CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

44 matches found

RedhatCVE•added 2026/06/05 7:28 p.m.•7 views

CVE-2026-22872

Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Prior to version 0.13.0, tenant...

9.1CVSS5.5AI score0.00625EPSS

Exploits1References1

NVD•added 2026/06/01 7:16 p.m.•7 views

CVE-2026-22872

9.1CVSS0.00625EPSS

Exploits1References2

Cvelist•added 2026/06/01 5:42 p.m.•29 views

CVE-2026-22872 Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability

8.2CVSS0.00625EPSS

Exploits1References2

Vulnrichment•added 2026/06/01 5:42 p.m.•8 views

CVE-2026-22872 Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability

8.2CVSS5.8AI score0.00625EPSS

Exploits1References2

EUVD•added 2026/06/01 5:42 p.m.•9 views

EUVD-2026-33729

8.2CVSS5.8AI score0.00625EPSS

Exploits1References2

CVE•added 2026/06/01 5:42 p.m.•16 views

CVE-2026-22872

CVE-2026-22872 affects Capsule, a Kubernetes multi-tenant framework. The Capsule Controller runs with cluster-admin privileges. The vulnerability lies in TenantResource RawItems processing: the code sets the namespace on deserialized objects, but this is ignored for cluster-scoped resources, allo...

9.1CVSS5.8AI score0.00625EPSS

Exploits1References2Affected Software1

Github Security Blog•added 2026/05/28 5:2 p.m.•6 views

Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability

TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability Summary The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Tenant administrators can...

9.1CVSS6AI score0.00625EPSS

Exploits1References4Affected Software1

OSV•added 2026/05/28 5:2 p.m.•4 views

GHSA-QJJM-7J9W-PW72 Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability

8.2CVSS6AI score0.00625EPSS

Exploits1References4

Positive Technologies•added 2026/05/28 12:0 a.m.•8 views

PT-2026-44721

Name of the Vulnerable Software and Affected Versions Capsule versions prior to 0.13.0 Description The Capsule Controller runs with cluster-admin privileges. A flaw exists in the HandleSection function within the internal/controllers/resources/processor.go file, where the processing logic for...

9.1CVSS5.8AI score0.00625EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-43719

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00198EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2022-3812

Malicious code in bioql PyPI...

8.1CVSS6.2AI score0.02092EPSS

Exploits0References18

RedhatCVE•added 2025/08/29 3:5 a.m.•3 views

CVE-2025-5187

A vulnerability was found in the kube-apiserver's NodeRestriction admission controller, where node users can delete their corresponding node object by setting their own OwnerReference to a cluster-scoped resource. This flaw allows an attacker to delete and recreate its node object, leading to the...

6.7CVSS6.3AI score0.00434EPSS

Exploits0References4

SUSE CVE•added 2025/08/27 11:30 p.m.•1 views

SUSE CVE-2025-5187

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

6.7CVSS6.9AI score0.00434EPSS

Exploits0References3

OSV•added 2025/08/27 6:31 p.m.•3 views

GHSA-4X4M-3C2P-QPPC Kubernetes Nodes can delete themselves by adding an OwnerReference

6.7CVSS7AI score0.00434EPSS

Exploits0References5

Github Security Blog•added 2025/08/27 6:31 p.m.•7 views

Kubernetes Nodes can delete themselves by adding an OwnerReference

6.7CVSS5.9AI score0.00434EPSS

Exploits0References5Affected Software1

OSV•added 2025/08/27 5:15 p.m.•3 views

CVE-2025-5187

6.7CVSS6.5AI score

Exploits0References2

Debian CVE•added 2025/08/27 4:20 p.m.•4 views

CVE-2025-5187

6.7CVSS5.3AI score0.00434EPSS

Exploits0

Veracode•added 2024/04/25 5:28 a.m.•12 views

Improper Access Control

github.com/rancher/rancher is vulnerable to Improper Access Control. The vulnerability is due to incomplete cleanup of access bindings, specifically when a Project Role linked to a group is removed from a project, which fails to delete the bindings granting access to cluster scoped resources...

8.8CVSS8.7AI score0.00932EPSS

Exploits0References2Affected Software1

Github Security Blog•added 2024/04/24 9:1 p.m.•24 views

Rancher's Failure to delete orphaned role bindings does not revoke project level access from group based authentication

Impact This vulnerability only affects customers using group based authentication in Rancher versions up to and including 2.4.17, 2.5.11 and 2.6.2. When removing a Project Role associated to a group from a project, the bindings that grant access to cluster scoped resources for those subjects do n...

8.8CVSS7.1AI score0.00932EPSS

Exploits0References4Affected Software1

Veracode•added 2023/06/19 9:37 a.m.•13 views

Privilege Escalation

github.com/stolostron/governance-policy-propagator is vulnerable to Privilege Escalation. In a formed policy, the library makes it possible for dynamically acquired policies to leverage cluster scoped access, enabling a local attacker to access resources from the namespace where the policy was...

7.8CVSS6.6AI score0.00198EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by