7728 matches found
CVE-2026-56743
Cilium is a networking, observability, and security solution. From 1.19.0 to 1.19.4, standard Kubernetes NetworkPolicy specifications using CIDR-based ipBlock rules without pod or namespace selectors erroneously generate a wildcard namespace allow rule when Cilium is configured with a custom...
CVE-2026-56743
Cilium (versions 1.19.0–1.19.4) is affected where standard Kubernetes NetworkPolicy ipBlock rules without pod/namespace selectors, when configured with a non-default clusterName, can generate a wildcard namespace allow rule. The parser incorrectly creates a pod selector for selectorless peers, en...
CVE-2026-49445
Cilium CVE-2026-49445 : When L7 is enabled, embedded or standalone Envoy creates a world-accessible admin.sock on cluster nodes, enabling a local attacker to access Envoy admin endpoints, potentially expose TLS secrets, disrupt traffic, or terminate Envoy. Affected are Cilium releases prior to 1....
Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.11.10 security update
Red Hat Advanced Cluster Management for Kubernetes 2.11 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. Red Hat Advanced Cluster Management for Kubernetes 2.11 images Red Hat Advanced Cluster Management for Kubernetes provides...
Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update
Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.48 security and extras update
Red Hat OpenShift Container Platform release 4.18.48 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...
EUVD-2026-44596
A flaw was found in the OpenShift GitOps operator. The ClusterRole reconciler does not validate resource ownership when reconciling ClusterRole objects. A namespace-scoped Argo CD instance can trigger deletion of a ClusterRole owned by a cluster-scoped Argo CD instance by crafting a name collisio...
Cluster Control CMON API - Directory Traversal
Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. id: CVE-2024-41628 info: name: Cluster Control CMON API...
EUVD-2025-210470
A null pointer dereference vulnerability exists in the Matter SDK connectedhomeip before 1.4.0, affecting the ReadRevisionAttribute function used in multiple clusters Channel, Account Login, TargetNavigator, etc.. The function lacks proper validation of the delegate pointer before dereferencing. ...
EUVD-2025-210472
A reachable assertion vulnerability exists in the Matter SDK connectedhomeip before 1.4.0, in the interaction model command processing logic. When an InvokeCommandRequest is sent to a nonexistent endpoint and cluster e.g., 0x34, the code incorrectly treats the endpoint as valid due to missing...
EUVD-2025-210469
A reachable assertion vulnerability exists in the Matter SDK connectedhomeip before 1.4.2, specifically within the Level Control cluster's periodic server tick logic. When a MoveToLevel command is sent and immediately followed by a write of OperationMode=2 in the Pump Configuration and Control...
EUVD-2025-210468
A reachable assertion vulnerability exists in the Matter SDK connectedhomeip 1.3 thru 1.4, specifically within the Level Control cluster's server tick logic emberAfLevelControlClusterServerTickCallback. When a MoveToLevel command is executed and followed by a conflicting write to the OperationMod...
CVE-2025-56361
A reachable assertion vulnerability exists in the Matter SDK connectedhomeip 1.3 thru 1.4, specifically within the Level Control cluster's server tick logic emberAfLevelControlClusterServerTickCallback. When a MoveToLevel command is executed and followed by a conflicting write to the OperationMod...
CVE-2026-24229
NVIDIA TensorRT-LLM for Linux contains a vulnerability in the disaggregated orchestrator component, where an attacker could read, write, or delete internal cluster state by sending requests to the FastAPI server. A successful exploit of this vulnerability might lead to information disclosure, dat...
CVE-2026-24229
NVIDIA TensorRT-LLM for Linux contains a vulnerability in the disaggregated orchestrator component, where an attacker could read, write, or delete internal cluster state by sending requests to the FastAPI server. A successful exploit of this vulnerability might lead to information disclosure, dat...
CVE-2026-58319
Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper authentication. An unauthenticated attacker with network access to the FE HTTP service could perform unauthorized administrative operations, potentially affecting cluster integrity and availability and leading to...
CVE-2026-58319 Apache Doris: Improper Authentication in Frontend HTTP API
Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper authentication. An unauthenticated attacker with network access to the FE HTTP service could perform unauthorized administrative operations, potentially affecting cluster integrity and availability and leading to...
EUVD-2026-43653
Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper authentication. An unauthenticated attacker with network access to the FE HTTP service could perform unauthorized administrative operations, potentially affecting cluster integrity and availability and leading to...
CVE-2026-15183
Multiple input validation vulnerabilities in the Snowflake Spark Connector spark-snowflake versions prior to 3.2.1 can allow attackers to exfiltrate OAuth client credentials, execute arbitrary SQL with the connector's Snowflake role, or redirect COPY operations to attacker-controlled storage. An...
CVE-2026-15416
A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...