138 matches found
EUVD-2026-43544
Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...
CVE-2026-62185
The CVE-2026-62185 affects the Argo CD Helm Chart prior to 10.0.0, which fails to install network policies by default. As a result, any pod on the cluster can access the repo-server and other Argo APIs, enabling unrestricted network access. This can lead to cluster compromise and remote code exec...
PT-2026-57887
Name of the Vulnerable Software and Affected Versions Argo CD Helm Chart versions prior to 10.0.0 Description The software fails to install network policies by default, which allows any pod within the cluster to access the repo-server and other Argo APIs. This unrestricted network access can be...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the processing of user-supplied URLs in outgoing HTTP components, including notification channels, OIDC backchannel logout, and SAML metadata fetches. An attacker can access internal network resources...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from insufficient implementation of network policies...
GHSA-C82X-F4XR-QV33 epa4all-client: Unauthenticated REST API for Patient Record Writes
Impact Any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g., following the production Docker example in the README, this is exploitable from the local network without...
PT-2026-46857
Impact Any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g., following the production Docker example in the README, this is exploitable from the local network without...
CLEANSTART-2026-AY21238 security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion
Security vulnerability affects the kubernetes-dns-node-cache package. A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion...
CVE-2026-32595
A flaw was found in Traefik. An unauthenticated attacker can exploit a timing attack vulnerability in the BasicAuth middleware. By observing the time it takes for the middleware to respond, an attacker can determine if a submitted username is valid or not. This information disclosure allows for...
Chall-Manager 访问控制错误漏洞
Chall-Manager is an open-source project developed by CTFer.io. Versions of Chall-Manager prior to 0.6.5 contained a access control vulnerability, which was caused by incorrect network policy configurations. This vulnerability could lead to lateral movement...
EUVD-2026-8793
ZITADEL has potential SSRF via Actions...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Actions V2 webhook. An attacker can access internal network resources and gather information about internal services by specifying target URLs that resolve to local hosts or internal IP addresses...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Actions V2 webhook. An attacker can access internal network resources and gather information about internal services by specifying target URLs that resolve to local hosts or internal IP addresses...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Actions V2 webhook. An attacker can access internal network resources and gather information about internal services by specifying target URLs that resolve to local hosts or internal IP addresses...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Actions V2 webhook. An attacker can access internal network resources and gather information about internal services by specifying target URLs that resolve to local hosts or internal IP addresses...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Actions V2 webhook. An attacker can access internal network resources and gather information about internal services by specifying target URLs that resolve to local hosts or internal IP addresses...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Actions V2 webhook. An attacker can access internal network resources and gather information about internal services by specifying target URLs that resolve to local hosts or internal IP addresses...
CVE-2026-27945
CVE-2026-27945 affects Zitadel Action V2/3.x leading to potential SSRF via Action target URLs that point to local hosts/IPs. The issue: Action endpoints may be able to gather internal network information or reach internal services when the target URL is local, potentially exposing internal topolo...
PT-2026-22070
Name of the Vulnerable Software and Affected Versions ZITADEL versions 2.59.0 through 4.10.0 Description ZITADEL is an open source identity management platform. The Zitadel Action V2 feature, introduced as an early preview in version 2.59.0, beta in 3.0.0, and generally available in 4.0.0, allows...
Antrea has invalid enforcement order for network policy rules caused by integer overflow
Impact Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with various priority values. This results in potentially incorrect traffic enforcement. If a user creates ...