Lucene search
K

13842 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 3:9 p.m.7 views

CVE-2026-41567

A flaw was found in Moby, the open-source container framework, and Docker Engine. A malicious container image can exploit this vulnerability to achieve arbitrary code execution with full daemon privileges, including host root access. This occurs when a user uploads a compressed archive to the...

7.5CVSS6.4AI score0.00153EPSS
Exploits0References4
Debian
Debian
added 2026/06/26 3:6 p.m.10 views

[SECURITY] [DSA 6370-1] incus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6370-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 26, 2026 https://www.debian.org/security/faq -...

6.1AI score0.00025EPSS
Exploits0
NVD
NVD
added 2026/06/26 1:16 p.m.10 views

CVE-2026-40711

Dell Dell Container Storage Modules, versions csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access...

8CVSS0.00954EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/26 12:31 p.m.42 views

CVE-2026-40711

Dell Dell Container Storage Modules, versions csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access...

8CVSS0.00954EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:31 p.m.7 views

CVE-2026-40711

Dell Dell Container Storage Modules, versions csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access...

8CVSS5.9AI score0.00954EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/26 7:9 a.m.6 views

CVE-2026-54232

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. This vulnerability, a dependency confusion attack, allows a remote attacker to execute arbitrary code with root privileges during the Docker build process. By exploiting this, an attacker can compromise the...

8.8CVSS6.1AI score0.00304EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.6 views

PT-2026-52843

Name of the Vulnerable Software and Affected Versions LXD versions prior to 6.9 LXD version 5.21 Description A nil-pointer dereference occurs in the CreateCustomVolumeFromBackup function when processing a specially crafted custom-volume backup tarball that omits the expires at snapshot field. An...

6.5CVSS6AI score0.00389EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.12 views

PT-2026-53024

Name of the Vulnerable Software and Affected Versions regclient affected versions not specified Description Authentication credentials for a registry may be leaked to external servers. This occurs when a malicious registry server, a malicious blob store, or a registry that fails to restrict...

6.8CVSS5.9AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : containerd vulnerabilities (USN-8472-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8472-1 advisory. It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibl...

9.9CVSS7.3AI score0.00781EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/25 11:23 p.m.7 views

CVE-2026-53440

A flaw was found in Jenkins. This vulnerability allows a remote attacker to perform phishing attacks. The 'Delegate to servlet container' security realm does not properly validate the 'from' parameter, which can be manipulated to redirect users to an attacker-controlled domain after they log in...

4.3CVSS5.9AI score0.00239EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5746 Docker: `PUT /containers/{id}/archive` executes container binary on the host in github.com/docker/docker

Docker: PUT /containers/id/archive executes container binary on the host in github.com/docker/docker...

7.5CVSS5.9AI score0.00153EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5563 Kata Container has CopyFile Policy Subversion via Symlinks in github.com/kata-containers/kata-containers

Kata Container has CopyFile Policy Subversion via Symlinks in github.com/kata-containers/kata-containers...

8.8CVSS5.8AI score0.00269EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 7:16 p.m.8 views

CVE-2026-54092

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, unchecked passwords maximums allow for an arbitrarily large password to be passed into the login API. This spikes CPU and memory, and after...

6.5CVSS0.00484EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 6:43 p.m.4 views

GO-2026-5338 containerd: CRI checkpoint import allows local image tag poisoning in github.com/containerd/containerd

containerd: CRI checkpoint import allows local image tag poisoning in github.com/containerd/containerd...

9.9CVSS5.8AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 5:16 p.m.7 views

CVE-2026-55092

Trivy is a security scanner. Prior to 0.71.1, when Trivy downloads an OCI artifact, it uses the org.opencontainers.image.title annotation from the artifact manifest as the destination filename without validation. An attacker who can make Trivy fetch an attacker-controlled artifact can supply a...

7.5CVSS0.00292EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 4:26 p.m.19 views

CVE-2026-55092

Trivy before 0.71.1 vulnerable to path traversal when downloading OCI artifacts: the org.opencontainers.image.title annotation from the artifact manifest is used as the destination filename without validation, allowing writing layer content to arbitrary locations on the host filesystem. Impact is...

7.5CVSS6AI score0.00292EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/25 12:58 p.m.5 views

EUVD-2026-39356

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/25 12:58 p.m.7 views

CVE-2026-40012

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;...

5.3CVSS5.8AI score0.00305EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/25 12:58 p.m.5 views

CVE-2026-40012

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;...

5.3CVSS5.9AI score0.00305EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/25 11:0 a.m.10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.68 packages and security update

Red Hat OpenShift Container Platform release 4.13.68 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

10CVSS6.9AI score0.01945EPSS
Exploits4References7
Rows per page
Query Builder