Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-2000

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00186EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-1986

Malicious code in bioql PyPI...

9.1CVSS8.8AI score0.00127EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEVadded 2024/12/03 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-36111

KubePi is a K8s panel. Starting in version 1.6.3 and prior to version 1.8.0, there is a defect in the KubePi JWT token verification. The JWT key in the default configuration file is empty. Although a random 32-bit string will be generated to overwrite the key in the configuration file when the...

6.3CVSS5.8AI score0.61088EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/07/25 12:0 a.m.3 views

1Panel KubePi 安全漏洞

1Panel KubePi is a K8s panel from the Chinese company 1Panel. It allows administrators to import multiple Kubernetes clusters and assign permissions for different clusters, namespaces to specified users through permission control. A security vulnerability exists in 1Panel KubePi version 1.6.3 up ...

6.3CVSS6.6AI score0.61088EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEVadded 2023/12/04 12:0 a.m.2 views

VulnCheck KEV: CVE-2023-22478

KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and may leak sensitive information. This issue has been patched in version 1.6.4. There are currently no known workarounds...

7.5CVSS7AI score0.81122EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/07/21 12:0 a.m.1 views

PT-2023-26184 · Kubepi · Kubepi

Name of the Vulnerable Software and Affected Versions: KubePi versions prior to 1.6.5 Description: A normal user in KubePi, an open-source Kubernetes management panel, has the permission to create or update users. By editing the isadmin value in the request, any user can become an admin, thus...

9.1CVSS6.9AI score0.00127EPSS
Exploits1References9
Vulnrichment
Vulnrichmentadded 2023/01/14 12:22 a.m.5 views

CVE-2023-22478 KubePi is vulnerable to missing authorization

KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and may leak sensitive information. This issue has been patched in version 1.6.4. There are currently no known workarounds...

7.3CVSS7.5AI score0.81122EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/01/10 8:34 p.m.11 views

CVE-2023-22479 KubePi vulnerable to session fixation attack

KubePi is a modern Kubernetes panel. A session fixation attack allows an attacker to hijack a legitimate user session, versions 1.6.3 and below are susceptible. A patch will be released in version 1.6.4...

7.5CVSS7.6AI score0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/01/04 3:4 p.m.7 views

CVE-2023-22463 KubePi's Hardcoded Jwtsigkeys allows malicious actor to login with a forged JWT token

KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...

9.8CVSS9.8AI score0.91521EPSS
Exploits1References4
Rows per page
Query Builder