CVE-2026-27734

Beszel is a server monitoring platform. Before v0.18.2, the hub’s authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied container param to the agent without validation. The agent builds Docker Engine API URLs using fmt.Sprintf with ...

PT-2026-4859

Name of the Vulnerable Software and Affected Versions Dozzle versions prior to 9.0.3 Description A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters to obtain an interactive root shell in out‑of‑scope containers on the same agent host by directly targeting...

GHSA-J76Q-99X2-V7VQ Apache Ambari Improper Access Control

Custom commands may be executed on Ambari Agent 2.4.x, before 2.4.2 hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agen...

CVE-2016-8938

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer's production applications...