Lucene search
K

813 matches found

Tenable Nessus
Tenable Nessus
added yesterday3 views

Linux Distros Unpatched Vulnerability : CVE-2026-59818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls t...

6.5CVSS6.1AI score0.00364EPSS
Exploits0References3
NVD
NVD
added 3 days ago7 views

CVE-2026-59818

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the --client-crl-file Certificate Revocation List is not enforced on the...

6.5CVSS0.00364EPSS
Exploits0References9
CVE
CVE
added 3 days ago8 views

CVE-2026-59818

etcd prior to versions 3.5.32 and 3.6.13 is vulnerable when listen-client-http-urls splits HTTP and gRPC listeners: the --client-crl-file certificate revocation list is not enforced on the gRPC listener, allowing a client with a revoked certificate to authenticate over gRPC. The issue is fixed in...

6.5CVSS6AI score0.00364EPSS
Exploits0References9
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-59818 etcd: gRPC client listener does not enforce `--client-crl-file` certificate revocation

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the --client-crl-file Certificate Revocation List is not enforced on the...

6.5CVSS0.00364EPSS
Exploits0References9
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

OPENSUSE-SU-2026:11173-1 etcd-3.6.13-1.1 on GA media

These are all security issues fixed in the etcd-3.6.13-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS6AI score0.00435EPSS
Exploits2References2
NVD
NVD
added 2026/06/25 7:16 p.m.9 views

CVE-2026-54250

K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...

5.8CVSS0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 5:56 p.m.27 views

CVE-2026-54250 K3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot Decompression

K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...

5.8CVSS0.00122EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 5:56 p.m.6 views

CVE-2026-54250

K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...

5.8CVSS6AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 1:11 p.m.5 views

OESA-2026-2720 coredns security update

CoreDNS is a fast and flexible DNS server. The key word here is flexible: with CoreDNS you are able to do what you want with your DNS data by utilizing plugins. Security Fixes: CoreDNS is a DNS server that chains plugins. Starting in version 1.2.0 and prior to version 1.12.4, the CoreDNS etcd...

7.1CVSS5.9AI score0.00407EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 10:8 a.m.11 views

RHSA-2026:28047 Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update

Bulletin has no description...

9.1CVSS5.8AI score0.01945EPSS
Exploits4References81
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.14 views

RHEL 9 : Red Hat OpenStack Platform 17.1 (etcd) (RHSA-2026:28047)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:28047 advisory. etcd is a highly-available key value store for shared configuration. Security Fixes: net/url: Memory exhaustion in query parameter parsing ...

10CVSS6AI score0.01945EPSS
Exploits4References22
RedHat Linux
RedHat Linux
added 2026/06/22 9:1 p.m.4 views

etcd: etcd: Authorization bypass allows information disclosure and denial of service

A flaw was found in etcd, a distributed key-value store. Unauthorized users can bypass authentication or authorization checks when the gRPC API is exposed to untrusted clients. This allows them to access sensitive cluster topology information, disrupt operations through alarms, interfere with lea...

8.8CVSS6.1AI score0.00249EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 9:1 p.m.9 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7AI score0.01945EPSS
Exploits4References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.11 views

CVE-2026-6720

When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to talk to the cluster — inline kubeconfig with bearer token,...

7.2CVSS5.6AI score0.00224EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 3:26 p.m.7 views

GHSA-WV8C-6MX2-XF4J Omni: Reader-level users can retrieve imported cluster CA keys via ResourceService

Summary Omni supports importing standalone Talos clusters. During this process, an ImportedClusterSecrets resource is created, which contains the full CA secrets bundle for the cluster being imported. If these secrets are not rotated by the importing actor, an authenticated Omni user with Reader...

7.6CVSS5.6AI score0.00017EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.14 views

PT-2026-46989

Name of the Vulnerable Software and Affected Versions Omni affected versions not specified Description An authenticated user with Reader access can retrieve the ImportedClusterSecrets resource during the process of importing standalone Talos clusters. This resource contains the full CA secrets...

7.6CVSS5.9AI score0.00017EPSS
Exploits0References6
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.20 views

CVE-2026-39821 affecting package etcd for versions less than 3.5.30-2

CVE-2026-39821 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...

9.6CVSS5.8AI score0.00478EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.22 views

CVE-2026-33814 affecting package etcd for versions less than 3.5.30-2

CVE-2026-33814 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...

7.5CVSS5.8AI score0.00781EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.27 views

CVE-2026-29181 affecting package etcd for versions less than 3.5.30-2

CVE-2026-29181 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...

7.5CVSS5.8AI score0.00435EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.14 views

CVE-2026-44283 affecting package etcd for versions less than 3.5.30-2

CVE-2026-44283 affecting package etcd for versions less than 3.5.30-2. An upgraded version of the package is available that resolves this issue...

4.3CVSS5.8AI score0.00225EPSS
Exploits0
Rows per page
Query Builder