384 matches found
EUVD-2026-39543
Bitwarden Server before 2026.5.0 contains a JSON injection vulnerability in IntegrationTemplateProcessor.ReplaceTokens, which substitutes user-controlled values into event-integration templates without JSON encoding. When an organization has configured an event integration whose template referenc...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: ansible-operator-fips, kubescape-operator, flux-helm-controller, cadvisor-fips, cloudbeat, aws-ebs-csi-driver, crossplane-provider-gcp-beta-container, rancher-system-agent, gotrue, prometheus, gitlab-cng, gitlab-pages, spicedb, zarf, zarf-fips, crossplane,...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: ansible-operator-fips, kubescape-operator, flux-helm-controller, cadvisor-fips, cloudbeat, aws-ebs-csi-driver, crossplane-provider-gcp-beta-container, rancher-system-agent, gotrue, prometheus, gitlab-cng, gitlab-pages, spicedb, zarf, zarf-fips, crossplane,...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: rancher-system-agent, vcluster, docker-compose, cloud-provider-azure, dapr, blob-csi, cloudflared, crossplane-provider-keycloak, zot, kiali, flux-notification-controller, yunikorn-k8shim, zarf, kubernetes-csi-external-snapshotter, boring-registry, azurefile-csi,...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: rancher-system-agent, vcluster, docker-compose, cloud-provider-azure, dapr, blob-csi, cloudflared, crossplane-provider-keycloak, zot, kiali, flux-notification-controller, yunikorn-k8shim, zarf, kubernetes-csi-external-snapshotter, boring-registry, azurefile-csi,...
CVE-2026-48525 vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
CVE-2026-48523 vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
CVE-2026-48524 vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
GHSA-993G-76C3-P5M4 vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
GHSA-JQ35-7PRP-9V3F vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
GHSA-FHV5-28VV-H8M8 vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
GHSA-XGMM-8J9V-C9WX vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
GHSA-W7VC-732C-9M39 vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
CVE-2026-48522 vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
CVE-2026-48526 vulnerabilities
Vulnerabilities for packages: datadog-agent, superset, ggshield, kserve...
Malicious code in @mastra/datadog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 419bbaa0a59a504f999013baee0011006c5cc6326045c0424705d91d3ac10c75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5943 Malicious code in @mastra/datadog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 419bbaa0a59a504f999013baee0011006c5cc6326045c0424705d91d3ac10c75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2026-36762
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...
CVE-2026-39197
An issue in the /util/http/prelude.rs endpoint of Datadog, Inc Vector v0.54.0 allows attackers to cause a Denial of Service DoS via a crafted request or payload...
CVE-2026-39196
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...