Lucene search
+L

492 matches found

osv
osv
added 2 days ago3 views

RLSA-2026:38495 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: os: golang: Go os.Root: Symlink following vulnerability allows directory traversal...

7.8CVSS6.1AI score0.00183EPSS
Exploits0References2
cve
cve
added 3 days ago12 views

CVE-2026-15584

The CVE-2026-15584 issue concerns the incluster-checks tool in OpenShift. It describes a privilege-escalation flaw where the tool creates privileged debug pods with host filesystem access in the shared default namespace. Any user possessing the standard edit role can execute into these pods and o...

7.5CVSS6AI score0.00246EPSS
Exploits0References2
cvelist
cvelist
added 3 days ago34 views

CVE-2026-15584 Redhatinsights/incluster-checks: incluster-checks: privileged host-chroot debug pods created in shared default namespace enable privilege escalation to node root

A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes...

7.5CVSS0.00246EPSS
Exploits0References2
redhatcve
redhatcve
added 3 days ago7 views

CVE-2026-15584

A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes...

7.5CVSS6AI score0.00246EPSS
Exploits0References3
ptsecurity
ptsecurity
added 3 days ago9 views

PT-2026-57811

Name of the Vulnerable Software and Affected Versions OpenShift affected versions not specified Description A privilege escalation issue exists in the incluster-checks tool. This tool creates privileged debug pods that grant access to the host filesystem within the shared default namespace...

7.5CVSS6.2AI score0.00246EPSS
Exploits0References8
cvelist
cvelist
added 6 days ago33 views

CVE-2026-55175 Spinnaker: Improper yaml processing on kustomize bake operations

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS0.00615EPSS
Exploits0References11
euvd
euvd
added 6 days ago5 views

EUVD-2026-43087

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References11
osv
osv
added 6 days ago2 views

CVE-2026-55175 Spinnaker: Improper yaml processing on kustomize bake operations

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References13
nvd
nvd
added 2026/07/08 4:16 p.m.8 views

CVE-2026-15063

A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...

6.3CVSS0.00184EPSS
Exploits0References2
fedora
fedora
added 2026/07/07 1:10 a.m.10 views

[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.2-1.fc43

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

9.1CVSS6.8AI score0.00651EPSS
Exploits1
fedora
fedora
added 2026/07/07 12:51 a.m.15 views

[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.2-1.fc44

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

9.1CVSS6.8AI score0.00651EPSS
Exploits1
osv
osv
added 2026/06/30 6:20 p.m.4 views

GHSA-M63V-2G9W-2W6V Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation

Summary A follow-up bypass of the round-4 PodSpec hardening GHSA-gx55-f84r-v3r7, GHSA-wmgg-3p4h-48x7, GHSA-v455-mv2v-5g92. Those advisories validate and sanitize the PodSpec spec.runtime.podSpec / spec.builder.podSpec / function.spec.podSpec, but the Environment CRD also exposes...

9.9CVSS5.8AI score0.0029EPSS
Exploits0References6
osv
osv
added 2026/06/30 6:18 p.m.5 views

GHSA-WMGG-3P4H-48X7 Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover

Summary A stronger framing of the same root cause as GHSA-gx55-f84r-v3r7: the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough lacked validation, and MergePodSpec propagated dangerous fields into the generated pods. Details Three independent flaws compounded: 1. Validate gap...

9.9CVSS5.8AI score0.003EPSS
Exploits0References8
fedora
fedora
added 2026/06/29 1:11 a.m.10 views

[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.1-1.fc43

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
fedora
fedora
added 2026/06/29 12:58 a.m.6 views

[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.1-1.fc44

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
nvd
nvd
added 2026/06/16 10:16 a.m.19 views

CVE-2026-54191

Unauthenticated Cross Site Scripting XSS in Pods = 3.3.8 versions...

7.1CVSS0.00146EPSS
Exploits0References1
cve
cve
added 2026/06/16 9:0 a.m.23 views

CVE-2026-54191

CVE-2026-54191 corresponds to an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Pods plugin, affecting versions ≤ 3.3.8. The provided sources identify the affected product/version and describe the issue as XSS that can be triggered without authentication, with a CVSSv3....

7.1CVSS5.1AI score0.00146EPSS
Exploits0References1
euvd
euvd
added 2026/06/16 9:0 a.m.10 views

EUVD-2026-37053

Unauthenticated Cross Site Scripting XSS in Pods = 3.3.8 versions...

7.1CVSS5.2AI score0.00146EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/16 9:0 a.m.37 views

CVE-2026-54191 WordPress Pods plugin <= 3.3.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Pods = 3.3.8 versions...

7.1CVSS0.00146EPSS
Exploits0References1
nvd
nvd
added 2026/06/10 6:17 p.m.16 views

CVE-2026-50565

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission builder pods were created with ServiceAccountName: fission-builder and no AutomountServiceAccountToken: false, so the...

4.9CVSS0.00255EPSS
Exploits0References3
Rows per page
Query Builder