385 matches found
CVE-2026-57522
Bitwarden Server before 2026.5.0 contains a JSON injection vulnerability in IntegrationTemplateProcessor.ReplaceTokens, which substitutes user-controlled values into event-integration templates without JSON encoding. When an organization has configured an event integration whose template referenc...
EUVD-2026-39543
Bitwarden Server before 2026.5.0 contains a JSON injection vulnerability in IntegrationTemplateProcessor.ReplaceTokens, which substitutes user-controlled values into event-integration templates without JSON encoding. When an organization has configured an event integration whose template referenc...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ecs, crossplane-provider-azure-relay, drone-fips, cadvisor-fips, dapr, helmfile, kyverno, neuvector, percona-backup-mongodb-fips, tetragon, crossplane-provider-azure-authorization, eck-operator-fips, databricks-cli-fips, datadog-agent-fips,...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ecs, crossplane-provider-azure-relay, drone-fips, cadvisor-fips, dapr, helmfile, kyverno, neuvector, percona-backup-mongodb-fips, tetragon, crossplane-provider-azure-authorization, eck-operator-fips, databricks-cli-fips, datadog-agent-fips,...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: crossplane-provider-keycloak, crossplane-provider-azure-authorization, rancher-system-agent, ferretdb, trufflehog, zot, manifest-tool, flux-image-reflector-controller, kiali, dbmate, cilium, cluster-api-aws-controller, promxy, steampipe, hydra, gitaly, ksops,...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: crossplane-provider-keycloak, crossplane-provider-azure-authorization, rancher-system-agent, ferretdb, trufflehog, zot, manifest-tool, flux-image-reflector-controller, kiali, dbmate, cilium, cluster-api-aws-controller, promxy, steampipe, hydra, gitaly, ksops,...
GHSA-JQ35-7PRP-9V3F vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
GHSA-FHV5-28VV-H8M8 vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
CVE-2026-48525 vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
CVE-2026-48526 vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
GHSA-XGMM-8J9V-C9WX vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
GHSA-W7VC-732C-9M39 vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
CVE-2026-48523 vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
CVE-2026-48522 vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
CVE-2026-48524 vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
GHSA-993G-76C3-P5M4 vulnerabilities
Vulnerabilities for packages: kserve, ggshield, superset, datadog-agent...
Malicious code in @mastra/datadog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 419bbaa0a59a504f999013baee0011006c5cc6326045c0424705d91d3ac10c75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5943 Malicious code in @mastra/datadog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 419bbaa0a59a504f999013baee0011006c5cc6326045c0424705d91d3ac10c75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2026-36762
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...
CVE-2026-39197
An issue in the /util/http/prelude.rs endpoint of Datadog, Inc Vector v0.54.0 allows attackers to cause a Denial of Service DoS via a crafted request or payload...