GHSA-FW8G-CG8F-9J28 vulnerabilities

Vulnerabilities for packages: cloud-sql-proxy, telegraf, mcp-grafana, metrics-server, istio, opentelemetry-collector-contrib, karma, prometheus, splunk-otel-collector, loki, mc, certificate-transparency, opentelemetry-operator, node-problem-detector, trillian, jaeger, prometheus-pushgateway,...

GHSA-VFFH-X6R8-XX99 vulnerabilities

Vulnerabilities for packages: cloud-sql-proxy, telegraf, mcp-grafana, istio, karma, prometheus, splunk-otel-collector, loki, mc, certificate-transparency, minio-operator, node-problem-detector, trillian, jaeger, prometheus-pushgateway, keda, datadog-agent, minio, minio-object-browser...

CLEANSTART-2026-TF33105 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the minio-client-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-WG18689 attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests

Multiple security vulnerabilities affect the minio-client-fips package. An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. See references for individual vulnerability details...

CLEANSTART-2026-KD20596 Cancelling a query (e

Multiple security vulnerabilities affect the minio-client-fips package. Cancelling a query e. See references for individual vulnerability details...

CLEANSTART-2026-MA27248 Cancelling a query (e

Multiple security vulnerabilities affect the minio-client-fips package. Cancelling a query e. See references for individual vulnerability details...

CLEANSTART-2026-AN66259 attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests

Multiple security vulnerabilities affect the minio-client-fips package. An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. See references for individual vulnerability details...

OPENSUSE-SU-2025:15379-1 minio-client-20250721T052808Z-1.1 on GA media

These are all security issues fixed in the minio-client-20250721T052808Z-1.1 package on the GA media of openSUSE Tumbleweed...

Metasploit Weekly Wrap-Up

New module content 2 Gather Dbeaver Passwords Author: Kali-Team Type: Post Pull request: 17337 contributed by cn-kali-team Description: This adds a post exploit module that retrieves Dbeaver session data from local configuration files. It is able to extract and decrypt credentials stored in these...

Gather MinIO Client Key

This module searches for MinIO Client credentials on a Windows host. Module Options msf use post/multi/gather/minioclient msf postminioclient show actions ...actions... msf postminioclient set ACTION msf postminioclient show options ...show and set options... msf postminioclient run This module...

@cscharpf/minio-client-versioned (>=1.0.0 <=1.0.8), @iliad.dev/strapi-adapter (>=0.0.43 <=0.2.2) +46 more potentially affected by CVE-2021-23470 via putil-merge (>=1.2.0 <=3.13.0)

putil-merge NPM version =1.2.0, =1.0.0, =0.0.43, =0.6.0, =0.12.0, =0.6.0, =0.6.0, =0.6.0, =1.0.0-beta.3, =0.6.0, =0.10.0, =0.6.0, =0.93.1, =4.0.1, =4.0.1, =5.0.3 and more Source cves: CVE-2021-23470 Source advisory: OSV:GHSA-4G77-CVGW-GRVW...

@cscharpf/minio-client-versioned (>=1.0.0 <=1.0.8), @iliad.dev/strapi-adapter (>=0.0.43 <=0.2.2) +46 more potentially affected by CVE-2021-25953 via putil-merge (>=1.2.0 <=3.13.0)

putil-merge NPM version =1.2.0, =1.0.0, =0.0.43, =0.6.0, =0.12.0, =0.6.0, =0.6.0, =0.6.0, =1.0.0-beta.3, =0.6.0, =0.10.0, =0.6.0, =0.93.1, =4.0.1, =4.0.1, =5.0.3 and more Source cves: CVE-2021-25953 Source advisory: OSV:GHSA-9X7M-9HPG-XXMW...