7657 matches found
CVE-2026-9824
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to check the managesharedchannels permission in the /share-channel autocomplete handler, which allows an authenticated user without that permission to enumerate configured remote cluster connection metadata via slash...
CVE-2026-10103
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify post ownership in the shared channel inbound sync handler, which allows an authenticated remote cluster to modify or delete posts authored by local users or other remotes via crafted sync messages referencing...
CVE-2026-10103
Mattermost versions affected: 11.7.x (up to 11.7.2), 11.6.x (up to 11.6.4), and 10.11.x (up to 10.11.19) have a flaw in the shared channel inbound sync handler that fails to verify post ownership. This allows an authenticated remote cluster to modify or delete posts authored by local users or oth...
KubePi JwtSigKey - Admin Authentication Bypass
KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...
Cluster Control CMON API - Directory Traversal
Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. id: CVE-2024-41628 info: name: Cluster Control CMON API...
MinIO Cluster Deployment - Information Disclosure
MinIO is susceptible to information disclosure. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including MINIOSECRETKEY and MINIOROOTPASSWORD. An attacker can potentially obtain sensitive...
CVE-2026-61459
Affected software: MCP Server Kubernetes before 3.9.0. Vulnerability: Argument injection in structured tools (kubectl_get, kubectl_describe, kubectl_delete) that bypasses the assertNoDangerousFlags check by using leading dashes for resourceType/name. This allows injection of the --server flag to ...
[SECURITY] Fedora 44 Update: k9s-0.51.0-2.fc44
Kubernetes CLI To Manage Your Clusters In Style!...
PT-2026-57272
Name of the Vulnerable Software and Affected Versions MCP Server Kubernetes versions prior to 3.9.0 Description An argument injection flaw exists in structured tools, specifically within the kubectl get, kubectl describe, and kubectl delete functions. By providing the resourceType and name...
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-networkmanager, policy-bot, crossplane-provider-azure-signalrservice, fairwinds-gemini-fips, generic-device-plugin-fips, timoni, crossplane-provider-aws-waf-fips, aws-application-networking-k8s, cluster-api, dataplaneapi-fips, gpu-operator,...
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, croc, crossplane-provider-aws-s3, crossplane-provider-aws-eks, src, k8ssandra-operator, openbao-k8s, authservice, neuvector-dbgen, docker-compose, telegraf, cluster-autoscaler, manifest-tool, kube-arangodb,...
Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code
A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Servi...
Important: Red Hat Security Advisory: tomcat security, bug fix, and enhancement update
An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.9.5 security update
The multicluster engine for Kubernetes 2.9 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.9 images The multicluster engine for Kubernetes provides the foundational components that are...
Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.14.3 security update
Red Hat Advanced Cluster Management for Kubernetes 2.14 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. Red Hat Advanced Cluster Management for Kubernetes 2.14 images Red Hat Advanced Cluster Management for Kubernetes provides...
Important: Red Hat Security Advisory: Submariner v0.20 security fixes and container updates
Submariner v0.20 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
CVE-2026-15063
A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...
CVE-2026-15063 Trustyai-service-operator: trustyai service operator: gorch port bypass when auth is enabled
A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...
Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.0.3 Security Update
Red Hat Edge Manager Version 1.0.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...
Important: Red Hat Security Advisory: RHACS 4.10.5 security and bug fix update
Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...