A series of vulnerabilities, collectively termed IngressNightmare, have been identified in the ingress-nginx, a popular Kubernetes ingress controller, which can be exploited to inject configurations via the Validating Admission Controller, potentially allowing unauthorized access to sensitive data and complete cluster takeover. These vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) affect all versions of ingress-nginx but are remedied in versions 1.12.1 and 1.11.5. Detectify has released a vulnerability assessment tool to identify exposed Ingress NGINX admission controllers by analyzing TLS certificates, offering a reliable detection method due to the unique characteristics of Kubernetes' self-signed certificates. As mitigation, users are advised to upgrade to the latest patched versions or temporarily disable the Validating Admission Controller if immediate patching is not possible. The article also highlights that Detectify continues to provide updates in their product log and offers support and trial options for users seeking to enhance their security posture.