PT-2026-22402

Name of the Vulnerable Software and Affected Versions Canarytokens versions prior to sha-7ff0e12 Description The Canarytokens PWA Canarytoken has a Self Cross-Site Scripting issue. A Canarytoken creator can execute Javascript code by inserting it into the title field of their PWA token. This allo...

Beszel 路径遍历漏洞

Beszel is a lightweight server monitoring center developed by Hank’s individual developers. Versions of Beszel prior to 0.18.2 contained a path traversal vulnerability. This vulnerability stemmed from insufficient validation of container query parameters provided to users, which could allow...

Docker Model Runner 安全漏洞

Docker Model Runner is an open-source Docker model runner developed by Docker. Versions of Docker Model Runner prior to 1.0.16 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated POST endpoints that allowed arbitrary runtime flags to be accepted. This could enable...

PT-2026-22382

Name of the Vulnerable Software and Affected Versions Beszel versions prior to 0.18.2 Beszel versions 0.18.2 through 0.18.3 Description Beszel is a server monitoring platform. The platform’s authenticated API endpoints, specifically ''/api/beszel/containers/logs'' and...

Security update for docker-stable (moderate)

openSUSE security update: security update for docker-stable ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20262-1 Rating: moderate References: bsc1250508 bsc1250596 bsc1252290 Affected Products: openSUSE Leap 16.0...

docker-29.2.1_ce-37.1 on GA media (moderate)

docker-29.2.1ce-37.1 on GA media Announcement ID: openSUSE-SU-2026:10261-1 Rating: moderate Cross-References: CVE-2025-67499 CVSS scores: CVE-2025-67499 SUSE : 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-67499 SUSE : 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:...

EUVD-2026-8797

WireGuard Portal is Vulnerable to Privilege Escalation via User Self-Update to Admin Level...

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: kubevela, q, crossplane-provider-azure-sql, crossplane-provider-aws-elasticache, xeol, crossplane-provider-aws-ec2, argo-cd, k9s, cert-manager-cmctl, flux-source-controller, crossplane-provider-azure-storage, flux-helm-controller, aactl, boring-registry, grafana,...

GHSA-Q9HV-HPM4-HJ6X vulnerabilities

Vulnerabilities for packages: kubevela, q, crossplane-provider-azure-sql, crossplane-provider-aws-elasticache, xeol, crossplane-provider-aws-ec2, argo-cd, k9s, cert-manager-cmctl, flux-source-controller, crossplane-provider-azure-storage, flux-helm-controller, aactl, boring-registry, grafana,...

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: trivy, reports-server, datadog-agent, nuclei, cert-manager-cmctl, crossplane-provider-azure-managedidentity, terragrunt, livekit-cli, atlantis, gitlab-runner, crossplane-provider-aws-cloudwatchlogs-fips, scorecard, crossplane-provider-aws-route53-fips,...

Security update for docker

This update for docker fixes the following issues: CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...

SUSE-SU-2026:0666-1 Security update for docker

This update for docker fixes the following issues: - CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904...

Security update for docker-stable

This update for docker-stable fixes the following issues: CVE-2025-30204: Fixed a vulnerability in jwt-go which allowed excessive memory allocation during header parsing. bsc1240513 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...

SUSE-SU-2026:0659-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - CVE-2025-30204: Fixed a vulnerability in jwt-go which allowed excessive memory allocation during header parsing. bsc1240513...

CVE-2026-27899

WireGuard Portal or wg-portal is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. Aft...

CVE-2026-27899 WireGuard Portal Vulnerable to Privilege Escalation to Admin via User Self-Update

WireGuard Portal or wg-portal is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. Aft...

Docker Desktop < 4.62.0 Out of Bounds Read

The version of Docker Desktop is prior to 4.62.0. It is therefore affected by an out of bounds read vulnerability. - An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local...

Docker Desktop < 4.43.0 Information Disclosure

The version of Docker Desktop is prior to 4.43.0. It is therefore affected by an information disclosure vulnerability. - System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information...

OPENSUSE-SU-2026:10261-1 docker-29.2.1_ce-37.1 on GA media

These are all security issues fixed in the docker-29.2.1ce-37.1 package on the GA media of openSUSE Tumbleweed...

Ollama Model Registry Path Traversal RCE

Ollama before 0.1.34 is vulnerable to a path traversal attack via the model pull mechanism CVE-2024-37032. When pulling a model, the digest field in OCI manifests is not validated, allowing an attacker to inject path traversal sequences to write arbitrary files on the server. This module starts a...