181 matches found
CVE-2026-15737
AWS Bedrock AgentCore Python SDK is an open-source Python library that provides client tools for building AI agents on the Amazon Bedrock AgentCore platform. Unintended logging of sensitive user content in the OpenTelemetry instrumentation in AWS Bedrock AgentCore Python SDK versions 1.4.8 and...
EUVD-2026-44988
AWS Bedrock AgentCore Python SDK is an open-source Python library that provides client tools for building AI agents on the Amazon Bedrock AgentCore platform. Unintended logging of sensitive user content in the OpenTelemetry instrumentation in AWS Bedrock AgentCore Python SDK versions 1.4.8 and...
CVE-2026-15737
AWS Bedrock AgentCore Python SDK is an open-source Python library that provides client tools for building AI agents on the Amazon Bedrock AgentCore platform. Unintended logging of sensitive user content in the OpenTelemetry instrumentation in AWS Bedrock AgentCore Python SDK versions 1.4.8 and...
CVE-2026-15737 Sensitive content disclosure via OpenTelemetry spans in AgentCore Python SDK
AWS Bedrock AgentCore Python SDK is an open-source Python library that provides client tools for building AI agents on the Amazon Bedrock AgentCore platform. Unintended logging of sensitive user content in the OpenTelemetry instrumentation in AWS Bedrock AgentCore Python SDK versions 1.4.8 and...
CVE-2026-15737
CVE-2026-15737 affects the AWS Bedrock AgentCore Python SDK. Unintended logging of sensitive user content occurs in the OpenTelemetry instrumentation for SDK versions 1.4.8 and 1.5.0, where raw user prompts and complete agent responses were written into OpenTelemetry span attributes on every invo...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: authentik, prometheus, gotrue, crossplane-provider-aws-ec2-fips, newrelic-infrastructure-agent, crossplane-provider-aws-kms-fips, pinniped-fips, crossplane-provider-aws-imagebuilder-fips, stunnerd, percona-xtradb-cluster-operator, flux-helm-controller-fips,...
Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2026-3389 (ALAS-2026-3389)
The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300067.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3389 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...
Important: amazon-cloudwatch-agent
Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...
CLEANSTART-2026-MJ26242 Security fixes for CVE-2026-41602, ghsa-wf45-q9ch-q8gh applied in versions: 1.300066.1-r0
Multiple security vulnerabilities affect the amazon-cloudwatch-agent-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-GA28186 Security fixes for CVE-2026-41602 applied in versions: 1.300066.1-r0
Security vulnerability affects the amazon-cloudwatch-agent package. This issue is resolved in later releases. See references for vulnerability details...
CLEANSTART-2026-XQ84127 Security fixes for CVE-2025-47914, CVE-2025-58181, CVE-2026-29181, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 3.4.0-r0
Multiple security vulnerabilities affect the amazon-cloudwatch-agent-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
OPENSUSE-SU-2026:10699-1 amazon-cloudwatch-agent-1.300066.1-1.1 on GA media
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-38516
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
GHSA-MH2Q-Q3FH-2475 vulnerabilities
Vulnerabilities for packages: k8ssandra-client, cadvisor, step-issuer, redpanda, argo-rollouts, net-kourier, crossplane-provider-aws-elasticache, cilium-cli, kubernetes-csi-driver-hostpath, vexctl, crossplane-provider-azure-storage, ko, crossplane-provider-aws-cloudwatchlogs, istio, litestream,...
CVE-2026-29181 vulnerabilities
Vulnerabilities for packages: k8ssandra-client, cadvisor, step-issuer, redpanda, argo-rollouts, net-kourier, crossplane-provider-aws-elasticache, cilium-cli, kubernetes-csi-driver-hostpath, vexctl, crossplane-provider-azure-storage, ko, crossplane-provider-aws-cloudwatchlogs, istio, litestream,...
Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2026-3248 (ALAS-2026-3248)
"The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300064.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3248 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: fscrypt, keda, ingress-nginx-controller, falco-no-driver, grafana, snyk-cli, libnvidia-container, flux, knative-operator, argo-cd, net-kourier, spire-server, kubernetes, telegraf, mattermost, fuse-overlayfs-snapshotter, cilium-cli, kubernetes-dashboard,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: kbld, ingress-nginx-controller, kubernetes-dashboard-metrics-scraper, grpcurl, goreleaser, croc, knative-operator, mariadb-operator, argo-rollouts, delve, crossplane-provider-azure-storage, lvm-driver, vale, docker-cli-buildx, kind, portieris, syft, vendir,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: prometheus, crossplane-provider-aws-ec2-fips, kube-bench, docker-credential-acr-env-fips, newrelic-infrastructure-agent, nri-couchbase-fips, wavefront-collector-for-kubernetes, crossplane-provider-aws-kms-fips, longhorn-backing-image-manager, chart-testing-fips,...
CVE-2026-32287 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-kms, crossplane-provider-aws-ec2-fips, crossplane-provider-aws-kinesis-fips, crossplane-provider-aws-rds-fips, crossplane-provider-aws-elasticache-fips, crossplane-provider-aws-kms-fips, crossplane-provider-aws-sqs, amazon-cloudwatch-agent-fip...