Executive Summary
The Cluster API v1.12.0 allows in-place updates without deletion, while Ingress-nginx will be archived early in 2026.
Additionally, Cilium Ingress presents a drop-in replacement devoid of upstream maintenance challenges.
Top 3 Signals This Week
Signal 1
Cluster API v1.12.0 introduces the capability for in-place updates and chained upgrades, allowing upgrades across multiple minor versions in a single operation without requiring machine deletion.
[Source: Kubernetes Blog]
Signal 2
Ingress-nginx will be archived at the beginning of 2026, ceasing all maintenance and support, following years of insufficient contributions.
[Source: CNCF]
Signal 3
Cilium Ingress offers a drop-in replacement for Ingress-nginx, ensuring zero upstream maintenance concerns.
[Source: CNCF]
Rapid Data Drops
50% of respondents currently utilize Ingress-nginx according to the State of Kubernetes Networking Report. [Source: CNCF]
CVE-2025-26385 has a CVSS base score of 3.1, indicating critical severity for vulnerabilities in Johnson Controls Products. [Source: CISA]
CVSS base score for CVE-2019-11036 is rated at 9.8 due to buffer over-read vulnerabilities leading to potential information disclosure or crashes. [Source: CISA]
CVE-2023-25727 has a base CVSS score of 5.4, allowing authenticated users to trigger XSS through crafted file uploads. [Source: CISA]
CISA added CVE-2026-24858 to its Known Exploited Vulnerabilities Catalog, relating to Fortinet devices with significant risks to the federal enterprise. [Source: CISA]
Operator Question
With Ingress-nginx's impending archiving, which alternative solutions are being prioritized to ensure continuity?
For Teams
Raw exports (JSON/CSV), custom API access, or internal feed integrations are available for organizations running this data at scale.
Reply to this email for details.
