CVE-2026-39830 affecting package nvidia-container-toolkit for versions less than 1.17.8-3

CVE-2026-39830 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...

CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3

CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...

CVE-2026-41888 Distribution: Tag deletion bypasses `storage.delete.enabled` configuration

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.1, tag deletion via the DELETE /v2//manifests/ endpoint bypasses the storage.delete.enabled: false configuration, allowing any API client to remove tags from repositories even when the operator has...

CVE-2026-41888

CVE-2026-41888 affects the Distribution toolkit (prior to v3.1.1). The issue is that DELETE /v2//manifests/ can bypass storage.delete.enabled: false, letting API clients remove tags from repositories even when deletion is disabled. Impact: unauthorized tag deletions. Remediation: upgrade to v3.1....

CVE-2026-32282 vulnerabilities

Vulnerabilities for packages: karpenter, keda, telegraf, cilium-envoy, cloud-provider-aws, dask-gateway, nerdctl, ingress-nginx-controller, newrelic-fluent-bit-output, datadog-agent, argo-cd, external-secrets-operator, knative-operator, grafana, kyverno, kube-arangodb, kine, falco-no-driver,...

GHSA-XJ38-JXC5-RPPX vulnerabilities

Vulnerabilities for packages: zot, azurefile-csi-fips, cloud-provider-azure, traefik, localstack, prometheus-fips, terraform, libnvidia-container-fips, flux-source-watcher, harbor, cloud-provider-azure-fips, tigera-operator, falco-no-driver, keda, aws-flb-firehose, snyk-cli, keda-fips,...

CVE-2026-32282 vulnerabilities

Vulnerabilities for packages: zot, azurefile-csi-fips, cloud-provider-azure, traefik, localstack, prometheus-fips, terraform, libnvidia-container-fips, flux-source-watcher, harbor, cloud-provider-azure-fips, tigera-operator, falco-no-driver, keda, aws-flb-firehose, snyk-cli, keda-fips,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: agentbeat, nri-discovery-kubernetes, aws-sigv4-proxy-fips, nri-discovery-kubernetes-fips, extism, tw, jupyterhub-k8s-image-awaiter-fips, podman, terraform-provider-sendgrid, k8ssandra-operator-fips, grafana-rollout-operator, ipfs-cluster, wave, gotestsum,...

UBUNTU-CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

MiracleLinux 9 : toolbox-0.2-1.el9_6 (AXSA:2025-10740:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10740:02 advisory. nvidia-container-toolkit: Privilege Escalation via Hook Initialization in NVIDIA Container Toolkit CVE-2025-23266 Tenable has extracted the preceding...

SUSE SLES15 / openSUSE 15 Security Update : nvidia-container-toolkit (SUSE-SU-2025:4187-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4187-1 advisory. - Update to version 1.18.0: - This is a major release and includes the following high-level changes: - The default mo...

Security update for nvidia-container-toolkit

This update for nvidia-container-toolkit fixes the following issues: Update to version 1.18.0: This is a major release and includes the following high-level changes: The default mode of the NVIDIA Container Runtime has been updated to make use of a just-in-time-generated CDI specification instead...

SUSE-SU-2025:4187-1 Security update for nvidia-container-toolkit

This update for nvidia-container-toolkit fixes the following issues: - Update to version 1.18.0: - This is a major release and includes the following high-level changes: - The default mode of the NVIDIA Container Runtime has been updated to make use of a just-in-time-generated CDI specification...

ROS-20251030-01

A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...

ROS-20251028-10

A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...

ROS-20251028-11

A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...

GO-2025-3998 NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook in github.com/NVIDIA/gpu-operator

NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook in github.com/NVIDIA/gpu-operator. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

GO-2025-3992 NVIDIA Container Toolkit for all platforms contains an Untrusted Search Path in github.com/NVIDIA/gpu-operator

NVIDIA Container Toolkit for all platforms contains an Untrusted Search Path in github.com/NVIDIA/gpu-operator. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

AlmaLinux 10 : toolbox (ALSA-2025:13674)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:13674 advisory. nvidia-container-toolkit: Privilege Escalation via Hook Initialization in NVIDIA Container Toolkit CVE-2025-23266 Tenable has extracted the preceding description...

RockyLinux 10 : toolbox (RLSA-2025:13674)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:13674 advisory. nvidia-container-toolkit: Privilege Escalation via Hook Initialization in NVIDIA Container Toolkit CVE-2025-23266 Tenable has extracted the preceding descriptio...