GHSA-5WRP-CWCJ-Q835 vulnerabilities

Vulnerabilities for packages: newrelic-k8s-metrics-adapter, beats, grafana-pyroscope, kube-state-metrics-fips, gitlab-cng-fips, kong-ingress-controller-fips, terraform-provider-acme, cloudflared, kubernetes-csi-external-snapshotter-fips, flux-helm-controller, opentelemetry-ebpf-instrumentation,...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: smarter-device-manager, crossplane-provider-terraform, memcached-exporter, beats, grafana-pyroscope, prometheus-operator-fips, kube-state-metrics-fips, prometheus-mongodb-exporter-fips, authservice-fips, aws-efs-csi-driver-fips, kepler,...

CVE-2025-61728 vulnerabilities

Vulnerabilities for packages: bom, trufflehog-fips, kube-arangodb, cert-manager-cmctl, kuma, beats, google-osconfig-agent, helm-diff-fips, flux-helm-controller-fips, traefik, vendir-fips, prometheus-elasticsearch-exporter, k8sgateway, eksctl, thanos-operator, opentofu, opentofu-fips,...

CLEANSTART-2026-OJ15484 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the elastic-beats-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-FP29743 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-GL18398 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-QD78411 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the elastic-beats-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...