Istio 1.30 Deep Dive — Agentgateway, Ambient Multicluster, TrafficExtension API, and 4 CVE Patches (JWKS RSA Leak, XDS Debug Auth)
Istio 1.30 has been released, introducing significant updates including the Agentgateway and TrafficExtension API. This release also addresses four critical security vulnerabilities. The changes mark a notable evolution in Istio's capabilities, particularly in the context of AI and service mesh technology.
- ▪Istio 1.30.0 was released on May 18, 2026, alongside backports 1.29.3 and 1.28.7.
- ▪The release includes the Agentgateway, a new data-plane proxy for AI agent traffic, and the TrafficExtension API, which consolidates Wasm and Lua extensibility.
- ▪Four critical CVEs were patched, addressing security vulnerabilities related to JWT forgery and unauthorized access to debug endpoints.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3847714) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } daniel jeong Posted on May 21 • Originally published at manoit.co.kr Istio 1.30 Deep Dive — Agentgateway, Ambient Multicluster, TrafficExtension API, and 4 CVE Patches (JWKS RSA Leak, XDS Debug Auth) #kubernetes #security #observability #servicemesh Istio 1.30 Deep Dive — Agentgateway, Ambient Multicluster, TrafficExtension API, and 4 CVE Patches (JWKS RSA Leak, XDS Debug Auth) On May 18, 2026, the Istio community shipped Istio 1.30.0 alongside backports 1.29.3 and 1.28.7.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
