Lucene search
K

24 matches found

OSV
OSV
added last week4 views

GO-2026-5106 CloudNativePG's metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE in github.com/cloudnative-pg/cloudnative-pg

CloudNativePG's metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE in github.com/cloudnative-pg/cloudnative-pg...

9.9CVSS5.8AI score0.0048EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/03 5:5 a.m.11 views

CVE-2026-44477

A flaw was found in CloudNativePG's metrics exporter. The issue arises because the metrics exporter connected to PostgreSQL using a highly privileged account and did not properly restrict privileges during monitoring operations. A low-privileged database user could exploit this behavior through...

9.9CVSS5.9AI score0.0048EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/28 3:46 p.m.8 views

CVE-2026-44477 CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS5.8AI score0.0048EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/28 3:46 p.m.9 views

EUVD-2026-32930

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS5.9AI score0.0048EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:46 p.m.12 views

CVE-2026-44477

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS5.9AI score0.0048EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/28 3:46 p.m.31 views

CVE-2026-44477 CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS0.0048EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 3:46 p.m.24 views

CVE-2026-44477

CVE-2026-44477 affects CloudNativePG prior to 1.29.1 and 1.28.3. The metrics exporter opens a PostgreSQL connection as the superuser and demotes to pg_monitor with SET ROLE, but the session_user remains postgres. Any SQL in the scrape session can call RESET ROLE to recover superuser privileges, t...

9.9CVSS5.9AI score0.0048EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.16 views

PT-2026-41785

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description OpenTelemetry eBPF Instrumentation OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can...

7.5CVSS5.8AI score0.00319EPSS
Exploits1References6
Veracode
Veracode
added 2026/05/16 5:27 a.m.5 views

Privilege Escalation

CloudNativePG is vulnerable to Privilege Escalation. The vulnerability is due to the metrics exporter establishing PostgreSQL sessions as the postgres superuser and relying on SET ROLE for privilege reduction, which allows an attacker to restore superuser privileges using RESET ROLE and execute...

9.9CVSS6AI score0.0048EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2026/05/15 5:16 a.m.26 views

CVE-2026-0481

Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability...

9.2CVSS0.00308EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 3:4 a.m.6 views

CVE-2026-0481

Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability...

9.2CVSS5.8AI score0.00308EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/15 3:4 a.m.7 views

CVE-2026-0481

Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability...

9.2CVSS5.8AI score0.00308EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 3:4 a.m.25 views

EUVD-2026-30502

Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability...

9.2CVSS5.8AI score0.00308EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.15 views

PT-2026-40613

Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability...

9.2CVSS5.8AI score0.00308EPSS
Exploits0References3
Lenovo
Lenovo
added 2026/05/12 4:54 p.m.10 views

AMD Device Metrics Exporter (ROCm ecosystem) Vulnerability - Lenovo Support US

No description provided...

5.8AI score
Exploits0
Amd
Amd
added 2026/05/12 12:0 a.m.12 views

AMD Device Metrics Exporter (ROCm ecosystem) Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0481| Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially...

9.2CVSS5.8AI score0.00308EPSS
Exploits0
Snyk
Snyk
added 2026/05/11 3:59 p.m.6 views

Privilege Dropping / Lowering Errors

Overview Affected versions of this package are vulnerable to Privilege Dropping / Lowering Errors in the metrics exporter. An attacker can gain PostgreSQL superuser privileges and execute arbitrary OS commands as the postgres user inside the primary pod by exploiting the ability to plant shadow...

9.9CVSS6.7AI score0.0048EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/11 3:59 p.m.6 views

Privilege Dropping / Lowering Errors

Overview Affected versions of this package are vulnerable to Privilege Dropping / Lowering Errors in the metrics exporter. An attacker can gain PostgreSQL superuser privileges and execute arbitrary OS commands as the postgres user inside the primary pod by exploiting the ability to plant shadow...

9.9CVSS6.7AI score0.0048EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/11 3:59 p.m.5 views

Privilege Dropping / Lowering Errors

Overview Affected versions of this package are vulnerable to Privilege Dropping / Lowering Errors in the metrics exporter. An attacker can gain PostgreSQL superuser privileges and execute arbitrary OS commands as the postgres user inside the primary pod by exploiting the ability to plant shadow...

9.9CVSS6.7AI score0.0048EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/11 3:59 p.m.4 views

Privilege Dropping / Lowering Errors

Overview Affected versions of this package are vulnerable to Privilege Dropping / Lowering Errors in the metrics exporter. An attacker can gain PostgreSQL superuser privileges and execute arbitrary OS commands as the postgres user inside the primary pod by exploiting the ability to plant shadow...

9.9CVSS6.7AI score0.0048EPSS
Exploits0References3
Rows per page
Query Builder