58419 matches found
CVE-2026-49267
Apache Airflow's EmailOperator and the underlying airflow.utils.email helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used email smtpstarttls=True without email smtpssl. An attacker positioned between the worker and the configured SMTP...
CVE-2026-42252
Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...
Important: Red Hat Security Advisory: OpenShift File Integrity Operator bug fix and enhancement update
An updated OpenShift File Integrity Operator image that fixes various bugs and adds new enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog. The OpenShift File Integrity Operator v1.4.0 is now available. See the documentation for bug fix information:...
CVE-2026-40564
Files or Directories Accessible to External Parties, Server-Side Request Forgery SSRF vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses. This lets a user with CR create permissions read files...
CVE-2026-1784
CVE-2026-1784 affects the Route OpenShift resource (OpenShift route definitions using HAProxy) where checks on the spec.path YAML stanza are insufficient, allowing controlled injection of the HAProxy configuration. The CVE description and linked records indicate this can lead to remote code execu...
CVE-2026-32906
OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals that allows exec-authorized users to resolve plugin approvals through the exec approver gate. Attackers with limited exec approval permissions can bypass intended approval splits to approve plugin...
CVE-2026-45707
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...
PYSEC-2026-184
Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...
CVE-2026-42252
Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...
EUVD-2026-33591
Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...
CVE-2026-42252
Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...
CVE-2026-42252 Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern
Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...
CVE-2026-42252 Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern
Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...
Apache Airflow security vulnerabilities
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, whic...
PT-2026-45216
Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.5 Description A null pointer dereference occurs in the glTF2::LazyDict function within the glTF2Asset.h library. This issue is triggered by the manipulation of the operator argument and requires local access to be...
Ironic Standalone Operator's controller modifies user-owned resources without consent
Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. IRSO controller automatically adds its environment label to user-provided Secrets and ConfigMaps without the resource owner's consent. A high-privilege controller modifying user-owned resources...
GHSA-HFC8-W5F4-3X6M Ironic Standalone Operator's controller modifies user-owned resources without consent
Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. IRSO controller automatically adds its environment label to user-provided Secrets and ConfigMaps without the resource owner's consent. A high-privilege controller modifying user-owned resources...
GHSA-7CWM-FPFH-RRCH Ironic Standalone Operator's prometheus metrics exporter bound to all interfaces
Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...
Missing Authorization
Overview @openclaw/discord is an OpenClaw Discord channel plugin Affected versions of this package are vulnerable to Missing Authorization through the registerPairCommand and resolvePairingCommandAuthState paths in the device-pair command handler. An attacker can generate pairing setup codes,...
CVE-2026-35674
OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliver commands through inherited external routes to bypass operator.approvals and operator.admin scop...