1.26.8

This release note describes what’s different between Solo builds of Istio versions 1.26.7 and 1.26.8.

Security Notice link

This build includes a fix of a CVE in the c-ares dependency of Envoy:

• CVE-2025-62408: (CVSS score 5.9, Medium): Use after free due to connection being cleaned up after error.

General Changes link

• Built against upstream Istio version 1.26.8, release note can be found here.

Solo Flavor Changes link

No changes in this section.

FIPS Flavor Changes link

No changes in this section.