What does upgrading Istio 1.13.9 to 1.27.8 fix?

Upgrading Istio from 1.13.9 to 1.27.8 clears 3 known vulnerabilities (2 high), including 1 under active exploitation (CISA KEV). 2 known issues remain in 1.27.8.

← Istio

Istio: 1.13.9 → 1.27.8

Istio · upgrade impact · Official site ↗

From1.13.94 known issues To1.27.82 known issues

Fixed by upgrading to 1.27.8 iVulnerabilities that affect 1.13.9 but no longer affect 1.27.8 — the security gain from this upgrade, by exploited status then exploitation probability.

Exploited first, then by exploitation probability (EPSS).

CVE-2023-44487 HIGH exploited EPSS 100% ✓ cleared in 1.27.8 CVE-2026-31837 HIGH EPSS 0% ✓ cleared in 1.27.8 CVE-2026-31838 MEDIUM EPSS 0% ✓ cleared in 1.27.8

Still open in 1.27.8 iKnown vulnerabilities that affect 1.27.8 too — upgrading to it does not clear these.

These affect 1.27.8 as well — a later release may be needed.

CVE-2026-41413 MEDIUM EPSS 0% → fixed in 1.29.2 CVE-2026-39350 MEDIUM EPSS 0% → fixed in 1.29.2