136 matches found
CVE-2026-41889 vulnerabilities
Vulnerabilities for packages: gitlab-kas, hydra, bento, peerdb-flow, kine, openbao, chainloop-control-plane-fips, gitaly, sftpgo-plugin-eventsearch, timescaledb-parallel-copy, steampipe, keda, goose-fips, falcosidekick-fips, keda-fips, telegraf, sqlexporter, step-issuer, wal-g, pgwatch, goose,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: gitlab-kas, minio-fips, flannel-fips, db-operator, promxy, terraform-provider-databricks-fips, openbao, ko-fips, kiam, x509-certificate-exporter, dcgm-exporter, docker-machine-driver-harvester, cloudbeat, crossplane-provider-aws-cloudwatchlogs-fips,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: minio-fips, ctop, vault-k8s-fips, kubernetes-dashboard-metrics-scraper, flannel-fips, cert-exporter, ko-fips, spark-operator, dcgm-exporter, coredns-fips, wireguard-go, gitleaks, wave-fips, prometheus-postgres-exporter-fips, nats-server, nri-mongodb, quic-go-fips,...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: gitlab-kas, mailpit, ctop, minio-fips, nats-top, vault-k8s-fips, kubernetes-dashboard-metrics-scraper, flannel-fips, cert-exporter, mods, db-operator, promxy, terraform-provider-databricks-fips, nri-mysql, omnibump, openbao, ko-fips, git-sync-fips,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: gitlab-kas, mailpit, ctop, minio-fips, nats-top, vault-k8s-fips, kubernetes-dashboard-metrics-scraper, flannel-fips, cert-exporter, mods, db-operator, promxy, terraform-provider-databricks-fips, nri-mysql, omnibump, openbao, ko-fips, git-sync-fips,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: gitlab-kas, mailpit, ctop, minio-fips, nats-top, vault-k8s-fips, kubernetes-dashboard-metrics-scraper, flannel-fips, cert-exporter, mods, db-operator, promxy, terraform-provider-databricks-fips, nri-mysql, omnibump, openbao, ko-fips, git-sync-fips,...
GHSA-P423-J2CM-9VMQ vulnerabilities
Vulnerabilities for packages: dask-kubernetes, kubeflow-pipelines-visualization-server, datadog-agent, datadog-agent-fips, superset, dagster, airflow, py3-cassandra-medusa, in-toto, wazuh-manager, open-webui, jupyter-base-notebook, kubeflow-jupyter-web-app, label-studio, mycli, barman,...
CVE-2026-39892 vulnerabilities
Vulnerabilities for packages: dask-kubernetes, kubeflow-pipelines-visualization-server, datadog-agent, datadog-agent-fips, superset, dagster, airflow, py3-cassandra-medusa, in-toto, wazuh-manager, open-webui, jupyter-base-notebook, kubeflow-jupyter-web-app, label-studio, mycli, barman,...
Security update for osslsigncode (critical)
openSUSE Security Update: Security update for osslsigncode Announcement ID: openSUSE-SU-2026:0115-1 Rating: critical References: 1260680 Cross-References: CVE-2025-70888 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This...
GHSA-PH5J-38MG-J6HP vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver-fips, grafana-operator, victorialogs-fips, flux-image-reflector-controller, flux-source-controller, loki-fips, aws-ebs-csi-driver, flux-source-watcher, flux-notification-controller, nova, cluster-autoscaler-fips, victorialogs,...
CVE-2026-27138 vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver-fips, grafana-operator, victorialogs-fips, flux-image-reflector-controller, flux-source-controller, loki-fips, aws-ebs-csi-driver, flux-source-watcher, flux-notification-controller, nova, cluster-autoscaler-fips, victorialogs,...
GHSA-7HFW-R8QC-89V4 vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver-fips, grafana-operator, victorialogs-fips, flux-image-reflector-controller, flux-source-controller, loki-fips, aws-ebs-csi-driver, flux-source-watcher, flux-notification-controller, nova, cluster-autoscaler-fips, victorialogs,...
CVE-2026-27137 vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver-fips, grafana-operator, victorialogs-fips, flux-image-reflector-controller, flux-source-controller, loki-fips, aws-ebs-csi-driver, flux-source-watcher, flux-notification-controller, nova, cluster-autoscaler-fips, victorialogs,...
GHSA-MXW3-3HH2-X2MH vulnerabilities
Vulnerabilities for packages: ruby3.3-rack, gitlab-rails-ce-fips, ruby3.2-rails, ruby3.4-rails, gitlab-cng, gitlab-rails-ce, kube-fluentd-operator, ruby3.3-rails, ruby4.0-rails, logstash...
CVE-2026-22860 vulnerabilities
Vulnerabilities for packages: ruby3.3-rack, gitlab-rails-ce-fips, ruby3.2-rails, ruby3.4-rails, gitlab-cng, gitlab-rails-ce, kube-fluentd-operator, ruby3.3-rails, ruby4.0-rails, logstash...
GHSA-WHRJ-4476-WVMP vulnerabilities
Vulnerabilities for packages: ruby3.3-rack, gitlab-rails-ce-fips, ruby3.2-rails, ruby3.4-rails, gitlab-cng, gitlab-rails-ce, kube-fluentd-operator, ruby3.3-rails, ruby4.0-rails, logstash...
CVE-2026-25500 vulnerabilities
Vulnerabilities for packages: ruby3.3-rack, gitlab-rails-ce-fips, ruby3.2-rails, ruby3.4-rails, gitlab-cng, gitlab-rails-ce, kube-fluentd-operator, ruby3.3-rails, ruby4.0-rails, logstash...
CVE-2025-11065 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips, datadog-agent, tkn-fips, datadog-agent-fips, boring-registry-fips, grafana-mimir-fips, beats, elastic-agent-fips, jitsucom-bulker, gitlab-cng, gitlab-cng-fips, neuvector-sigstore-interface-fips, pluto-fips, docker-compose-fips, kyverno-fips,...
Malicious Package
Overview cng-web-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
EUVD-2026-1837
Malicious code in cng-web-lib npm...