CVE-2026-44903 vulnerabilities

Vulnerabilities for packages: jaeger, minio-object-browser, keda, telegraf, amazon-cloudwatch-agent-operator, trillian, opentelemetry-collector-contrib, loki, tempo, opentelemetry-collector, mc, metrics-server, prometheus, datadog-agent, mcp-grafana, minio, karma, cloud-sql-proxy,...

GHSA-FW8G-CG8F-9J28 vulnerabilities

Vulnerabilities for packages: jaeger, minio-object-browser, keda, telegraf, amazon-cloudwatch-agent-operator, trillian, opentelemetry-collector-contrib, loki, tempo, opentelemetry-collector, mc, metrics-server, prometheus, datadog-agent, mcp-grafana, minio, karma, cloud-sql-proxy,...

GHSA-FW8G-CG8F-9J28 vulnerabilities

Vulnerabilities for packages: node-problem-detector, prometheus-fips, opentelemetry-collector-contrib-fips, node-problem-detector-fips, mc, opentelemetry-operator-fips, minio, beats, beats-fips, keda-fips, karma, ld-relay, minio-fips, certificate-transparency, keda, telegraf, mcp-grafana-fips,...

EUVD-2026-25846

Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...

PT-2026-35413

Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skip tls validation by default it is...

CVE-2026-32289 vulnerabilities

Vulnerabilities for packages: k8ssandra-client, gitlab-kas, cert-manager-csi-driver, kubescape-operator, rclone, runc, k8ssandra-operator, vault-secrets-webhook, scorecard, eksctl, slsa-verifier, docker-cli-buildx, falco-exporter, kubernetes-csi-external-resizer, promxy, otel-cli, crossplane,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, azuredisk-csi, crossplane-provider-aws-acm, kuma, mariadb-operator-fips, prometheus-postgres-exporter, cert-exporter, k8s-driver-manager, eks-node-monitoring-agent-fips, aws-eks-pod-identity-agent, kubernetes-csi-external-snapshotter,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, azuredisk-csi, crossplane-provider-aws-acm, kuma, mariadb-operator-fips, prometheus-postgres-exporter, cert-exporter, k8s-driver-manager, eks-node-monitoring-agent-fips, aws-eks-pod-identity-agent, kubernetes-csi-external-snapshotter,...

GHSA-GJVH-7JH8-7XHM vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, azuredisk-csi, crossplane-provider-aws-acm, kuma, mariadb-operator-fips, prometheus-postgres-exporter, cert-exporter, k8s-driver-manager, eks-node-monitoring-agent-fips, aws-eks-pod-identity-agent, kubernetes-csi-external-snapshotter,...

GHSA-JRG3-GFJW-HM96 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, azuredisk-csi, crossplane-provider-aws-acm, kuma, mariadb-operator-fips, prometheus-postgres-exporter, cert-exporter, k8s-driver-manager, eks-node-monitoring-agent-fips, aws-eks-pod-identity-agent, kubernetes-csi-external-snapshotter,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: mariadb-operator-fips, kube-rbac-proxy-fips, spegel-fips, cluster-proportional-autoscaler-fips, tetragon-fips, policy-controller, spegel, postgres-operator, crossplane-provider-aws-ecr, buildkite-agent-fips, argo-rollouts, cosign, kapp, hugo-extended,...

GHSA-H355-32PF-P2XM vulnerabilities

Vulnerabilities for packages: hey, rancher-system-upgrade-controller, stakater-reloader, cass-operator, git-sync, azure-workload-identity-webhook, litefs, kubernetes-csi-external-resizer, otel-cli, kserve, gptscript, pgpool2exporter, docker-credential-gcr, wuzz, newrelic-infra-operator, kor,...

CVE-2025-68121 vulnerabilities

Vulnerabilities for packages: hey, rancher-system-upgrade-controller, stakater-reloader, cass-operator, git-sync, azure-workload-identity-webhook, litefs, kubernetes-csi-external-resizer, otel-cli, kserve, gptscript, pgpool2exporter, docker-credential-gcr, wuzz, newrelic-infra-operator, kor,...

CVE-2025-61732 vulnerabilities

Vulnerabilities for packages: hey, protoc-gen-go, rancher-system-upgrade-controller, stakater-reloader, cass-operator, git-sync, azure-workload-identity-webhook, litefs, kubernetes-csi-external-resizer, otel-cli, kserve, gptscript, pgpool2exporter, docker-credential-gcr, wuzz, wireguard-go,...

GHSA-8JVR-VH7G-F8GX vulnerabilities

Vulnerabilities for packages: hey, protoc-gen-go, rancher-system-upgrade-controller, stakater-reloader, cass-operator, git-sync, azure-workload-identity-webhook, litefs, kubernetes-csi-external-resizer, otel-cli, kserve, gptscript, pgpool2exporter, docker-credential-gcr, wuzz, wireguard-go,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, kube-logging-logging-operator, atlantis-fips, node-problem-detector, prometheus-postgres-exporter, pulumi-language-yaml, kubernetes-dns-node-cache, terraform-provider-sendgrid, prometheus-mongodb-exporter, caddy, prometheus-operator,...

Malicious code in stackdriver-pushgateway (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4ced9f87756bed39e7f18172a9b6b7756622f38898cdf15d826d591344b89c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6286 Malicious code in stackdriver-pushgateway (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4ced9f87756bed39e7f18172a9b6b7756622f38898cdf15d826d591344b89c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...