On this page
1.26.7
Solo build of Istio version 1.26.7 patch release.
This release note describes what’s different between Solo builds of Istio versions 1.26.6 and 1.26.7.
Security Notice
This build includes a fix of Envoy CVEs:
- CVE-2025-66220: (CVSS score 8.1, High): TLS certificate matcher for
match_typed_subject_alt_namesmay incorrectly treat certificates withOTHERNAMESANs containing an embedded null byte as valid. - CVE-2025-64527: (CVSS score 6.5, Medium): Envoy crashes when JWT authentication is configured with the remote JWKS fetching.
- CVE-2025-64763: (CVSS score 5.3, Medium): Potential request smuggling from early data after the CONNECT upgrade.
General Changes
- Built against upstream Istio version 1.26.7, release note can be found here.
Solo Flavor Changes
No changes in this section.
FIPS Flavor Changes
No changes in this section.