Improper Access Control

Rancher is vulnerable to Improper Access Control. The vulnerability is due to missing authorization checks when handling cloud-credential IDs, which allows an attacker to make unauthorized requests to cloud providers using attached credentials...

CVE-2026-34719

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the webhook model was missing a proper validation for loop back addresses, or link-local addresses — only the URL scheme HTTP/HTTPS as well as the hostname was checked. This could end up in retrieving...

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services AWS secrets, shell command history, Stripe API keys, and GitHub tokens at scale. Cisco Talos...

Keys on Doormats: Exposed API Credentials on the Web

Application programming interfaces APIs have become a central part of the modern IT environment, allowing developers to enrich the functionality of applications and interact with third parties such as cloud and payment providers. This interaction often occurs through authentication mechanisms tha...

Agent Grant: From Identity Signals to Measurable Risk Reduction

Executive Summary Identity is now the 1 attack surface. Agent Grant in Qualys ETM Identity uses agentic AI to measure and reduce identity risk across AD, Entra, Okta & other cloud IdPs/IDaaS. It operationalizes identity risk by turning messy Active Directory & identity-risk signals into validated...

Code Injection

Gardener Extensions is vulnerable to Code Injection. The vulnerability is due to improper handling of user-controlled input in Terraformer-based infrastructure provisioning across AWS, Azure, OpenStack, and GCP providers, which allows an attacker with administrative privileges in a Gardener proje...

CVE-2025-59823 Gardener providers vulnerable to code injection when Terraformer is used for infrastructure provisioning

Project Gardener implements the automated management and operation of Kubernetes clusters as a service. Code injection may be possible in Gardener Extensions for AWS providers prior to version 1.64.0, Azure providers prior to version 1.55.0, OpenStack providers prior to version 1.49.0, and GCP...

secrets-store-sync-controller discloses service account tokens in logs

Hello Kubernetes Community, A security issue was discovered in secrets-store-sync-controller where an actor with access to the controller logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vau...

CVE-2025-30204 vulnerabilities

Vulnerabilities for packages: flux-source-controller-fips, zot, argocd-image-updater, cloud-provider-azure, traefik, trivy-fips, skaffold, boring-registry, harbor-registry-fips, prometheus-fips, restic, ko, terraform, grafana-mimir, git-sync, kaniko, seaweedfs, velero-plugin-for-microsoft-azure,...

Infrastructure Laundering: Blending in with the Cloud

Image: Shutterstock, ArtHead. In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit --...

CloudBrute - Awesome Cloud Enumerator

A tool to find a company target infrastructure, files, and apps on the top cloud providers Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode. The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. The complete writeup is available. here Motivation ...

CVE-2024-37164 CVAT SSRF via custom cloud storage endpoints

Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. CVAT allows users to supply custom endpoint URLs for cloud storages based on Amazon S3 and Azure Blob Storage. Starting in version 2.1.0 and prior to version 2.14.3, an attacker with a CVAT...

Critical ‘Linguistic Lumberjack’ Flaw in Fluent Bit Hits Major Cloud Providers

...

azure-file-csi-driver leaks service account tokens in the logs

A security issue was discovered in azure-file-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are only logged whe...

CVE-2024-3744

Azure-file-csi-driver may log service account tokens when TokenRequests is enabled and the driver runs at log level 2+. This could let an actor with log access exfiltrate tokens and potentially access cloud vault secrets. Affected versions are before 1.29.4 and 1.30.1; remediation involves upgrad...

Grafana Plugin signature bypass

Today we are releasing Grafana 9.2. Alongside with new features and other bug fixes, this release includes a Moderate severity security fix for CVE-2022-31123 We are also releasing security patches for Grafana 9.1.8 and Grafana 8.5.14 to fix these issues. Release 9.2, latest release, also...

Grafana API IDOR

Today we are releasing Grafana 8.3.5 and 7.5.14. This patch release includes MEDIUM severity security fix for Grafana Teams API IDOR. Release v.8.3.5, only containing security fixes: - Download Grafana 8.3.5 - Release notes Release v.7.5.15, only containing security fixes: - Download Grafana 7.5....

Moderate: Red Hat Security Advisory: RHUI 4.8 Release - Security Updates, Bug Fixes, and Enhancements

An updated version of Red Hat Update Infrastructure RHUI is now available. RHUI 4.8 fixes several security an operational bugs, adds some new features and upgrades the underlying Pulp to a newer version. Red Hat Product Security has rated this update as having a security impact of Moderate. A...

GHSA-XFJ7-QF8W-2GCR Rancher 'Audit Log' leaks sensitive information

Impact A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. Rancher Audit Logging is an opt-in feature, only deployments that have it enabled and have AUDITLEVEL set to 1 or above are impacted by this issue. The leaks might be caught in the...

Moderate: Red Hat Security Advisory: RHUI 4.5.0 release - Security, Bug Fixes, and Enhancements

An updated version of Red Hat Update Infrastructure RHUI is now available. RHUI 4.5 fixes several security and operational bugs and also adds several new features. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and...