k3s v1.35.3+k3s1 released on 28-03-2026
k3s v1.35.3+k3s1 is out now. It updates k3s to upstream Kubernetes v1.35.3 and bundles multiple component bumps that carry security, runtime and networking fixes operators should review.
Operators should check the upstream Kubernetes v1.35.3 changelog and the k3s GitHub release notes for full CVE and component-level details before upgrading.
What’s in this release
- Kubernetes core bumped to v1.35.3 (release tagged v1.35.3-k3s1), rebuilt with Go 1.25.7.
- Embedded component upgrades: CoreDNS 1.14.2, Flannel v0.28.2, runc v1.4.1, containerd v2.2.2-k3s1, Etcd v3.6.7-k3s1, Kine v0.14.14 and others.
- Operational and reliability fixes including saving cluster state before re-encrypting secrets and simplified snapshot compress/decompress logic, plus March backports and toolchain updates (Trivy, Traefik chart bump).
Upgrade notes
- No explicit breaking changes are listed in the k3s notes here; test upgrades in staging and review upstream and individual component changelogs for any breaking behaviour.
- Take backups/snapshots and validate secret re-encryption behaviour before rolling the upgrade cluster-wide; if required, restore from known-good snapshots to roll back.
Share experience or report issues via the k3s GitHub issue tracker or on the project Slack so the maintainers and community can follow up.