Lucene search
K

422 matches found

Chainguard
Chainguard
added 5 days ago6 views

GHSA-FF52-PH69-CF7X vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-networkmanager, policy-bot, crossplane-provider-azure-signalrservice, fairwinds-gemini-fips, generic-device-plugin-fips, timoni, crossplane-provider-aws-waf-fips, aws-application-networking-k8s, cluster-api, dataplaneapi-fips, gpu-operator,...

6.1AI score
Exploits0
Fedora
Fedora
added 2026/06/27 1:12 a.m.8 views

[SECURITY] Fedora 44 Update: openbao-2.5.5-1.fc44

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.16 views

GHSA-RM3J-F69W-WQMQ vulnerabilities

Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, crossplane-provider-aws-s3, ksops, crossplane-provider-aws-eks, crossplane-provider-aws-kms, gomplate, src, wolfictl, caddy, crossplane-provider-aws-lambda, crossplane-provider-aws-dynamodb, fulcio, docker-compose,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, ksops, gomplate, wolfictl, caddy, fulcio, vault-benchmark, telegraf, cosign, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, crossplane-provider-azure-authorization, gh,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.9 views

GHSA-F5WC-C3C7-36MC vulnerabilities

Vulnerabilities for packages: snyk-cli, pulumi-language-yaml, terragrunt, gomplate, wolfictl, caddy, telegraf, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, pulumi-language-dotnet, teleport, go-discover, opentofu, gitlab-kas, zot, nerdctl, kubernetes-dashboar...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5674 OpenBao's Namespace Deletion May Not Delete Data Properly in github.com/openbao/openbao

OpenBao's Namespace Deletion May Not Delete Data Properly in github.com/openbao/openbao...

7.5CVSS5.8AI score0.00248EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 10:34 p.m.6 views

GO-2026-5517 OpenBao's System Backend allows Unauthorized Management of the containing Namespace in github.com/openbao/openbao

OpenBao's System Backend allows Unauthorized Management of the containing Namespace in github.com/openbao/openbao...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/25 10:34 p.m.3 views

GO-2026-5526 OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation in github.com/openbao/openbao

OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation in github.com/openbao/openbao...

2.7CVSS5.8AI score0.00301EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5609 OpenBao: Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS) in github.com/openbao/openbao

OpenBao: Decompression Bomb via Unbounded Copy in OCI Plugin Extraction DoS in github.com/openbao/openbao...

6.5CVSS5.8AI score0.00218EPSS
Exploits1References5
OSV
OSV
added 2026/06/25 6:43 p.m.5 views

GO-2026-5304 OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/{revoke,renew} — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao

OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/revoke,renew — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/06/25 6:43 p.m.5 views

GO-2026-5182 OpenBao: LDAPi ldaputil (wrong escape func) in github.com/openbao/openbao

OpenBao: LDAPi ldaputil wrong escape func in github.com/openbao/openbao...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/06/25 6:43 p.m.2 views

GO-2026-5192 OpenBao's SQL Injection in PostgreSQL database secrets engine in github.com/openbao/openbao

OpenBao's SQL Injection in PostgreSQL database secrets engine in github.com/openbao/openbao...

4.9CVSS5.9AI score0.00235EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 6:43 p.m.14 views

GO-2026-5267 OpenBao: Transit secrets engine crashes on key creation with `derived: true` for asymmetric key types in github.com/openbao/openbao

OpenBao: Transit secrets engine crashes on key creation with derived: true for asymmetric key types in github.com/openbao/openbao...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/06/25 6:43 p.m.3 views

GO-2026-5213 OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate in github.com/openbao/openbao

OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate in github.com/openbao/openbao...

3.1CVSS5.8AI score0.00101EPSS
Exploits0References5
OSV
OSV
added 2026/06/19 9:42 p.m.9 views

GHSA-8W8F-R2XV-4Q4J OpenBao: Transit secrets engine crashes on key creation with `derived: true` for asymmetric key types

On OpenBao 2.5.4 and 2.5.2and likely earlier versions also, an authenticated caller with write access to transit/keys/ can crash the OpenBao server by issuing a single key-creation request that combines an asymmetric type rsa-, ecdsa-, ed25519 with derived: true. The server returns no HTTP respon...

6.5CVSS6AI score
Exploits0References5
OSV
OSV
added 2026/06/19 9:42 p.m.6 views

GHSA-MWR2-WMGP-CRJ6 OpenBao's System Backend allows Unauthorized Management of the containing Namespace

Summary A user that is granted namespace management /sys/namespaces capabilities within a non-root namespace "the victim namespace" can abuse special handling of the literal path "root" in namespace path canonicalization to manage the victim namespace itself. Details Several endpoints under...

2.3CVSS6AI score
Exploits0References4
OSV
OSV
added 2026/06/19 9:42 p.m.6 views

GHSA-C36X-H252-G9X2 OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/{revoke,renew} — incomplete fix of CVE-2026-45808

Summary OpenBao users with access to the sys/leases/revoke/:leaseid endpoint in any namespace can revoke leases in any other namespace as long as the lease identifier is known to them, bypassing ACLs that should apply for cross-namespace revocations. Impact OpenBao's namespaces provide multi-tena...

2.1CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2026/06/19 9:42 p.m.8 views

GHSA-6MWX-4547-5VC9 OpenBao: LDAPi ldaputil (wrong escape func)

Description Component sdk/helper/ldaputil/client.go — the shared LDAP utility library used by both the LDAP authentication backend and OpenLDAP secrets engine to construct LDAP search filters and bind DNs. Root Cause The LDAP utility contains a function selection error that causes incorrect...

6.8CVSS6.1AI score
Exploits0References5
Circl
Circl
added 2026/06/19 11:28 a.m.9 views

CVE-2026-55775

creationtimestamp| type| source ---|---|--- 2026-06-19 11:28:42+00:00| published-proof-of-concept| https://github.com/openbao/openbao/security/advisories/GHSA-mwr2-wmgp-crj6...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-51110

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.5 Description Users granted namespace management capabilities within a non-root namespace can abuse the canonicalization of the literal path "root" to manage the containing namespace itself. Several endpoints unde...

2.3CVSS5.9AI score
Exploits0References6
Rows per page
Query Builder