CVE-2025-1974

Ingress-nginx maintainers released fixes for multiple vulnerabilities on March 24, 2025, including a critical CVE-2025-1974 that allows unauthenticated attackers on the Pod network to inject arbitrary NGINX configuration and achieve remote code execution via the Validating Admission Controller; users should upgrade to fixed versions (1.12.1 / 1.11.5) or disable the admission controller as a temporary workaround and verify deployments with kubectl.