58689 matches found
CVE-2026-11769
A flaw was found in the Grafana Operator. This vulnerability allows a malicious user, who can create Dashboard or LibraryPanel resources for a Grafana instance, to exploit a path traversal issue within the jsonnet data templating language. This exploitation can lead to privilege escalation and...
GHSA-9R4W-JG96-92MV vulnerabilities
Vulnerabilities for packages: teleport, tbot, teleport-operator-fips...
GHSA-XF85-363P-868W vulnerabilities
Vulnerabilities for packages: kots, crossplane-fips, linkerd2, kyverno-notation-aws, gitlab-operator-fips, chartmuseum-fips, cluster-api-helm-controller, kyverno-fips, rancher-fleet, tigera-operator, drone-fips, k9s, gatekeeper, kargo, xeol-fips, kgateway, vcluster, falcoctl-fips,...
GHSA-8XWF-RJM4-XVHV vulnerabilities
Vulnerabilities for packages: kots, crossplane-fips, linkerd2, kyverno-notation-aws, gitlab-operator-fips, chartmuseum-fips, cluster-api-helm-controller, kyverno-fips, rancher-fleet, tigera-operator, drone-fips, k9s, gatekeeper, kargo, xeol-fips, kgateway, vcluster, falcoctl-fips,...
GHSA-VH4V-2XQ2-G5CG vulnerabilities
Vulnerabilities for packages: kots, crossplane-fips, linkerd2, kyverno-notation-aws, gitlab-operator-fips, chartmuseum-fips, cluster-api-helm-controller, kyverno-fips, rancher-fleet, tigera-operator, drone-fips, k9s, gatekeeper, kargo, xeol-fips, kgateway, vcluster, falcoctl-fips,...
CVE-2026-50162 vulnerabilities
Vulnerabilities for packages: kots, crossplane-fips, linkerd2, kyverno-notation-aws, gitlab-operator-fips, chartmuseum-fips, cluster-api-helm-controller, kyverno-fips, rancher-fleet, tigera-operator, drone-fips, k9s, gatekeeper, kargo, xeol-fips, kgateway, vcluster, falcoctl-fips,...
CVE-2026-48978 vulnerabilities
Vulnerabilities for packages: kots, crossplane-fips, linkerd2, kyverno-notation-aws, gitlab-operator-fips, chartmuseum-fips, cluster-api-helm-controller, kyverno-fips, rancher-fleet, tigera-operator, drone-fips, k9s, gatekeeper, kargo, xeol-fips, kgateway, vcluster, falcoctl-fips,...
GHSA-JXPM-75MH-9FP7 vulnerabilities
Vulnerabilities for packages: kots, crossplane-fips, linkerd2, kyverno-notation-aws, gitlab-operator-fips, chartmuseum-fips, cluster-api-helm-controller, kyverno-fips, rancher-fleet, tigera-operator, drone-fips, k9s, gatekeeper, kargo, xeol-fips, kgateway, vcluster, falcoctl-fips,...
CVE-2026-50151 vulnerabilities
Vulnerabilities for packages: kots, crossplane-fips, linkerd2, kyverno-notation-aws, gitlab-operator-fips, chartmuseum-fips, cluster-api-helm-controller, kyverno-fips, rancher-fleet, tigera-operator, drone-fips, k9s, gatekeeper, kargo, xeol-fips, kgateway, vcluster, falcoctl-fips,...
MinIO Operator Console Authentication Bypass
MinIO Console is a graphical user interface for the for MinIO Operator. MinIO itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. id: CVE-2021-41266 info: name: MinIO Operator...
CVE-2026-49835 vulnerabilities
Vulnerabilities for packages: tkn, trivy, teleport, zarf, aactl, goreleaser, kyverno-notation-aws, neuvector-sigstore-interface, spire-server, kyverno, crossplane, policy-controller, tekton-chains, tflint, kubescape, trivy-operator...
GHSA-9C54-X2G4-V92J vulnerabilities
Vulnerabilities for packages: tkn, trivy, teleport, zarf, aactl, goreleaser, kyverno-notation-aws, neuvector-sigstore-interface, spire-server, kyverno, crossplane, policy-controller, tekton-chains, tflint, kubescape, trivy-operator...
Critical: Red Hat Security Advisory: Cluster Observability Operator 1.5.0
The Cluster Observability Operator COO is a Red Hat OpenShift Container Platform Operator that you can deploy to manage observability component stacks by using custom resource descriptions CRDs. The 1.5 release of COO...
PYSEC-2026-413 Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token
Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token | Field | Value | | ---------------- | ----- | | Repository | pipeboard-co/meta-ads-mcp | | Affected version | ≤ 1.0.101 commit 496c988 7d14226; Versions 1.0.102–1.0.105 lack git tags, so patch status is unconfirmed. | |...
CVE-2026-46604 vulnerabilities
Vulnerabilities for packages: rclone, hugo, seaweedfs-operator-fips, rclone-fips, seaweedfs-fips, listmonk, gitlab-workhorse-ce, seaweedfs-operator, seaweedfs...
GHSA-QVQC-4C52-X6QP vulnerabilities
Vulnerabilities for packages: gpu-operator, gpu-operator-fips, kube-arangodb, guac...
CVE-2026-49349 vulnerabilities
Vulnerabilities for packages: gpu-operator, gpu-operator-fips, kube-arangodb, guac...
Security Bulletin: Multiple Vulnerabilities in IBM Operator for PostgreSQL
Summary Multiple vulnerabilities were addressed in IBM Operator for PostgreSQL version v28.3.3. Vulnerability Details CVEID:CVE-2026-45447 DESCRIPTION: Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: frankenphp-8.5, kots, knative-kafka-broker, knative-eventing-fips, harbor-fips, prometheus-elasticsearch-exporter, kyverno-fips, k3s, prometheus-mongodb-exporter, tigera-operator, istio, coder-fips, loki, zot, prometheus-operator, drone-fips, k9s, elastic-agent-fips,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: frankenphp-8.5, kots, knative-kafka-broker, chainctl, knative-eventing-fips, grype, harbor-fips, prometheus-elasticsearch-exporter, terraform-fips, pulumi-language-yaml, kyverno-fips, pulumi-kubernetes-operator, k3s, prometheus-mongodb-exporter, tigera-operator, isti...