7885 matches found
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: nrdot-collector-k8s, cloud-sql-proxy, cloudbeat, databricks-cli, grafana, prometheus-blackbox-exporter-fips, kubernetes-dashboard-api-fips...
Issabel Authenticated - Remote Code Execution
A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...
CVE-2026-27136 vulnerabilities
Vulnerabilities for packages: fq, step-issuer, zot, minio, istio, hydra, crossplane-provider-azure-storage, prometheus-operator, traefik, telegraf, caddy, terraform-provider-acme, crossplane-provider-azure-authorization, kots, cilium, grafana-pyroscope, hubble, opentelemetry-collector, nerdctl,...
CVE-2026-42506 vulnerabilities
Vulnerabilities for packages: fq, step-issuer, zot, minio, istio, hydra, crossplane-provider-azure-storage, prometheus-operator, traefik, telegraf, caddy, terraform-provider-acme, crossplane-provider-azure-authorization, kots, cilium, grafana-pyroscope, hubble, opentelemetry-collector, nerdctl,...
GHSA-CG87-VWWH-XVGJ vulnerabilities
Vulnerabilities for packages: fq, step-issuer, zot, minio, istio, hydra, crossplane-provider-azure-storage, prometheus-operator, traefik, telegraf, caddy, terraform-provider-acme, crossplane-provider-azure-authorization, kots, cilium, grafana-pyroscope, hubble, opentelemetry-collector, nerdctl,...
CVE-2026-25680 vulnerabilities
Vulnerabilities for packages: fq, step-issuer, zot, minio, istio, hydra, crossplane-provider-azure-storage, prometheus-operator, traefik, telegraf, caddy, terraform-provider-acme, crossplane-provider-azure-authorization, kots, cilium, grafana-pyroscope, hubble, opentelemetry-collector, nerdctl,...
GHSA-M9X8-M34X-FJ9Q vulnerabilities
Vulnerabilities for packages: fq, step-issuer, zot, minio, istio, hydra, crossplane-provider-azure-storage, prometheus-operator, traefik, telegraf, caddy, terraform-provider-acme, crossplane-provider-azure-authorization, kots, cilium, grafana-pyroscope, hubble, opentelemetry-collector, nerdctl,...
Malicious Package
Overview xarc-webpack-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-5105 Malicious code in @tmecontinue/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91dc0ad891441e786e37b86bbf8e4f881519bcfd68db3525c1a38f2064dbbbfe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2026-33555
A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function sanitizeenvlines of the file hermescli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires a high level of...
Security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec (important)
openSUSE security update: security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20841-1 Rating:...
Hermes Agent security vulnerabilities
Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent prior to 2026.4.30 contained a security vulnerability, which was caused by a problem with the sanitizeenvlines function in the hermescli/config.py file. This vulnerability...
SUSE CVE-2026-48501
GitHub CLI gh is GitHub's official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF repository mirrors via gh attestation, gh release verify, and gh release verify-asset commands. The CLI uses a shared HTTP client with an authenticati...
CVE-2026-39834 affecting package cf-cli for versions less than 8.7.11-6
CVE-2026-39834 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...
CVE-2026-42506 affecting package cf-cli for versions less than 8.7.11-6
CVE-2026-42506 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...
CVE-2026-39821 affecting package cf-cli for versions less than 8.7.11-6
CVE-2026-39821 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3. A patched version of the package is available...
CVE-2026-27136 affecting package gh for versions less than 2.62.0-16
CVE-2026-27136 affecting package gh for versions less than 2.62.0-16. A patched version of the package is available...
CVE-2026-46597 affecting package cf-cli for versions less than 8.7.11-6
CVE-2026-46597 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...
CVE-2026-27136 affecting package cf-cli for versions less than 8.7.11-6
CVE-2026-27136 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...