Lucene search
K

163 matches found

Wolfi
Wolfi
β€’added 2026/04/12 2:46 a.m.β€’4 views

CVE-2026-22822 vulnerabilities

Vulnerabilities for packages: external-secrets-operator...

9.3CVSS5.8AI score0.00175EPSS
Exploits0
Wolfi
Wolfi
β€’added 2026/04/12 2:46 a.m.β€’7 views

GHSA-77V3-R3JW-J2V2 vulnerabilities

Vulnerabilities for packages: external-secrets-operator...

5.8AI score
Exploits0
Chainguard
Chainguard
β€’added 2026/04/11 2:18 p.m.β€’5 views

GHSA-77V3-R3JW-J2V2 vulnerabilities

Vulnerabilities for packages: external-secrets-operator...

5.8AI score
Exploits0
Chainguard
Chainguard
β€’added 2026/04/11 2:18 p.m.β€’6 views

CVE-2026-22822 vulnerabilities

Vulnerabilities for packages: external-secrets-operator...

9.3CVSS7.3AI score0.00175EPSS
Exploits0
OSV
OSV
β€’added 2026/04/01 10:1 a.m.β€’3 views

CLEANSTART-2026-PP64690 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-1229, CVE-2026-25934, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-q9hv-hpm4-hj6x applied in versions: 0.20.4-r1, 0.20.4-r2, 0.20.4-r3

Multiple security vulnerabilities affect the external-secrets-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.8AI score0.01945EPSS
Exploits2References20
OSV
OSV
β€’added 2026/04/01 10:0 a.m.β€’12 views

CLEANSTART-2026-SW07802 Security fixes for CVE-2025-61729 applied in versions: 1.1.0-r0

Security vulnerability affects the external-secrets package. This issue is resolved in later releases. See references for vulnerability details...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References3
OSV
OSV
β€’added 2026/04/01 9:18 a.m.β€’5 views

CLEANSTART-2026-MX45462 Security fixes for CVE-2025-61729 applied in versions: 1.1.0-r0

Security vulnerability affects the external-secrets package. This issue is resolved in later releases. See references for vulnerability details...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References3
Chainguard
Chainguard
β€’added 2026/03/31 7:55 a.m.β€’8 views

CVE-2026-34165 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, cloudbeat, trivy-operator-fips, nemo, kyverno-fips, rancher-fleet, argo-cd-fips, gitaly-fips, guac, gitea-fips, chainctl-fips, scorecard, nuclei, k9s, grype-db, pulumi-language-yaml, kubescape-server-fips, wolfictl, cg, grype, src-fingerprint-fips,...

5CVSS6.1AI score0.00147EPSS
Exploits0
Chainguard
Chainguard
β€’added 2026/03/31 7:55 a.m.β€’7 views

GHSA-GM2X-2G9H-CCM8 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, cloudbeat, trivy-operator-fips, nemo, kyverno-fips, rancher-fleet, argo-cd-fips, gitaly-fips, guac, gitea-fips, chainctl-fips, scorecard, nuclei, k9s, grype-db, pulumi-language-yaml, kubescape-server-fips, wolfictl, cg, grype, src-fingerprint-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
β€’added 2026/03/31 7:55 a.m.β€’30 views

CVE-2026-33762 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, cloudbeat, trivy-operator-fips, nemo, kyverno-fips, rancher-fleet, argo-cd-fips, gitaly-fips, guac, gitea-fips, chainctl-fips, scorecard, nuclei, k9s, grype-db, pulumi-language-yaml, kubescape-server-fips, wolfictl, cg, grype, src-fingerprint-fips,...

2.8CVSS6.1AI score0.00153EPSS
Exploits0
Wolfi
Wolfi
β€’added 2026/03/31 7:48 a.m.β€’12 views

CVE-2026-34165 vulnerabilities

Vulnerabilities for packages: kubevela, skaffold, dagger, pulumi-language-dotnet, kaniko, snyk-cli, kargo, pulumi-language-yaml, argo-cd, scorecard, zot, trufflehog, grype, osv-scanner, bom, argocd-image-updater, pulumi, kyverno, nuclei, chezmoi, apko, gitaly, kubescape, nfpm, wolfictl,...

