Nova noVNC - Open Redirect

Nova noVNC contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-3654 info: name: Nova noVNC - Open Redirect author: geeknik severity: medium...

CVE-2026-55748

A flaw was found in OpenStack Horizon. This vulnerability allows a highly privileged remote attacker, with user interaction, to craft a project name containing shell metacharacters. When scripts for OpenStack RC file downloading are produced, these metacharacters may be processed, potentially...

UBUNTU-CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file...

OpenStack Horizon RC file generation does not escape special characters in project names

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

CVE-2026-46448

A flaw was found in OpenStack Nova. The server creation application programming interface API fails to remove specific hint data, leading to instances being created without proper Placement allocation. This can result in a denial of service, as resources may not be correctly assigned or managed f...

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

CVE-2026-55748

OpenStack Horizon prior to 25.7.4 can generate scripts for downloading OpenStack RC files where a crafted project name containing shell metacharacters is possible. The description notes this as a security hardening opportunity rather than a vulnerability, and the CVSS 3.1 metrics indicate a MEDIU...

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

EUVD-2026-37723

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2026-46448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation. CVE-2026-46448 Note...

EUVD-2026-37218

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...

CVE-2026-48524 vulnerabilities

Vulnerabilities for packages: superset-fips, openstack-placement-2026.1-fips, datadog-agent, openstack-horizon-2025.2-fips, datadog-agent-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-glance-2025.1-fips, openstack-glance-2026.1, openstack-glance-2025.1,...

CVE-2026-48525 vulnerabilities

Vulnerabilities for packages: superset-fips, openstack-placement-2026.1-fips, datadog-agent, openstack-horizon-2025.2-fips, datadog-agent-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-glance-2025.1-fips, openstack-glance-2026.1, openstack-glance-2025.1,...

CVE-2026-48526 vulnerabilities

Vulnerabilities for packages: superset-fips, openstack-placement-2026.1-fips, datadog-agent, openstack-horizon-2025.2-fips, datadog-agent-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-glance-2025.1-fips, openstack-glance-2026.1, openstack-glance-2025.1,...

CVE-2026-48523 vulnerabilities

Vulnerabilities for packages: superset-fips, openstack-placement-2026.1-fips, datadog-agent, openstack-horizon-2025.2-fips, datadog-agent-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-glance-2025.1-fips, openstack-glance-2026.1, openstack-glance-2025.1,...

GHSA-FHV5-28VV-H8M8 vulnerabilities

Vulnerabilities for packages: superset-fips, openstack-placement-2026.1-fips, datadog-agent, openstack-horizon-2025.2-fips, datadog-agent-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-glance-2025.1-fips, openstack-glance-2026.1, openstack-glance-2025.1,...

GHSA-XGMM-8J9V-C9WX vulnerabilities

Vulnerabilities for packages: superset-fips, openstack-placement-2026.1-fips, datadog-agent, openstack-horizon-2025.2-fips, datadog-agent-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-glance-2025.1-fips, openstack-glance-2026.1, openstack-glance-2025.1,...

GHSA-JQ35-7PRP-9V3F vulnerabilities

Vulnerabilities for packages: superset-fips, openstack-placement-2026.1-fips, datadog-agent, openstack-horizon-2025.2-fips, datadog-agent-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-glance-2025.1-fips, openstack-glance-2026.1, openstack-glance-2025.1,...

GHSA-W7VC-732C-9M39 vulnerabilities

Vulnerabilities for packages: superset-fips, openstack-placement-2026.1-fips, datadog-agent, openstack-horizon-2025.2-fips, datadog-agent-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-glance-2025.1-fips, openstack-glance-2026.1, openstack-glance-2025.1,...