7646 matches found
CVE-2026-14904 RES Auth.GetUserPrivateKey Arbitrary File Read
AWS Research and Engineering Studio RES is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources on AWS. Improper link resolution before file access issue CWE-59 in the Auth.GetUserPrivateKey API. An authenticated remot...
CVE-2026-14904
AWS Research and Engineering Studio RES is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources on AWS. Improper link resolution before file access issue CWE-59 in the Auth.GetUserPrivateKey API. An authenticated remot...
Important: Red Hat Security Advisory: RHACS 4.9.9 security and bug fix update
Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...
Important: Red Hat Security Advisory: RHACS 4.11.1 security and bug fix update
Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...
Important: Red Hat Security Advisory: Assisted Installer RHEL 8 components for Multicluster Engine for Kubernetes 2.6.12
Assisted installer RHEL 8 components for the multicluster engine for Kubernetes 2.6.12 General Availability release, with updates to container images. Assisted Installer RHEL 8 integrates components for the general multicluster engine for Kubernetes 2.6.12 release that simplify the process of...
CVE-2026-9165
A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...
CVE-2026-9165 Stackrox: stackrox: unbounded graphql query depth allows authenticated denial of service
A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...
CVE-2026-9165
A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...
EUVD-2026-41859
A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...
PT-2026-56056
Name of the Vulnerable Software and Affected Versions Cilium versions 1.19.0 through 1.19.3 Cilium versions 1.18.2 through 1.18.9 Cilium versions prior to 1.17.16 Description Users capable of creating CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs using the addressMatcher parameter...
GHSA-2V8P-FQPX-2Q3W jxl-oxide: integer subtraction overflow panic in cluster_from_table via crafted JXL input (DoS)
Summary Logic bug in decodesimpletableslow may cause integer arithmetic overflow when decoding Modular image with certain kind of MA tree, which may panic with overflow-checks enabled. Impact Denial of service: any application passing untrusted JXL data to JxlImage::renderframe or equivalent can ...
GHSA-VX8H-4PRV-G744 Rancher has Privilege Escalation from Project Owner to Host
Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...
GHSA-XR65-5CPM-G36X Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer
Impact A vulnerability in Fleet for Rancher Manager affects multi-tenancy environments where different tenants share the same downstream clusters e.g., different privileged or untrusted teams inside the same organization. On unpatched versions, tenants could bypass restrictions to access any conf...
Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.4.6
Logging for Red Hat OpenShift - 6.4.6 Red Hat OpenShift Logging 6.4.6 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs...
CVE-2026-6686
FatFs R0.16 and earlier contains an uninitialized cluster exposure when flseek extends files beyond EOF without zero-filling newly allocated clusters. This maps to CWE-908 Use of Uninitialized Resource. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 4.6, Medium. The...
Critical: Red Hat Security Advisory: Cluster Observability Operator 1.5.0
The Cluster Observability Operator COO is a Red Hat OpenShift Container Platform Operator that you can deploy to manage observability component stacks by using custom resource descriptions CRDs. The 1.5 release of COO...
GHSA-WMGG-3P4H-48X7 Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover
Summary A stronger framing of the same root cause as GHSA-gx55-f84r-v3r7: the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough lacked validation, and MergePodSpec propagated dangerous fields into the generated pods. Details Three independent flaws compounded: 1. Validate gap...
CVE-2026-58371 SeaweedFS < 4.30 - Cross-Origin Information Disclosure via Unvalidated JSONP callback Parameter
SeaweedFS before 4.30 reflects the callback query parameter verbatim into responses served with Content-Type application/javascript in the shared writeJson helper weed/server/common.go, with no callback-name validation, no X-Content-Type-Options: nosniff header, and no CORS allow-list. Every JSON...
EUVD-2026-40310
Arbitrary File Read Unauthenticated in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled...
CVE-2026-10816
CVE-2026-10816 affects NetScaler ADC and NetScaler Gateway. The issue is an Arbitrary File Read that is unauthenticated when access to NSIP, Cluster Management IP or SNIP with management access is enabled. According to the sources, the vulnerability allows read access to files, impacting confiden...