CVE-2026-6437

A flaw was found in the AWS EFS CSI Driver. Remote authenticated users with PersistentVolume creation permissions can exploit an improper neutralization of argument delimiters by injecting commas into volume handling arguments. This allows for the injection of arbitrary mount options, which could...

Amazon EFS CSI Driver has mount option injection via unsanitized volumeHandle and mounttargetip fields

Summary The Amazon EFS CSI Driver is a Container Storage Interface driver that allows Kubernetes clusters to use Amazon Elastic File System. An issue exists where, under certain circumstances, unsanitized values in the volumeHandle and mounttargetip fields are passed directly to the mount command...

PT-2026-33485

Name of the Vulnerable Software and Affected Versions AWS EFS CSI Driver versions prior to v3.0.1 Description Improper neutralization of argument delimiters in the volume handling component allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount...

CVE-2026-3864

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

EUVD-2026-13831

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

CVE-2026-3864

CVE-2026-3864 affects the Kubernetes CSI Driver for NFS (csi-driver-nfs). The vulnerability arises from insufficient validation of the subDir parameter in volume identifiers, enabling path traversal (../) when creating PersistentVolumes and during volume deletion/cleanup. An attacker with PV crea...

EUVD-2024-3181

Malicious code in bioql PyPI...

EUVD-2024-3170

Malicious code in bioql PyPI...

CVE-2025-5187 vulnerabilities

Vulnerabilities for packages: vcluster, rancher-agent, emissary, mesosphere-vsphere-csi, kapp, rancher-webhook, nodetaint, rancher, kubernetes-dns-node-cache, yunikorn-k8shim, argo-rollouts, ip-masq-agent, k8ssandra-client, rancher-system-agent, kubernetes, kubernetes-csi-driver-hostpath,...

CVE-2022-45157

A vulnerability has been identified in the way that Rancher stores vSphere's CPI Cloud Provider Interface and CSI Container Storage Interface credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext...

SUSE CVE-2024-10975

Nomad Community and Nomad Enterprise "Nomad" volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface CSI volume writes. This vulnerability, identified as CVE-2024-10975, is fixed in Nomad Community Edition 1.9.2 and Nomad...

HCL Nomad 安全漏洞

HCL Nomad is an application for using and managing the Domino application development platform in mobile devices from HCL Corporation, USA. A security vulnerability exists in HCL Nomad that stems from vulnerability to arbitrary cross-namespace volume creation via unauthorized Container Storage...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.3 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.13.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS ba...

HashiCorp Nomad 安全漏洞

HashiCorp Nomad is a simple and flexible scheduler and orchestrator from HashiCorp USA. for managing containerized and non-containerized applications at scale, both locally and in the cloud. A security vulnerability exists in HashiCorp Nomad and Nomad Enterpris that stems from an HTTP search API...

Fluid 安全漏洞

Fluid is an open source Kubernetes native distributed dataset orchestrator and gas pedal from the Cloud Native Computing Foundation for data-intensive applications such as Big Data and AI applications. A security vulnerability exists in Fluid versions 0.7.0 through 0.8.6, which stems from the...

Rancher 安全漏洞

Rancher is an open source container management platform from the US-based Rancher Open Source, built for organizations deploying containers in production environments. Rancher suffers from a security vulnerability that stems from the way CPI and CSI credentials for vSphere are stored, causing...

Is Your Kubernetes Cluster Ready for Version 1.24?

Kubernetes rolled out Version 1.24 on May 3, 2022, as its first release of 2022. This version is packed with some notable improvements, as well as new and deprecated features. In this post, we will cover some of the more significant items on the list. The Dockershim removal The new release has...

Kubernetes SIGs Secrets-store-csi-driver path traversal vulnerability

Kubernetes SIGs Secrets-store-csi-driver is a K8s component for storing confidential files based on CSI volumes from the Kubernetes SIGs organization. A security vulnerability exists in Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16, which can be exploited by an attacker to modi...