{question}
Has SingleStore been affected by the collective of vulnerabilities informally known as IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24514, CVE-2025-24513)?
{question}
{answer}
On March 24, 2025, critical vulnerabilities were disclosed in the Kubernetes Ingress NGINX Controller, a core component responsible for managing external access to services within Kubernetes clusters.
SingleStore became aware of these vulnerabilities on the same day and immediately initiated an investigation to assess their relevance and potential impact on the SingleStore Helios infrastructure. All affected systems were promptly patched and were already protected by authentication controls prior to patching. We have found no evidence of exploitation or malicious activity in our environments.
This bulletin is for informational purposes only — no action is required from our customers.
{answer}