EUVD-2026-32675

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK...

CVE-2026-46414 Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK...

PT-2026-44119

Name of the Vulnerable Software and Affected Versions Microsoft UFO version 3.0.1-4-ge2626659 Description The WebSocket control plane trusts client-supplied identity and role fields in task messages. An authenticated WebSocket client with a shared server token can register as a normal device and...

EUVD-2025-145748

Malicious code in constellationhunter npm...

SUSE CVE-2025-58356

Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function cryptactivatebypasshrase. If the VM is successful in opening the partition with th...

GO-2025-4076 Constellation has insecure LUKS2 persistent storage partitions which may be opened and used in github.com/edgelesssys/constellation

Constellation has insecure LUKS2 persistent storage partitions which may be opened and used in github.com/edgelesssys/constellation...

CVE-2025-58356

Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function cryptactivatebypasshrase. If the VM is successful in opening the partition with th...

CVE-2025-58356 Constellation allows insecure use of LUKS2 persistent storage partitions

Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function cryptactivatebypasshrase. If the VM is successful in opening the partition with th...

CVE-2025-58356 Constellation allows insecure use of LUKS2 persistent storage partitions

Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function cryptactivatebypasshrase. If the VM is successful in opening the partition with th...

EUVD-2025-36204

Constellation has insecure LUKS2 persistent storage partitions which may be opened and used...

PT-2025-44025

Name of the Vulnerable Software and Affected Versions Constellation versions prior to 2.24.0 Description Constellation is a Confidential Kubernetes platform that utilizes LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the system employs the crypt activat...

The US Navy Is Going All In on Starlink

The Navy is testing out the Elon Musk–owned satellite constellation to provide high-speed internet access to sailors at sea. It’s part of a bigger project that’s about more than just getting online...

GO-2023-1622 Constellation allows Emergency shell access during initramfs boot phase in github.com/edgelesssys/constellation

Constellation allows Emergency shell access during initramfs boot phase in github.com/edgelesssys/constellation...

GO-2023-1583 User data in TPM attestation vulnerable to MITM in github.com/edgelesssys/constellation

User data in TPM attestation vulnerable to MITM in github.com/edgelesssys/constellation...

GO-2024-2727 Constellation has pods exposed to peers in VPC in github.com/edgelesssys/constellation

Constellation has pods exposed to peers in VPC in github.com/edgelesssys/constellation...

Firewall Bypass

github.com/edgelesssys/constellation is vulnerable to Firewall Bypass. The vulnerability is due to the world configuration which does not prevent unauthorized access to entities inside the cloud VPC to directly reach pods using their internal IP addresses...

GHSA-G8FC-VRCG-8VJG Constallation has pods exposed to peers in VPC

Impact Cilium allows outside actors world entity to directly access pods with their internal pod IP, even if they are not exposed explicitly e.g. via LoadBalancer. A pod that does not authenticate clients and that does not exclude world traffic via network policy may leak sensitive data to an...

North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns

The U.S. Federal Bureau of Investigation FBI on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as...

aardvark-dns (>=1.0.3 <=1.1.0), acme-dns-rust (>=1.0.0 <=1.1.6) +16 more potentially affected by unknown CVE via trust-dns-server (>=0.13.0 <=0.22.0)

trust-dns-server CARGO version =0.13.0, =1.0.3, =1.0.0, =1.4.0, =1.7.0, =0.1.0, =1.12.2, =1.13.0 - localns =1.0.0 - oxidux =0.4.0 - polyresolver =0.1.0 - simple-dns-server =0.1.0 - single-use-dns =0.1.0 - snail =0.4.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5FM9-H728-FWPJ...

aardvark-dns (>=1.0.3 <=1.1.0), acme-dns-rust (>=1.0.0 <=1.1.6) +16 more potentially affected by unknown CVE via trust-dns-server (>=0.13.0 <=0.22.0)

trust-dns-server CARGO version =0.13.0, =1.0.3, =1.0.0, =1.4.0, =1.7.0, =0.1.0, =1.12.2, =1.13.0 - localns =1.0.0 - oxidux =0.4.0 - polyresolver =0.1.0 - simple-dns-server =0.1.0 - single-use-dns =0.1.0 - snail =0.4.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0041...