EUVD-2026-32930

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

SUSE CVE-2026-31837

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver becomes unavailable or the fetch fails, exposing hardcoded defaults regardless of use of the RequestAuthentication resource. This...

SUSE CVE-2026-31838

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...

EUVD-2026-10939

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...

Istio 安全漏洞

Istio is an open-source platform that connects, manages, and protects microservices. There are security vulnerabilities in versions of Istio prior to 1.29.1, 1.28.5, and 1.27.8. These vulnerabilities stem from defects in the Envoy RBAC header matching mechanism, which may allow authorization...

Temporal has an Incorrect Authorization vulnerability

When system.enableCrossNamespaceCommands is enabled on by default, the Temporal server permits certain workflow task commands e.g. StartChildWorkflowExecution, SignalExternalWorkflowExecution, RequestCancelExternalWorkflowExecution to target a different namespace than the namespace authorized at...

Temporal 安全漏洞

Temporal is a persistent execution platform open-sourced by temporal.io. A security vulnerability exists in Temporal versions 1.24.0 through 1.29.1, which stems from improper namespace validation and could lead to bypassing restrictions or policies...

Temporal—durable 安全漏洞

Temporal is a persistent execution platform open-sourced by temporal.io. A security vulnerability exists in Temporal-durable 1.29.1 and earlier versions, which stems from improper authorization of cross-namespace commands and could lead to unauthorized creation of workflows...

CVE-2025-59037 DuckDB NPM packages 1.3.3 and 1.29.2 briefly compromised with malware

DuckDB is an analytical in-process SQL database management system. On 08 September 2025, the DuckDB distribution for Node.js on npm was compromised with malware along with several other packages. An attacker published new versions of four of DuckDB's packages that included malicious code to...

PT-2025-36966

Name of the Vulnerable Software and Affected Versions: DuckDB versions 1.3.3 @duckdb/node-api version 1.3.3 @duckdb/node-bindings version 1.3.3 @duckdb/duckdb-wasm version 1.29.2 Description: DuckDB packages distributed for Node.js on npm were compromised with malware intended to interfere with...

nginx-1.29.1-1.1 on GA media (moderate)

nginx-1.29.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15450-1 Rating: moderate Cross-References: CVE-2025-53859 CVSS scores: CVE-2025-53859 SUSE : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2025-53859 SUSE : 6.3...

OPENSUSE-SU-2025:15449-1 nginx-1.29.1-1.1 on GA media

These are all security issues fixed in the nginx-1.29.1-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2024-33122 · Electron +1 · Electron +1

Name of the Vulnerable Software and Affected Versions: Bruno versions prior to 1.29.1 Description: The issue arises from Bruno's use of Electron's shell.openExternal function without proper validation of URLs, specifically http or https, when opening windows within the Markdown docs viewer. This...

Bruno 安全漏洞

Bruno is an open source IDE for exploring and testing Api from usebruno open source. A security vulnerability exists in Bruno version 1.29.1, which stems from Bruno's use of Electron shell.openExternal to open windows in the Markdown document viewer with no authentication...

CVE-2024-48463

Bruno before 1.29.1 uses Electron shell.openExternal without validation of http or https for opening windows within the Markdown docs viewer...

RHSA-2023:4471 Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.29.1

Bulletin has no description...

WordPress Forminator Plugin <= 1.29.1 is vulnerable to Sensitive Data Exposure

Software Forminator Type Plugin Vulnerable versions = 1.29.1 Fixed in 1.29.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-7389 Patch priority Low CVSS severity Low 5.8 Developer WPMU DEV PSID d0a947757282 Credits Sean Murphy Required privilege...

RHEL 8 : Release of OpenShift Serverless Client kn 1.29.1 (Moderate) (RHSA-2023:4471)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:4471 advisory. Red Hat OpenShift Serverless Client kn 1.29.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.29.1. The kn CLI is delivered as an RPM...

Envoy Security Vulnerabilities

Envoy is an open source distributed proxy server. A security vulnerability exists in Envoy versions prior to 1.29.1, which originates from a denial of service that occurs when using an address type that is not supported by the operating system...

Envoy Code Issue Vulnerability

Envoy is an open source distributed proxy server. A code issue vulnerability exists in Envoy versions prior to 1.29.1 that stems from a denial of service when the command type is LOCAL...