CLEANSTART-2026-GZ35045 Security fixes for CVE-2024-36537, CVE-2025-47910, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2026-25518, CVE-2026-27143, CVE-2026-27144, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-32952, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-gx3x-vq4p-mhhv, ghsa-hr2v-4r36-88hr, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3, ghsa-pc3f-x583-g7j2, ghsa-pjcq-xvwq-hhpj applied in versions: 2.4.0-r1, 2.4.0-r2, 2.4.0-r3

Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: gitlab-kas, mailpit, ctop, nats-top, kubernetes-dashboard-metrics-scraper, cert-exporter, mods, db-operator, promxy, nri-mysql, omnibump, openbao, spark-operator, custom-pod-autoscaler-operator, x509-certificate-exporter, conjur-cli, docker-machine-driver-harvester,...

GHSA-JRG3-GFJW-HM96 vulnerabilities

Vulnerabilities for packages: gitlab-kas, mailpit, ctop, nats-top, kubernetes-dashboard-metrics-scraper, cert-exporter, mods, db-operator, promxy, nri-mysql, omnibump, openbao, spark-operator, custom-pod-autoscaler-operator, x509-certificate-exporter, conjur-cli, docker-machine-driver-harvester,...

CLEANSTART-2026-OL32822 Security fixes for CVE-2024-36537, CVE-2025-47910, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2026-25518, ghsa-gx3x-vq4p-mhhv applied in versions: 2.4.0-r1, 2.4.0-r2

Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: wolfictl, sops, kubescape, hydra, crossplane-provider-aws-lambda, kyverno-notation-aws, nuclei, zot, openbao, crossplane-provider-aws-memorydb, crossplane-provider-aws-route53, crossplane-provider-aws-dynamodb, gitaly, crossplane-provider-aws-elasticache,...

GHSA-Q9HV-HPM4-HJ6X vulnerabilities

Vulnerabilities for packages: wolfictl, sops, kubescape, hydra, crossplane-provider-aws-lambda, kyverno-notation-aws, nuclei, zot, openbao, crossplane-provider-aws-memorydb, crossplane-provider-aws-route53, crossplane-provider-aws-dynamodb, gitaly, crossplane-provider-aws-elasticache,...

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: wolfictl, sops, kubescape, crossplane-provider-aws-lambda-fips, hydra, boring-registry-fips, crossplane-provider-aws-lambda, kyverno-notation-aws, terraform-provider-databricks-fips, nuclei, zot, omni, openbao, grype-db, crossplane-provider-aws-memorydb, syft-fips,...

CVE-2026-25518 vulnerabilities

Vulnerabilities for packages: cert-manager-csi-driver-fips, opentelemetry-operator-fips, aws-privateca-issuer-fips, gitlab-operator, cert-manager-webhook-pdns, opentelemetry-operator, cert-manager-openshift-routes, cert-manager-cmctl, percona-xtradb-cluster-operator,...

CVE-2026-25518 vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl, aws-privateca-issuer, cert-manager-csi-driver, mariadb-operator, step-issuer, cert-manager-istio-csr, cert-manager-webhook-pdns, opentelemetry-operator, percona-server-mongodb-operator...

GHSA-GX3X-VQ4P-MHHV vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl, aws-privateca-issuer, cert-manager-csi-driver, mariadb-operator, step-issuer, cert-manager-istio-csr, cert-manager-webhook-pdns, opentelemetry-operator, percona-server-mongodb-operator...

GHSA-G9Q4-QJX4-2V7Q vulnerabilities

Vulnerabilities for packages: mattermost, xeol, newrelic-fluent-bit-output, kube-arangodb, kubernetes-dns-node-cache, bento, eksctl, opensearch-k8s-operator, k3s, kine, redis-operator, kubo, loki, src, flux-notification-controller, helm-set-status, nerdctl, cert-manager-cmctl, runc, cosign, timon...

CVE-2025-61726 vulnerabilities

Vulnerabilities for packages: ipfs-cluster, nats-top, sops, cluster-autoscaler, cloud-provider-aws, hydra, kube-arangodb, kubernetes-dashboard-metrics-scraper, octo-sts, bento, crossplane-provider-aws-lambda, opencost, vault-benchmark, descheduler, mods, db-operator, kine, kubernetes-replicator,...

GHSA-GR56-3GP6-6GMJ vulnerabilities

Vulnerabilities for packages: ipfs-cluster, nats-top, sops, cluster-autoscaler, cloud-provider-aws, ctop, hydra, kube-arangodb, kubernetes-dashboard-metrics-scraper, octo-sts, bento, crossplane-provider-aws-lambda, nri-redis, opencost, vault-benchmark, descheduler, mods, db-operator, kine,...

GHSA-CM6P-QC7V-M3JW vulnerabilities

Vulnerabilities for packages: nats-top, ctop, hydra, kubernetes-dashboard-metrics-scraper, mods, db-operator, spark-operator, x509-certificate-exporter, conjur-cli, kube-logging-operator-custom-runner, flux-kustomize-controller, timescaledb-parallel-copy, aws-sigv4-proxy,...

GHSA-XVQR-69V8-F3GV vulnerabilities

Vulnerabilities for packages: nats-top, ctop, hydra, kubernetes-dashboard-metrics-scraper, mods, db-operator, spark-operator, x509-certificate-exporter, conjur-cli, kube-logging-operator-custom-runner, flux-kustomize-controller, timescaledb-parallel-copy, aws-sigv4-proxy,...

GHSA-GM9R-Q53W-2GH4 vulnerabilities

Vulnerabilities for packages: ipfs-cluster, nats-top, sops, cluster-autoscaler, cloud-provider-aws, hydra, kube-arangodb, kubernetes-dashboard-metrics-scraper, octo-sts, bento, crossplane-provider-aws-lambda, opencost, vault-benchmark, descheduler, mods, db-operator, kine, kubernetes-replicator,...

CLEANSTART-2026-OH86281 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-LL43287 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-EJ58111 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CVE-2024-12401 vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl, aws-privateca-issuer, step-issuer, cert-exporter, cert-manager-istio-csr, cert-manager-webhook-pdns...