TLDR: CVE-2026-1892 affects Kubernetes versions 1.25-1.29 and allows container escape via a flaw in the container runtime interface. Attackers with pod creation privileges can gain full control of cluster nodes.
Affected Versions:
- Kubernetes 1.25.0 - 1.29.2
- All container runtimes (containerd, CRI-O)
Mitigation:
- Upgrade to patched versions immediately
- Enable Pod Security Standards
- Audit pod creation permissions
- Monitor for unusual host-level activity