / Vulnerability Intelligence / CVE-2026-31890

CVE-2026-31890 - Vulnerability Analysis

MediumCVSS: 5.5

Last Updated: March 16, 2026

Inspektor Gadget - Denial of Service

Published: March 12, 2026Updated: March 16, 2026PoC Available

Overview

Inspektor Gadget < 0.50.1 contains a denial of service caused by silent event drops when the ring-buffer is full, letting malicious event sources cause loss of events, exploit requires a compromised container.

Severity & Score

Severity: Medium

CVSS Score: 5.5

Impact

Malicious event sources can cause denial of service by forcing event drops, impacting system monitoring and data collection.

Mitigation

Update to version 0.50.1 or later.

References

https://github.com/inspektor-gadget/inspektor-gadget/security/advisories/GHSA-wv52-frfv-mfh4

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-31890
Severity: Medium
CVSS Score: 5.5
Type: denial_of_service
Status: unconfirmed

CWE

CWE-223

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H