Public Cloud Status

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We are pleased to inform you that the incident affecting our Compute - Instance has been resolved.

Start time : 24/04/2026 14:40 UTC End time : 24/04/2026 16:42 UTC Root Cause : A service disruption occurred due to an unexpected infrastructure failure.

We apologize for any inconvenience caused and appreciate your understanding.

Identified: We are currently experiencing an ongoing incident. We have determined the origin of the issue affecting our Compute - Instance offer on the specific region.

Here are some supplementary details :

Start time : 24/04/2026 14:40 UTC Impacted Service(s) : Some instances in the RBX10 region are unreachable. Customers Impact : Customers are temporarily unable to access instances located on the specified regions. Root Cause : A service disruption occurred due to an unexpected infrastructure failure Ongoing Actions : The incident has been identified and our teams are mobilised to restore service as quickly as possible.

We will keep you updated on the progress and resolution.

Investigating: We are currently investigating an incident affecting our Compute - Instance offering, which is causing temporary availability issue in the RBX10 region.

Here are some supplementary details :

Start time : 24/04/2026 14:40 UTC Impacted Service(s) : Some instances in the RBX10 region are unreachable. Customers Impact : Customers are temporarily unable to access instances located on the specified region. Ongoing Actions : Our teams are investigating to determine the origin of the incident and fix it.

We will keep you updated on the progress and resolution.

We apologize for any inconvenience caused and appreciate your understanding.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We had an incident on our Public Cloud Network API offer in EU which has now been resolved.

Here are some supplementary details :

Start time : 30/04/2026 14:42 UTC End time : 30/04/2026 14:57 UTC Impacted Service(s) : The API for Public Cloud was temporarily unavailable. Customers Impact : Customers were temporarily unable to create, start, manage their Public Cloud instances. Root Cause : This incident was caused by a software issue.

We thank you for your understanding and patience throughout this incident.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.

Resolved: We are pleased to inform you that our teams released new versions to resolve the security event that affected our Managed Kubernetes Service.

Start time : 22/04/2026 08:15 UTC End time : 30/04/2026 15:30 UTC Root Cause : This incident was caused by a software issue.

Patched MKS versions are now available. We recommend updating your clusters as soon as possible, especially those running multi-tenant workloads. Patched versions — Free plan

Kubernetes 1.30 (end of support): patch version 1.30.14-3 Kubernetes 1.31 (end of support): patch version 1.31.13-2 Kubernetes 1.32 (end of support): patch version 1.32.13-2 Kubernetes 1.33 (supported): patch version 1.33.10-2 Kubernetes 1.34 (supported): patch version 1.34.2-2 Kubernetes 1.35 (supported): patch version 1.35.2-2

Patched versions — Standard plan

Kubernetes 1.30 (end of support): patch version 1.30.14-12 Kubernetes 1.31 (end of support): patch version 1.31.13-9 Kubernetes 1.32 (end of support): patch version 1.32.13-3 Kubernetes 1.33 (supported): patch version 1.33.10-3 Kubernetes 1.34 (supported): patch version 1.34.6-3 Kubernetes 1.35 (supported): patch version 1.35.2-2

What customers need to do All customers can apply the patch manually right now, regardless of their cluster's Kubernetes version or security update policy. We strongly recommend doing so as soon as possible.

Via the OVHcloud Control Panel: Public Cloud > Managed Kubernetes Service > Your cluster > Apply Patch Via the OVHcloud API: POST /cloud/project/{serviceName}/kube/{kubeId}/update with the following request body: { "strategy": "LATEST_PATCH" }

Automatic rollout For clusters running a supported Kubernetes version (1.33, 1.34, 1.35) with the ALWAYS_UPDATE or MINIMAL_DOWNTIME security policy, OVHcloud will roll out the patch automatically over the coming days. Clusters running end-of-support Kubernetes versions (1.30, 1.31, 1.32) will not be patched automatically by OVHcloud, even with an automatic security update policy. Customers running these versions must apply the patch manually using the versions listed above. We strongly recommend planning an upgrade to a supported Kubernetes minor version as soon as possible. Customers using the NEVER_UPDATE policy must also apply the update manually. Given the severity of this CVE, OVHcloud may force-apply the security update if clusters remain unpatched after a notice period.

Identified: We are currently experiencing an ongoing security event affecting our Managed Kubernetes Service. The source of the issue has been identified.

Start time : 22/04/2026 08:15 UTC Impacted service(s) : Managed Kubernetes Service (MKS) worker nodes. Customer impact : A recently disclosed security vulnerability may allow a user within a container to gain elevated access on the underlying node. This issue is limited to individual clusters and does not impact other customers or the managed control plane. Customers running shared or multi-tenant workloads within the same cluster should consider this issue with higher priority. Other OVHcloud managed services (MPR, MRS) are patched transparently by OVHcloud, no customer action required. Root Cause : This incident is caused by a software issue. Workaround : A temporary mitigation is available to reduce the risk while we prepare a permanent fix. Instructions are available in our dedicated blog post: https://blog.ovhcloud.com/copy-fail-cve-2026-31431-how-to-rapidly-protect-ovhcloud-mks-clusters-from-the-linux-kernel-zero-day Please note that applying this mitigation is optional and remains under your responsibility. If the vulnerability has already been exploited on your cluster, this mitigation will not remediate any pre-existing compromise Ongoing actions : Our teams are actively working on a permanent fix. Updated versions are expected to be available later today.

We will share further details and update instructions as soon as they are ready. We will keep you informed of any progress.

Thank you for your understanding.