TL;DR: Unauthenticated cluster-wide RCE in ingress-nginx admission controller via NGINX directive injection in Ingress annotations (CVE-2025-1974).

Stub — to be filled in.

What it is

TODO

Preconditions / where it applies

TODO

Technique

TODO

Detection and defence

TODO

References

• https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities