CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Chainguard•added 2026/04/11 2:18 a.m.•9 views

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: cloudbeat, opa-fips-envoy, scorecard, kubevela-fips, kind, policy-controller, helm-fips, vendir-fips, opentofu-fips, redka, filebrowser, cluster-autoscaler-fips, crossplane, vault-benchmark, syft, bom, nats-fips, kyverno-fips, wal-g, vendir, knative-operator-fips,...

5.5CVSS5.2AI score0.00004EPSS

Chainguard•added 2026/04/11 2:18 a.m.•7 views

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Chainguard•added 2026/04/11 2:18 a.m.•5 views

CVE-2026-32289 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-snapshotter-fips, promxy, terraform-provider-azapi, cloudbeat, opa-fips-envoy, scorecard, kubevela-fips, prometheus-pushgateway-fips, policy-controller, helm-fips, prometheus-pgbouncer-exporter, spicedb-operator-fips, k8s-metacollector,...

6.1CVSS7.1AI score0.00011EPSS

Chainguard•added 2026/04/11 2:18 a.m.•4 views

GHSA-7MR4-XJXG-34G6 vulnerabilities

Chainguard•added 2026/04/11 2:18 a.m.•5 views

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: terraform-provider-azapi, opa-fips-envoy, helm-fips, kubernetes-dashboard-api, fq, crossplane-provider-aws-elasticache-fips, renovate, vendir, promxy-fips, cue, migrate, caddy, s5cmd-fips, configmap-reload, aws-fsx-csi-driver-fips, consul, virt-api,...

Chainguard•added 2026/04/11 2:18 a.m.•3 views

GHSA-GJVH-7JH8-7XHM vulnerabilities

Vulnerabilities for packages: newrelic-k8s-metadata-injection, kubernetes-csi-external-snapshotter-fips, promxy, victoriametrics-operator-fips, terraform-provider-azapi, cloudbeat, opa-fips-envoy, scorecard, kubevela-fips, kind, mockery, prometheus-pushgateway-fips, policy-controller, helm-fips,...

Chainguard•added 2026/04/11 2:18 a.m.•7 views

CVE-2026-32281 vulnerabilities

7.5CVSS7.1AI score0.00022EPSS

Chainguard•added 2026/04/11 2:18 a.m.•8 views

CVE-2026-32283 vulnerabilities

7.5CVSS7.1AI score0.00019EPSS

Chainguard•added 2026/04/10 2:13 a.m.•2 views

GHSA-P423-J2CM-9VMQ vulnerabilities

Vulnerabilities for packages: airflow-core, authentik, gitlab-cng-fips, barman, wazuh-manager, jupyter-base-notebook, pgadmin4, ggshield, vllm-openai-cuda-12.9, datadog-agent-fips, kubeflow-volumes-web-app, mycli, dask-kubernetes, dagster, py3-cassandra-medusa, k8s-sidecar, nemo, opal,...

Chainguard•added 2026/04/10 2:13 a.m.•3 views

CVE-2026-39892 vulnerabilities

9.8CVSS6AI score0.00023EPSS

Tenable Nessus•added 2026/04/10 12:0 a.m.•7 views

FreeBSD : Gitlab -- vulnerabilities (099d4998-33cc-11f1-a7d1-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 099d4998-33cc-11f1-a7d1-2cf05da270f3 advisory. Gitlab reports: Exposed Method issue in websocket connections impacts GitLab CE/EE Denial of...

8.5CVSS7.3AI score0.00057EPSS

Exploits0References14

EUVD•added 2026/04/09 12:32 a.m.•2 views

EUVD-2026-20793

GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authenticated user to leak IP addresses of users viewing the report via specially crafted content...

5.7CVSS5.9AI score0.0004EPSS

EUVD•added 2026/04/09 12:32 a.m.•5 views

EUVD-2025-209367

GitLab has remediated an issue in GitLab EE affecting all versions from 16.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an authenticated user to have access to other users' email addresses via certain GraphQL queries...

4.3CVSS5.9AI score0.00017EPSS

EUVD•added 2026/04/09 12:32 a.m.•1 views

EUVD-2026-20801

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with custom role permissions to demote or remove higher-privileged group members due to improper authorization...

2.7CVSS5.9AI score0.00014EPSS

EUVD•added 2026/04/09 12:32 a.m.•2 views

EUVD-2026-20797

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to access confidential issues assigned to other users via CSV export due to insufficient authorization checks...

4.3CVSS5.9AI score0.00017EPSS

EUVD•added 2026/04/09 12:32 a.m.•1 views

EUVD-2026-20795

GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in t...

4.3CVSS5.9AI score0.00011EPSS

EUVD•added 2026/04/09 12:32 a.m.•5 views

EUVD-2025-209365

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries...

7.5CVSS5.9AI score0.00057EPSS