8088 matches found
CVE-2026-39852 vulnerabilities
Vulnerabilities for packages: keycloak-fips, hono, apicurio-registry, keycloak...
CVE-2026-44471 vulnerabilities
Vulnerabilities for packages: starship, cargo-audit...
GHSA-7J59-V9QR-6FQ9 vulnerabilities
Vulnerabilities for packages: azure-service-operator, rancher, rancher-agent...
CVE-2026-6357 vulnerabilities
Vulnerabilities for packages: kubeflow-katib, tensorflow-cpu-jupyter, datadog-agent, pypy-3.10, py3-pip...
CVE-2026-34984 vulnerabilities
Vulnerabilities for packages: external-secrets-operator...
GHSA-RWM7-X88C-3G2P vulnerabilities
Vulnerabilities for packages: zipkin, neo4j, thingsboard, wavefront-proxy, infinispan, cassandra, spark, keycloak, apache-activemq-artemis, wildfly, druid, trino, apache-pulsar, cassandra-reaper, apache-nifi, kserve-modelmesh, kafka, management-api-for-apache-cassandra-5.0, zookeeper, solr, tez,...
CVE-2026-42215
GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an...
CVE-2026-42284
GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, clone validates multioptions as the original list, then executes shlex.split" ".joinmultioptions. A string like "--branch main --config core.hooksPath=/x" passes validation starts with --branch, but aft...
CVE-2026-41647
Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a truncated storage bucket backup file. This issue has been patched in version 7.0.0...
CVE-2026-42011
A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...
GHSA-W239-58X2-Q8P5 vulnerabilities
Vulnerabilities for packages: k3s, ipfs-cluster, spegel...
CVE-2026-42328 vulnerabilities
Vulnerabilities for packages: ipfs-cluster-fips, rke2-runtime-fips, spegel, rke2-runtime, spegel-fips, ipfs-cluster, k3s...
CVE-2026-41647
Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a truncated storage bucket backup file. This issue has been patched in version 7.0.0...
GHSA-CM99-M826-VGG7 vulnerabilities
Vulnerabilities for packages: tiff...
CVE-2026-42338 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, npm, code-server, sqlpad, tileserver-gl, saf, langfuse, lerna, pulumi, renovate, opensearch-dashboards, prism...
GHSA-FGW5-HP8F-XFHC vulnerabilities
Vulnerabilities for packages: cert-manager-istio-csr...
CVE-2026-40195
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage bucket import logic allows an authenticated user with access to the storage bucket feature to cause the Incus daemon to crash. The vulnerability is present in the backup...
CVE-2026-40197
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The custom volume backup import subsystem...
CVE-2026-41305 vulnerabilities
Vulnerabilities for packages: langfuse-fips, jitsucom-jitsu, renovate, vite, vitess, saf, keep-fips, langfuse, keep, pelias-api...
GHSA-QX2V-QP2M-JG93 vulnerabilities
Vulnerabilities for packages: langfuse-fips, jitsucom-jitsu, renovate, vite, vitess, saf, keep-fips, langfuse, keep, pelias-api...