813 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-59818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls t...
CVE-2026-59818
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the --client-crl-file Certificate Revocation List is not enforced on the...
CVE-2026-59818
etcd prior to versions 3.5.32 and 3.6.13 is vulnerable when listen-client-http-urls splits HTTP and gRPC listeners: the --client-crl-file certificate revocation list is not enforced on the gRPC listener, allowing a client with a revoked certificate to authenticate over gRPC. The issue is fixed in...
CVE-2026-59818 etcd: gRPC client listener does not enforce `--client-crl-file` certificate revocation
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the --client-crl-file Certificate Revocation List is not enforced on the...
OPENSUSE-SU-2026:11173-1 etcd-3.6.13-1.1 on GA media
These are all security issues fixed in the etcd-3.6.13-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-54250
K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...
CVE-2026-54250 K3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot Decompression
K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...
CVE-2026-54250
K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...
OESA-2026-2720 coredns security update
CoreDNS is a fast and flexible DNS server. The key word here is flexible: with CoreDNS you are able to do what you want with your DNS data by utilizing plugins. Security Fixes: CoreDNS is a DNS server that chains plugins. Starting in version 1.2.0 and prior to version 1.12.4, the CoreDNS etcd...
RHSA-2026:28047 Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update
Bulletin has no description...
RHEL 9 : Red Hat OpenStack Platform 17.1 (etcd) (RHSA-2026:28047)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:28047 advisory. etcd is a highly-available key value store for shared configuration. Security Fixes: net/url: Memory exhaustion in query parameter parsing ...
etcd: etcd: Authorization bypass allows information disclosure and denial of service
A flaw was found in etcd, a distributed key-value store. Unauthorized users can bypass authentication or authorization checks when the gRPC API is exposed to untrusted clients. This allows them to access sensitive cluster topology information, disrupt operations through alarms, interfere with lea...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update
An update for etcd is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2026-6720
When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to talk to the cluster — inline kubeconfig with bearer token,...
GHSA-WV8C-6MX2-XF4J Omni: Reader-level users can retrieve imported cluster CA keys via ResourceService
Summary Omni supports importing standalone Talos clusters. During this process, an ImportedClusterSecrets resource is created, which contains the full CA secrets bundle for the cluster being imported. If these secrets are not rotated by the importing actor, an authenticated Omni user with Reader...
PT-2026-46989
Name of the Vulnerable Software and Affected Versions Omni affected versions not specified Description An authenticated user with Reader access can retrieve the ImportedClusterSecrets resource during the process of importing standalone Talos clusters. This resource contains the full CA secrets...
CVE-2026-39821 affecting package etcd for versions less than 3.5.30-2
CVE-2026-39821 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...
CVE-2026-33814 affecting package etcd for versions less than 3.5.30-2
CVE-2026-33814 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...
CVE-2026-29181 affecting package etcd for versions less than 3.5.30-2
CVE-2026-29181 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...
CVE-2026-44283 affecting package etcd for versions less than 3.5.30-2
CVE-2026-44283 affecting package etcd for versions less than 3.5.30-2. An upgraded version of the package is available that resolves this issue...