CVE-2025-59359

Critical Chaos Mesh Flaws Could Allow Kubernetes Cluster Takeover; Patch Released

Cloud, News, Risk, Vendors, Vulnerabilities

September 17, 2025

Cybersecurity researchers warned of four critical vulnerabilities in Chaos Mesh that could enable an in-cluster attacker to seize control of Kubernetes clusters, potentially exfiltrating data or disrupting services. Chaos Mesh issued a patch with version 2.7.3 and urges users to update or apply mitigations to limit exposure.