CVE-2026-54100 Windows-machine-config-operator: windows-machine-config-operator: ssh host key not verified enables credential theft

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. WMCO establishes SSH connections to Windows worker nodes without verifying the remote server host key. An adjacent-network attacker who can intercept or redirect WMCO's SSH session can capture...

EUVD-2024-54053

Malicious code in bioql PyPI...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to Improper Input Validation due to kube package ( CVE-2024-9042 )

Summary Potential vulnerabilities in kube package CVE-2024-9042 has been identified that may affect IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2024-9042 DESCRIPTION: This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the...

CVE-2024-9042

This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below...

CVE-2024-9042

CVE-2024-9042 affects Windows worker nodes in Kubernetes environments (vulnerability in kubelet/related components). Root cause: improper input validation (CWE-20). Impact as stated: potential confidentiality and integrity impact (C present; no availability impact) with CVSSv3.1 base score 5.9 (v...

CVE-2024-9042

This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below...

CVE-2024-9042

This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below...

PT-2025-1258

Name of the Vulnerable Software and Affected Versions Kubernetes versions prior to 1.29.14 Kubernetes versions prior to 1.30.10 Kubernetes versions prior to 1.31.6 Description This issue is a command injection affecting Windows nodes via the /logs query API. An attacker with the ability to query ...