Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in Mattermost versions 11.2.2 and earlier of the 11.2.x series, as well as versions 10.11.10 and earlier of the 10.11.x series, 11.4.0 and earlier of the 11.4.x series, and 11.3...

Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.9 security update

The multicluster engine for Kubernetes 2.7 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.7 images The multicluster engine for Kubernetes provides the foundational components that are...

New CanisterWorm Targets Kubernetes Clusters, Deploys “Kamikaze” Wiper

CanisterWorm spreads via npm supply chain attack, hijacks developer accounts, targets Kubernetes clusters, and deploys destructive Kamikaze wiper payload...

EUVD-2026-12587

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

Kube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoS

kube-router Proxy Module Does Not Validate ExternalIPs or LoadBalancer IPs Against Configured Ranges Summary This issue primarily affects multi-tenant clusters where untrusted users are granted namespace-scoped permissions to create or modify Services. Single-tenant clusters or clusters where all...

CVE-2026-4148

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4148

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

UBUNTU-CVE-2026-4148

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4148

A use-after-free vulnerability (CVE-2026-4148) affects MongoDB in sharded clusters, triggered by an authenticated user with read role issuing a specially crafted $lookup or $graphLookup aggregation. The linked OSV entry cites the failure in ExpressionContext within the classic engine as the root ...

ExpressionContext use-after-free in classic engine $lookup and $graphLookup aggregation operators

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4148 ExpressionContext use-after-free in classic engine $lookup and $graphLookup aggregation operators

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4148

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4148 ExpressionContext use-after-free in classic engine $lookup and $graphLookup aggregation operators

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

PT-2026-25907

Name of the Vulnerable Software and Affected Versions MongoDB Server affected versions not specified Description A use-after-free issue can occur in sharded clusters when a user with read access submits a specifically designed aggregation pipeline using either the $lookup or $graphLookup operator...

[SECURITY] Fedora 42 Update: pcs-0.12.2-1.fc42

pcs is a configuration tool for Corosync and Pacemaker. It permits users to easily view, modify and create high availability clusters based on Pacemaker. This package contains the pcs command-line utility and its server pcsd...

[SECURITY] Fedora 43 Update: pcs-0.12.2-1.fc43

pcs is a configuration tool for Corosync and Pacemaker. It permits users to easily view, modify and create high availability clusters based on Pacemaker. This package contains the pcs command-line utility and its server pcsd...

[SECURITY] Fedora 42 Update: k9s-0.50.18-1.fc42

Kubernetes CLI To Manage Your Clusters In Style!...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.64 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.64 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

Rancher has downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)

Impact An issue was discovered in Rancher versions up to and including 2.5.15 and 2.6.6 where a flaw with authorization logic allows privilege escalation through cluster role template binding CRTB and project role template binding PRTB. This issue does not affect the local cluster, it affects onl...

GHSA-6X34-89P7-95WG Rancher has downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)

Impact An issue was discovered in Rancher versions up to and including 2.5.15 and 2.6.6 where a flaw with authorization logic allows privilege escalation through cluster role template binding CRTB and project role template binding PRTB. This issue does not affect the local cluster, it affects onl...