Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Cvelist
Cvelistadded 2026/01/21 10:25 p.m.16 views

CVE-2026-23990 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims

The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...

5.3CVSS0.00303EPSS
Exploits0References4
Veracode
Veracodeadded 2025/12/11 10:3 a.m.5 views

Improper Permission Assignment

Strimzi is vulnerable to Improper Permission Assignment. The vulnerability is due to Strimzi creating an incorrect Kubernetes Role that grants Kafka Connect and MirrorMaker 2 operands GET access to all Secrets in the namespace, allowing these components to read sensitive data they should not have...

7.4CVSS6.9AI score0.00178EPSS
Exploits0References4Affected Software1
CNNVD
CNNVDadded 2025/12/05 12:0 a.m.3 views

Strimzi 安全漏洞

Strimzi is a program from the Strimzi open source that allows running Apache Kafka clusters on Kubernetes in various deployment configurations. A security vulnerability exists in Strimzi versions 0.47.0 through prior to 0.49.1, which stems from the creation of incorrect Kubernetes roles and could...

7.4CVSS6.3AI score0.00178EPSS
Exploits0References3
Rows per page
Query Builder