CVE-2026-42191 OpenTelemetry.Exporter.OpenTelemetryProtocol: Disk retry default temp path enables local blob injection for OTLP Exporter

OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP OpenTelemetry Protocol exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath when OTELDOTNETEXPERIMENTALOTLPRETRY=disk was set but...

CVE-2026-42191

OpenTelemetry.Exporter.OpenTelemetryProtocol (OTLP exporter) Vulnerability: from 1.8.0 through 1.15.2, when OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY=disk is used without OTEL_DOTNET_EXPERIMENTAL_OTLP_DISK_RETRY_DIRECTORY_PATH, the retry storage root is resolved with Path.GetTempPath(). The exporter st...

Security Bulletin: MongoDB Enterprised Advanced affected by: Denial of Service Caused by Improper JSON Parser (WS-2026-0003)

Summary There is a vulnerability in jackson-core-2.15.0.jar, jackson-core-2.18.3.jar, jackson-core-2.19.2.jar, jackson-core-2.19.4.jar used in MongoDB Enterprised Advanced for IBM, involving WS-2026-0003. The vulnerability has been addressed. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The...

CVE-2026-41310

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span attributes. In high-cardinality scenarios, a process using Zipkin export for client or producer spa...

CVE-2026-41310

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span attributes. In high-cardinality scenarios, a process using Zipkin export for client or producer spa...

EUVD-2026-25269

OpenTelemetry dotnet: Excessive memory allocation when parsing OpenTelemetry propagation headers...

Memory Allocation with Excessive Size Value

Overview OpenTelemetry.Api is a package that application developers and library authors use to instrument their application/library. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the processing of propagation headers such as baggage, B3, and...

CVE-2026-40894

OpenTelemetry dotnet vulnerable versions: OpenTelemetry.Api 0.5.0-beta.2–1.15.2 and OpenTelemetry.Extensions.Propagators 1.3.1–1.15.2 contain code paths for baggage, B3 and Jaeger processing that can allocate excessive memory when parsing propagation headers, potentially leading to a DoS. The iss...

PT-2026-34720

Name of the Vulnerable Software and Affected Versions OpenTelemetry.Api versions 0.5.0-beta.2 through 1.15.2 OpenTelemetry.Extensions.Propagators versions 1.3.1 through 1.15.2 Description Implementation details of the baggage, B3, and Jaeger processing code in the OpenTelemetry.Api and...

BIT-KYVERNO-2026-23881 Kyverno Denial of Service via Context Variable Amplification in Policy Engine

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

SUSE CVE-2026-23881

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the context variable evaluation process. An attacker with policy creation privileges can exhaust system memory and disrupt service availability with policies that exponentially...

CVE-2026-23881

CVE-2026-23881 affects Kyverno policy engine prior to versions 1.16.3 and 1.15.3, which exhibit unbounded memory consumption that can cause denial of service when policies with context variables are crafted by users with policy-creation privileges. The issue is resolved in 1.16.3 and 1.15.3 by a ...

CVE-2026-23881 Kyverno Denial of Service via Context Variable Amplification in Policy Engine

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

CVE-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...

PT-2026-4956

Name of the Vulnerable Software and Affected Versions Kyverno versions prior to 1.16.3 Kyverno versions prior to 1.15.3 Description Kyverno is a policy engine for cloud native platform engineering teams. Affected versions experience unbounded memory consumption within the policy engine. Users wit...

CVE-2023-29766

An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause an escalation of Privileges via the database files...

OESA-2025-2321 rubygem-fluentd security update

Fluentd is an open source data collector designed to scale and simplify log management. It can collect, process and ship many kinds of data in near real-time. Security Fixes: Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A...

OESA-2025-2320 rubygem-fluentd security update

Fluentd is an open source data collector designed to scale and simplify log management. It can collect, process and ship many kinds of data in near real-time. Security Fixes: Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the scopedpadder function in patternformatter-inl.h. An attacker can cause excessive resource usage by manipulating input processed by this function. Details Denial of Service DoS describes a family of attacks,...