CVE-2026-30963

Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule uses a webhook to validate update requests targeting namespaces. However, in Kubernetes, the namespace/finalize and...

CVE-2026-22872

Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Prior to version 0.13.0, tenant...

CVE-2026-30963

Capsule (a Kubernetes multi-tenancy framework) relied on a webhook to validate namespace updates, but prior to v0.13.0 it did not intercept namespace/status or namespace/finalize subresource changes. This omission enables a tenant with permission to modify those subresources to hijack other names...

CVE-2026-30963 Capsule Namespace Hijacking via subresource

Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule uses a webhook to validate update requests targeting namespaces. However, in Kubernetes, the namespace/finalize and...

CVE-2026-22872

CVE-2026-22872 affects Capsule, a Kubernetes multi-tenant framework. The Capsule Controller runs with cluster-admin privileges. The vulnerability lies in TenantResource RawItems processing: the code sets the namespace on deserialized objects, but this is ignored for cluster-scoped resources, allo...

CVE-2026-22872 Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability

Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Prior to version 0.13.0, tenant...

Capsule Input Validation Vulnerability

Capsule is an open-source Kubernetes framework developed by Project Capsule. Versions of Capsule prior to 0.13.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from rules for intercepting sub-resources named namespace/finalize and namespace/status that we...

CVE-2026-47076 SSRF allowlist bypass via percent-encoded host in hackney

Interpretation Conflict vulnerability in benoitc hackney allows Server Side Request Forgery. hackneyurl:normalize/2 URL-decodes the host component after the URL has been parsed into a hackneyurl record. OTP's uristring:parse/1 and inet:parseaddress/1 do not decode percent-escapes in the host, so ...

CVE-2026-45539

Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob / Path.rglob calls and read each match with Path.readtext, transparently following symbolic links. A symlink...

CVE-2026-46383 Microsoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a...

CVE-2026-45539 Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree

Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob / Path.rglob calls and read each match with Path.readtext, transparently following symbolic links. A symlink...

CVE-2026-45539 Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree

Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob / Path.rglob calls and read each match with Path.readtext, transparently following symbolic links. A symlink...

PT-2026-41316

Name of the Vulnerable Software and Affected Versions Microsoft APM versions 0.5.4 through 0.12.4 Description Two primitive integrators in apm-cli use Path.glob and Path.rglob to enumerate package files and Path.read text to read matches, which transparently follows symbolic links. A symlink with...

Note Mark 输入验证错误漏洞

Note Mark is a web-based Markdown note-taking application developed by Leo Spratt. Versions of Note Mark from 0.13.0 to 0.19.4 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of cleaning and validation of asset file names, which could lead to...

Astra Linux - уязвимость в librabbitmq

A vulnerability was discovered in the C AMQP client library also known as rabbitmq-c for RabbitMQ in versions up to 0.13.0. credentials can only be entered via the command line e.g., for amqp-publish or amqp-consume, and therefore they are visible to local attackers who can list processes along...

Security Bulletin: NVIDIA KAI Scheduler - April 2026

NVIDIA has released a software update for NVIDIA® KAI Scheduler. To protect your system, clone or update this software to KAI Scheduler v0.13.0 or later from the KAI-Scheduler GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that thi...

CVE-2026-6592

A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/usermanager.py of the component userdata Endpoint. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclose...

CVE-2026-6590

A vulnerability was detected in ComfyUI up to 0.13.0. This impacts the function getmodelpreview of the file app/modelmanager.py of the component Model Preview Endpoint. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. The...

ComfyUI 安全漏洞

ComfyUI is the most powerful and modular diffusion model GUI and backend developed by comfyanonymous individuals. Versions of ComfyUI prior to 0.13.0 contain security vulnerabilities, which stem from improper handling of unknown functions in the file server.py. These vulnerabilities could lead to...

ComfyUI 安全漏洞

ComfyUI is the most powerful and modular diffusion model GUI and backend developed by comfyanonymous individuals. Versions of ComfyUI prior to 0.13.0 contain security vulnerabilities, which stem from improper handling of parameter names in the folderpaths.getannotatedfilepath function within fold...