Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/05/24 9:15 a.m.10 views

EUVD-2026-31584

A weakness has been identified in ulisesbocchio jasypt-spring-boot up to 3.0.5/4.0.4. Affected by this vulnerability is the function getSecretKeySaltGenerator of the file jasypt-spring-boot/src/main/java/com/ulisesbocchio/jasyptspringboot/encryptor/SimpleGCMConfig.java of the component Password...

6.3CVSS5.1AI score0.00019EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2026/02/07 12:25 a.m.3 views

SUSE CVE-2026-22822

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Starting in version 0.20.2 and prior to version 1.2.0, the getSecretKey template function, while introduced for senhasegura Devops Secrets Management DSM provider, ha...

9.3CVSS5.3AI score0.00007EPSS
Exploits0References3
OSV
OSVadded 2026/02/03 8:37 p.m.1 views

GO-2026-4330 External Secrets Operator insecurely retrieves secrets through the getSecretKey templating function in github.com/external-secrets/external-secrets

External Secrets Operator insecurely retrieves secrets through the getSecretKey templating function in github.com/external-secrets/external-secrets...

9.3CVSS5.2AI score0.00007EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.3 views

PT-2026-6506

External Secrets Operator insecurely retrieves secrets through the getSecretKey templating function in github.com/external-secrets/external-secrets...

5.4AI score
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/01/21 9:22 p.m.4 views

CVE-2026-22822

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Starting in version 0.20.2 and prior to version 1.2.0, the getSecretKey template function, while introduced for senhasegura Devops Secrets Management DSM provider, ha...

9.3CVSS5.3AI score0.00007EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2026/01/21 9:22 p.m.6 views

CVE-2026-22822 External Secrets Operator insecurely retrieves secrets through the getSecretKey templating function

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Starting in version 0.20.2 and prior to version 1.2.0, the getSecretKey template function, while introduced for senhasegura Devops Secrets Management DSM provider, ha...

9.3CVSS5.5AI score0.00007EPSS
Exploits0References7
CNNVD
CNNVDadded 2026/01/21 12:0 a.m.3 views

External Secrets Security Vulnerabilities

External Secrets is an open-source Kubernetes-related application developed by External Secrets. There were security vulnerabilities in versions 0.20.2 to 1.2.0 of External Secrets. These vulnerabilities stemmed from the getSecretKey template function, which allowed access to secrets across...

9.3CVSS5.8AI score0.00007EPSS
Exploits0References5
Rows per page
Query Builder