5CVSS6.1AI score0.00147EPSS
Exploits0
Wolfi
Wolfi
β€’added 2026/03/31 7:48 a.m.β€’11 views

GHSA-GM2X-2G9H-CCM8 vulnerabilities

Vulnerabilities for packages: kubevela, skaffold, dagger, pulumi-language-dotnet, kaniko, snyk-cli, kargo, pulumi-language-yaml, argo-cd, scorecard, zot, trufflehog, grype, osv-scanner, bom, argocd-image-updater, pulumi, kyverno, nuclei, chezmoi, apko, gitaly, kubescape, nfpm, wolfictl,...

6.1AI score
Exploits0
Wolfi
Wolfi
β€’added 2026/03/31 7:48 a.m.β€’10 views

GHSA-JHF3-XXHW-2WPP vulnerabilities

Vulnerabilities for packages: kubevela, skaffold, dagger, pulumi-language-dotnet, kaniko, snyk-cli, kargo, pulumi-language-yaml, argo-cd, scorecard, zot, trufflehog, grype, osv-scanner, bom, argocd-image-updater, pulumi, kyverno, nuclei, chezmoi, apko, gitaly, kubescape, nfpm, wolfictl,...

6.1AI score
Exploits0
Wolfi
Wolfi
β€’added 2026/03/31 7:48 a.m.β€’21 views

CVE-2026-33762 vulnerabilities

Vulnerabilities for packages: kubevela, skaffold, dagger, pulumi-language-dotnet, kaniko, snyk-cli, kargo, pulumi-language-yaml, argo-cd, scorecard, zot, trufflehog, grype, osv-scanner, bom, argocd-image-updater, pulumi, kyverno, nuclei, chezmoi, apko, gitaly, kubescape, nfpm, wolfictl,...

2.8CVSS6.1AI score0.00153EPSS
Exploits0
EUVD
EUVD
β€’added 2026/03/25 10:5 p.m.β€’8 views

EUVD-2026-15953

n8n Has External Secrets Authorization Bypass in Credential Saving...

7.3CVSS5.8AI score0.0026EPSS
Exploits0References2
Github Security Blog
Github Security Blog
β€’added 2026/03/25 10:5 p.m.β€’7 views

n8n Has External Secrets Authorization Bypass in Credential Saving

Impact An authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the externalSecret:list permission check and allowed access to secrets stored in...

7.3CVSS5.8AI score0.0026EPSS
Exploits0References3Affected Software1
OSV
OSV
β€’added 2026/03/25 10:5 p.m.β€’5 views

GHSA-FXCW-H3QJ-8M8P n8n Has External Secrets Authorization Bypass in Credential Saving

Impact An authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the externalSecret:list permission check and allowed access to secrets stored in...

7.3CVSS5.8AI score0.0026EPSS
Exploits0References3
NVD
NVD
β€’added 2026/03/25 7:16 p.m.β€’8 views

CVE-2026-33722

n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the...

7.3CVSS0.0026EPSS
Exploits0References1
Vulnrichment
Vulnrichment
β€’added 2026/03/25 6:9 p.m.β€’3 views

CVE-2026-33722 n8n Has External Secrets Authorization Bypass in Credential Saving

n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the...

7.3CVSS5.8AI score0.0026EPSS
Exploits0References1
CVE
CVE
β€’added 2026/03/25 6:9 p.m.β€’14 views

CVE-2026-33722

CVE-2026-33722 (n8n) : An authenticated-but-low-privilege user could bypass the external secret list permission by referencing a secret by its external name in a credential, gaining plaintext access to secrets in connected vaults. The issue requires an instance with an external secrets vault conf...

7.3CVSS5.8AI score0.0026EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder