CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Wolfi•added 2026/04/24 7:48 p.m.•3 views

GHSA-PJCQ-XVWQ-HHPJ vulnerabilities

Vulnerabilities for packages: frp, flux, rancher-agent, cert-manager-cmctl, percona-server-mongodb-operator, flux-source-controller, openbao, telegraf, terraform, opentofu, cert-manager, xeol, rancher-webhook, trufflehog, grafana, kyverno, seaweedfs, nuclei, rancher, yunikorn-k8shim,...

Wolfi•added 2026/04/24 7:48 p.m.•4 views

CVE-2026-32952 vulnerabilities

7.5CVSS5.8AI score0.0007EPSS

Chainguard•added 2026/04/24 7:17 p.m.•2 views

CVE-2026-32952 vulnerabilities

Vulnerabilities for packages: versitygw, terraform-fips, openbao-fips, cert-manager-cmctl, packer-fips, external-secrets-operator, kyverno-fips, gitea, spqr, harbor-fips, cert-manager-google-cas-issuer-fips, gitlab-runner, kyverno-notation-aws, terraform, seaweedfs, gitlab-runner-fips,...

7.5CVSS5.8AI score0.0007EPSS

Chainguard•added 2026/04/24 7:17 p.m.•2 views

GHSA-PJCQ-XVWQ-HHPJ vulnerabilities

Wolfi•added 2026/02/26 7:48 p.m.•5 views

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: crossplane, vcluster, nfpm, flux-kustomize-controller, q, crossplane-provider-aws-cloudfront, wal-g, witness, terragrunt, crossplane-provider-aws-cloudwatchlogs, crossplane-provider-aws-memorydb, kots, crossplane-provider-aws-s3, xeol, cerbos,...

9.8CVSS7.3AI score0.00026EPSS

Wolfi•added 2026/02/26 7:48 p.m.•5 views

GHSA-Q9HV-HPM4-HJ6X vulnerabilities

Chainguard•added 2026/02/26 7:17 p.m.•5 views

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: terraform-fips, crossplane-provider-family-azure, openbao-fips, cert-manager-cmctl, packer-fips, apko-fips, crossplane-provider-aws-dynamodb-fips, policy-controller, buildkitd, hydra, hydra-fips, tekton-pipelines-fips, crossplane-provider-aws-lambda-fips, wolfictl,...

9.8CVSS7.3AI score0.00026EPSS

Wolfi•added 2026/02/19 7:48 p.m.•3 views

GHSA-FW7P-63QQ-7HPR vulnerabilities

Vulnerabilities for packages: step-issuer, step-ca, temporal-server, jitsucom-bulker, mattermost, flux-kustomize-controller, juicefs, kyverno-policy-reporter, openfga, sftpgo, croc, ksops, openbao, telegraf, amass, witness, terragrunt, splunk-otel-collector, kots, crossplane-provider-sql, cerbos,...

Qualys Blog•added 2026/02/19 5:0 p.m.•8 views

How Security Tool Misuse Is Reshaping Cloud Compromise

Key Takeaways Legitimate secret-scanning tools such as TruffleHog have been operationalized in real-world cloud attack campaigns. Attack progression commonly follows a repeatable sequence: credential discovery, live validation, permission enumeration, and data access. Exposed long-lived access ke...

Wolfi•added 2026/02/19 1:49 p.m.•3 views

CVE-2026-26958 vulnerabilities

6.3CVSS7.3AI score0.00018EPSS

Chainguard•added 2026/02/19 1:17 p.m.•5 views

CVE-2026-26958 vulnerabilities

Vulnerabilities for packages: sqlexporter, apko-fips, loki, nri-mysql, hydra, hydra-fips, juicefs, rekor-fips, wolfictl, kine, gitsign, witness, kyverno-fips, gitea, spire-server-fips, terragrunt-fips, reports-server, db-operator, rke2-runtime, seaweedfs, temporal-server, elastic-agent, telegraf,...

6.3CVSS7.3AI score0.00018EPSS

Talos Blog•added 2025/11/04 2:26 p.m.•6 views

TruffleHog, Fade In and BSAFE Crypto-C vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Dell BSAFE, two in Fade In screenwriting software, and one in Trufflehog. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco 's...

7.8CVSS8.4AI score0.00625EPSS

Exploits2

SUSE CVE•added 2025/10/20 11:27 p.m.•2 views

SUSE CVE-2025-41390

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...

7.8CVSS8.2AI score0.00006EPSS

RedhatCVE•added 2025/10/20 9:20 p.m.•2 views

CVE-2025-41390

A flaw was found in the git functionality of TruffleHog. Scanning a specially crafted git repository copied file-for-file, such as via tar, cp, rsync or other tools, with a malicious core.fsmonitor configuration option specified in the .git/config file can cause arbitrary code execution. Mitigati...

7.8CVSS6.9AI score0.00006EPSS

Exploits0References5

EUVD•added 2025/10/20 3:30 p.m.•1 views

EUVD-2025-35053

7.8CVSS7.7AI score0.00006EPSS

NVD•added 2025/10/20 3:15 p.m.•2 views

CVE-2025-41390

7.8CVSS0.00006EPSS

Snyk•added 2025/10/20 2:15 p.m.•1 views

Unsafe Dependency Resolution

Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the core.fsmonitor configuration option in the .git/config file. An attacker can execute arbitrary code by convincing a user or tool to scan a specially crafted repository that contains a malicious...

8.4CVSS7.4AI score0.00006EPSS

Exploits0References2

CVE•added 2025/10/20 2:15 p.m.•9 views

CVE-2025-41390

CVE-2025-41390 concerns an arbitrary code execution in TruffleHog 3.90.2 through the Git core.fsmonitor handling. A specially crafted repository (e.g., copied file-for-file via tar/cp/rsync) can trigger execution when Git operations are invoked by tooling, due to a malicious core.fsmonitor value ...

7.8CVSS7.8AI score0.00006EPSS