GHSA-WRH2-89VG-4J9G vulnerabilities

Vulnerabilities for packages: kubernetes, hubble, ingress-nginx-controller, k3s, cilium, gptscript, istio, crossplane-provider-azure-storage, caddy, nerdctl, prometheus, snyk-cli, kyverno, hydra, telegraf, argo-cd, step-issuer, vale, grafana-pyroscope, crossplane-provider-azure-authorization, fq,...

CVE-2026-39834 vulnerabilities

Vulnerabilities for packages: k3s, cilium, istio, crossplane-provider-azure-storage, ko, mattermost, crossplane-provider-aws-cloudformation, eksctl, caddy, prometheus, policy-controller, wal-g, cosign, src, flux-operator, argo-cd, docker-machine-driver-linode, kuma, pulumi, tflint, vault-benchmar...

CVE-2026-39828 vulnerabilities

Vulnerabilities for packages: spire-server, kubernetes, k3s, cilium, istio, cilium-cli, trivy-operator, docker-machine-driver-harvester, gitlab-kas, knative-serving, mattermost, flux-source-controller, nerdctl, prometheus, rancher, snyk-cli, kubescape, k9s, osv-scanner, trivy,...

CVE-2026-46598 vulnerabilities

Vulnerabilities for packages: spire-server, kubernetes, k3s, cilium, istio, cilium-cli, knative-serving, gitlab-kas, mattermost, nerdctl, prometheus, rancher, snyk-cli, kyverno, telegraf, argo-cd, containerd, kuma, kaf, opentofu, vitess, kine, kubernetes-dashboard, prometheus-operator,...

CVE-2026-46595 vulnerabilities

Vulnerabilities for packages: vitess, flux-source-controller-fips, rancher, skaffold-fips, kubescape-server, minio-fips, cloud-provider-aws, kubevela-fips, prometheus-mongodb-exporter, frankenphp-8.2, snyk-cli, omnictl-multiarch, trivy-fips, zitadel, zot, knative-serving, knative-serving-fips,...

CVE-2026-39832 vulnerabilities

Vulnerabilities for packages: gomplate-fips, vitess, flux-source-controller-fips, rancher, prometheus-podman-exporter, skaffold-fips, pulumi-language-dotnet, pulumi-language-java, kubescape-server, backup-restore-operator, syft-fips, nuclei, pulumi, cloud-provider-aws, amazon-ssm-agent-fips,...

GHSA-389R-GV7P-R3RP vulnerabilities

Vulnerabilities for packages: gitaly, kaniko, scorecard, xeol, gptscript, kubevela, trivy-operator, cerbos, flux-source-controller, snyk-cli, kubescape, k9s, osv-scanner, kargo, trivy, goreleaser, flux-image-automation-controller, nuclei, trufflehog, gitsign, kyverno, argo-workflows, argo-cd,...

Snyk CLI 安全漏洞

Snyk CLI is a build-time tool from Snyk USA for finding and fixing known vulnerabilities in projects. A security vulnerability exists in Snyk CLI versions prior to 1.1297.3, which stems from the insertion of sensitive information into a log file, potentially leading to credential disclosure...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to...