CLEANSTART-2026-TZ10716 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289 applied in versions: 1.6.0-r0

Multiple security vulnerabilities affect the cni-plugin-flannel package. These issues are resolved in later releases. See references for individual vulnerability details...

GHSA-M38G-VWW2-MVGX Talos Linux has a local privilege escalation from untrusted workloads

Summary A vulnerability in the Linux kernel's algifaead subsystem CVE-2026-31431, "copy.fail" allows an unprivileged container workload to corrupt arbitrary file page-cache pages via the AFALG crypto interface and splice. On Talos Linux, this vulnerability can be chained into a complete node...

GHSA-GJVH-7JH8-7XHM vulnerabilities

Vulnerabilities for packages: nats-server, apache-beam-java-sdk, commercial-chainloop-cli, tetragon, virt-controller, gitlab-kas-fips, kubescape, opentelemetry-collector-fips, kubernetes-csi-external-resizer, pgwatch, cloudflared-fips, amazon-ecs-agent, stakater-reloader, vexctl, nsc-fips,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: apache-beam-java-sdk, gitlab-kas-fips, kubescape, stakater-reloader, cert-manager-cmctl, kapp-fips, caddy, spegel-fips, azuredisk-csi, minify-fips, mkcert, supercronic-fips, modelmesh-runtime-adapter, go-md2man, pluto, prometheus-pushgateway-fips,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: nats-server, commercial-chainloop-cli, tetragon, virt-controller, gitlab-kas-fips, kubescape, kubernetes-csi-external-resizer, pgwatch, cloudflared-fips, amazon-ecs-agent, stakater-reloader, vexctl, nsc-fips, kubernetes-ingress-defaultbackend-fips, cert-manager-cmctl...

EUVD-2018-11892

Malware in sbrugna...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: rabbitmq-cluster-operator, wire-go, helm-operator, s5cmd, terraform-docs, eksctl, aws-load-balancer-controller, newrelic-fluent-bit-output, delve, rqlite, cert-exporter, trillian, kubeadm-bootstrap-controller, kyverno-policy-reporter-kyverno-plugin,...

BIT-ARGO-CD-2024-31989 ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

CVE-2024-31989

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

CVE-2024-31989 ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

conmon security update

conmon 2.1.3-8 - address CVE-2023-39326 cri-o 1.26.4-1 - Added Oracle Specific Files for cri-o - Cherry-picked upstream commits for OCPBUGS-17150: oci: simplify stopping code https://github.com/cri-o/cri-o/pull/7185 - Fixed CVE-2023-39325: bump golang.org/x/net to v0.17.0 cri-tools 1.26.1-4 -...

conmon security update

conmon 2.1.3-8 - address CVE-2023-39326 cri-o 1.25.5-1 - Added Oracle Specifile Files for cri-o cri-tools 1.25.0-3 - Resolve CVE-2023-39326 flannel-cni-plugin 1.0.1-4 - Resolve CVE-2023-39326 helm 3.11.1-3 - address CVE-2023-39326 istio 1.16.7-3 - Updated Golang to 1.20.12 to address CVE...

conmon security update

conmon 2.1.3-8 - address CVE-2023-39326 2.1.3-7 - Resolve CVE-2023-39325 2.1.3-6 - Add ol8baseoslatest, and ol9baseoslatest, to Jenkinsfile 2.1.3-5 - Add systemd-devel as build requirement 2.1.3-4 - Add support ARM build 2.1.3.3 - Add OL9 support 2.1.3.2 - Update inline with Linux team building...

conmon security update

conmon 2.1.3-7 - Resolve CVE-2023-39325 2.1.3-6 - Add ol8baseoslatest, and ol9baseoslatest, to Jenkinsfile 2.1.3-5 - Add systemd-devel as build requirement 2.1.3-4 - Add support ARM build cri-o 1.26.3-3 - Resolve CVE-2023-39325 1.26.3-2 - Add support for ARM build cri-tools 1.26.1-3 - Resolve...

conmon security update

conmon 2.1.3-7 - Resolve CVE-2023-39325 2.1.3-6 - Add ol8baseoslatest, and ol9baseoslatest, to Jenkinsfile 2.1.3-5 - Add systemd-devel as build requirement 2.1.3-4 - Add support ARM build cri-o 1.26.3-3 - Resolve CVE-2023-39325 1.26.3-2 - Add support for ARM build cri-tools 1.26.1-3 - Resolve...

olcne security update

conmon 2.1.3-7 - Resolve CVE-2023-39325 2.1.3-6 - Add ol8baseoslatest, and ol9baseoslatest, to Jenkinsfile 2.1.3-5 - Add systemd-devel as build requirement 2.1.3-4 - Add support ARM build 2.1.3.3 - Add OL9 support 2.1.3.2 - Update inline with Linux team building conmon for all but OL7. cri-o...

[SECURITY] Fedora 35 Update: golang-github-containerd-cni-1.1.6-1.fc35

A generic CNI library to provide APIs for CNI plugin interactions. The library provides APIs to: - Load CNI network config from different sources - Setup networks for container namespace - Remove networks from container namespace - Query status of CNI network plugin initialization...

CVE-2020-26278

Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vulnerability in which can allow an attacker to take over any host in the cluster. Weave Net is...

Design/Logic Flaw

Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vulnerability in which can allow an attacker to take over any host in the cluster. Weave Net is...

Low: Red Hat Security Advisory: OpenShift Virtualization 2.4.2 Images

Red Hat OpenShift Virtualization release 2.4.2 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a...