Severity:
HIGH RISK
(8.8)
Lua Script Code Injection (CWE-94) in Envoy Gateway EnvoyExtensionPolicy
CVE-2026-22771
Published:
Jan 12, 2026
Status:
Analyzed
Summary
Affected Context
Exploit Preconditions
Why This Happens
Potential Impact
General Mitigation Guidance
How Teams Detect Issues Like This
Frequently Asked Questions
Source
NDV
