diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/webhook.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/webhook.go
index 2c366097ace..9b6ac5a8199 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/webhook.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/webhook.go
@@ -20,8 +20,6 @@ import (
 	"context"
 	"fmt"
 	"io"
-	"sync"
-
 	"k8s.io/apiserver/pkg/cel/environment"
 	"k8s.io/apiserver/pkg/features"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
@@ -47,12 +45,6 @@ import (
 	clientset "k8s.io/client-go/kubernetes"
 )
 
-var (
-	// filterCompiler is memory heavy, so we only want to create it once and share it.
-	filterCompilerOnce sync.Once
-	filterCompiler     cel.FilterCompiler
-)
-
 // Webhook is an abstract admission plugin with all the infrastructure to define Admit or Validate on-top.
 type Webhook struct {
 	*admission.Handler
@@ -64,6 +56,7 @@ type Webhook struct {
 	namespaceMatcher *namespace.Matcher
 	objectMatcher    *object.Matcher
 	dispatcher       Dispatcher
+	filterCompiler   cel.FilterCompiler
 	authorizer       authorizer.Authorizer
 }
 
@@ -101,10 +94,6 @@ func NewWebhook(handler *admission.Handler, configFile io.Reader, sourceFactory
 	cm.SetAuthenticationInfoResolver(authInfoResolver)
 	cm.SetServiceResolver(webhookutil.NewDefaultServiceResolver())
 
-	filterCompilerOnce.Do(func() {
-		filterCompiler = cel.NewFilterCompiler(environment.MustBaseEnvSet(environment.DefaultCompatibilityVersion(), utilfeature.DefaultFeatureGate.Enabled(features.StrictCostEnforcementForWebhooks)))
-	})
-
 	return &Webhook{
 		Handler:          handler,
 		sourceFactory:    sourceFactory,
@@ -112,6 +101,7 @@ func NewWebhook(handler *admission.Handler, configFile io.Reader, sourceFactory
 		namespaceMatcher: &namespace.Matcher{},
 		objectMatcher:    &object.Matcher{},
 		dispatcher:       dispatcherFactory(&cm),
+		filterCompiler:   cel.NewFilterCompiler(environment.MustBaseEnvSet(environment.DefaultCompatibilityVersion(), utilfeature.DefaultFeatureGate.Enabled(features.StrictCostEnforcementForWebhooks))),
 	}, nil
 }
 
@@ -237,7 +227,7 @@ func (a *Webhook) ShouldCallHook(ctx context.Context, h webhook.WebhookAccessor,
 			return nil, apierrors.NewInternalError(err)
 		}
 
-		matcher := h.GetCompiledMatcher(filterCompiler)
+		matcher := h.GetCompiledMatcher(a.filterCompiler)
 		matchResult := matcher.Match(ctx, versionedAttr, nil, a.authorizer)
 
 		if matchResult.Error != nil {