744 matches found
CVE-2026-7191 Arbitrary Code Execution via Sandbox Bypass in the open source solution QnABot on AWS
Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression via the Conten...
com.digitalpebble.stormcrawler:storm-crawler-aws (>=2.0 <=2.11), com.digitalpebble.stormcrawler:storm-crawler-core (>=2.0 <=2.11) +77 more potentially affected by CVE-2026-41081 via org.apache.storm:storm-client (>=2.0.0 <=2.8.6)
org.apache.storm:storm-client MAVEN version =2.0.0, =2.0, =2.0, =2.0, =2.0, =2.0, =2.7, =2.0, =2.0, =2.0, =2.1, =2.6.3.1, =2.4.0, =2.4.0, =2.4.0, =2.0.0, =2.8.6 and more Source cves: CVE-2026-41081 Source advisory: OSV:GHSA-J2Q8-XX3Q-8FQH...
CVE-2026-41139 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards, librechat, wazuh-dashboard...
CVE-2026-41139 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards...
CVE-2026-35213 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards...
GHSA-JG4P-7FHP-P32P vulnerabilities
Vulnerabilities for packages: opensearch-dashboards...
CVE-2026-35554 vulnerabilities
Vulnerabilities for packages: debezium-connector-informix, thingsboard, strimzi-kafka-operator, logstash, wildfly, debezium-connector-db2, apache-nifi, opensearch, debezium-connector-spanner, druid, debezium-connector-ibmi, debezium, debezium-connector-vitess...
GHSA-5QCV-4RPC-JP93 vulnerabilities
Vulnerabilities for packages: debezium-connector-informix, thingsboard, strimzi-kafka-operator, logstash, wildfly, debezium-connector-db2, apache-nifi, opensearch, debezium-connector-spanner, druid, debezium-connector-ibmi, debezium, debezium-connector-vitess...
GHSA-5QCV-4RPC-JP93 vulnerabilities
Vulnerabilities for packages: debezium-connector-spanner, druid, wildfly, seata, apache-nifi, strimzi-kafka-operator-fips, logstash, debezium-connector-informix, debezium-connector-vitess, knative-kafka-broker-fips, opensearch-fips, thingsboard, knative-kafka-broker, debezium-connector-db2,...
GHSA-JVFF-X2QM-6286 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards...
GHSA-JVFF-X2QM-6286 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards, librechat, wazuh-dashboard...
CVE-2026-35213 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards, kibana, wazuh-dashboard...
GHSA-JG4P-7FHP-P32P vulnerabilities
Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards, kibana, wazuh-dashboard...
CLEANSTART-2026-CB01846 Security fixes for CVE-2025-0913, CVE-2025-4673, CVE-2025-47907, CVE-2025-47911, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.6.1-r0, 2.6.1-r1, 2.6.1-r7
Multiple security vulnerabilities affect the opensearch-k8s-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-JK84667 Security fixes for CVE-2025-0913, CVE-2025-4673, CVE-2025-47907, CVE-2025-47911, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.7.0-r7, 2.7.0-r8
Multiple security vulnerabilities affect the opensearch-k8s-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-Q67F-28XG-22RW vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-centraldashboard, opensearch-dashboards...
GHSA-PPP5-5V6C-4JWP vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-centraldashboard, opensearch-dashboards...
GHSA-5M6Q-G25R-MVWX vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-centraldashboard, opensearch-dashboards...
GHSA-2328-F5F3-GJ25 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-centraldashboard, opensearch-dashboards...
CVE-2026-33896 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-centraldashboard, opensearch-dashboards...