Lucene search
K

2696 matches found

NVD
NVD
added yesterday7 views

CVE-2026-59734

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, Coolify's app/Jobs/ApplicationDeploymentJob.php generatehealthcheckcommands function directly interpolated the healthcheckhost, healthcheckmethod, and healthcheckpath...

8.8CVSS
Exploits0References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-42657

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, Coolify's app/Jobs/ApplicationDeploymentJob.php generatehealthcheckcommands function directly interpolated the healthcheckhost, healthcheckmethod, and healthcheckpath...

8.8CVSS6.2AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-59734

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, Coolify's app/Jobs/ApplicationDeploymentJob.php generatehealthcheckcommands function directly interpolated the healthcheckhost, healthcheckmethod, and healthcheckpath...

8.8CVSS6.2AI score
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-55433 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...

5.4CVSS0.00394EPSS
Exploits0References6
CVE
CVE
added 2 days ago19 views

CVE-2026-55433

Coder: Devcontainer recreate endpoint lacked ActionUpdate authorization, allowing read-only workspace roles to trigger destructive rebuilds. Affected versions prior to 2.29.7, 2.32.7, 2.33.8, and 2.34.2 trusted by the endpoint; fix adds ActionUpdate check before dialing the agent, mirroring the d...

5.4CVSS6AI score0.00394EPSS
Exploits0References6Affected Software1
OSV
OSV
added 3 days ago6 views

GO-2026-5922 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder

Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder...

5.4CVSS5.9AI score0.00394EPSS
Exploits0References2
OSV
OSV
added 3 days ago3 views

PYSEC-2026-2003 vantage6 has insecure SSH configuration for node and server containers

Impact Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not exposed so there is no risk, but not all deployments are ideal. The default should therefore be less permissive. We will probably opt to...

6.5CVSS7.2AI score0.00466EPSS
Exploits0References7
OSV
OSV
added 4 days ago3 views

GHSA-JQJ2-X4C5-JFXM Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers

Summary The devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, performed no ActionUpdate check before triggering the destructive rebuild. Note: Exploitation requires an existing low-privilege role with...

5.4CVSS6AI score0.00394EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 8:57 p.m.4 views

GHSA-VX8H-4PRV-G744 Rancher has Privilege Escalation from Project Owner to Host

Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/30 6:20 p.m.18 views

EUVD-2026-36102

Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation...

9.9CVSS5.8AI score0.0029EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 10:20 a.m.6 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.18 shipped with IBM Business Automation Workflow containers June 2026

Summary IBM Business Automation Workflow containers include IBM Cloud Pak foundational services. IBM Business Automation Workflow containers June 2026 security fixes update this dependency beyond 4.18 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: run...

9.8CVSS7.2AI score0.01945EPSS
Exploits4Affected Software2
Fedora
Fedora
added 2026/06/29 1:11 a.m.7 views

[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.1-1.fc43

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
Fedora
Fedora
added 2026/06/29 12:58 a.m.6 views

[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.1-1.fc44

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
Fedora
Fedora
added 2026/06/28 12:58 a.m.7 views

[SECURITY] Fedora 44 Update: moby-engine-29.6.0-1.fc44

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between =E2=80=94 and...

9.1CVSS6.3AI score0.00533EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

EulerOS 2.0 SP15 : kata-containers (EulerOS-SA-2026-2484)

"According to the versions of the kata-containers package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.6 views

EulerOS 2.0 SP15 : kata-containers (EulerOS-SA-2026-2443)

"According to the versions of the kata-containers package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input...

9.1CVSS6.7AI score0.01557EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/06/26 4:29 p.m.6 views

CVE-2026-57231

Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no value can trick podman into passing that variable from the host into the container. This is made worse by the fact that using an asterisk wi...

7.5CVSS5.8AI score0.0026EPSS
Exploits0
CVE
CVE
added 2026/06/26 3:50 p.m.22 views

CVE-2026-9640

CVE-2026-9640 concerns LXD versions 6.0–6.9, 5.21.0–5.21.5, and 5.0.0–5.0.7. It describes a privilege escalation where an authenticated project operator in a restricted multi-tenant environment can bypass project-restriction policies during snapshot restoration by importing a malicious instance b...

7.2CVSS5.8AI score0.00342EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5638 Kata Containers have VM Escape via virtiofsd Argument Injection through Default-Enabled Pod Annotations in github.com/kata-containers/kata-containers

Kata Containers have VM Escape via virtiofsd Argument Injection through Default-Enabled Pod Annotations in github.com/kata-containers/kata-containers...

5.9AI score0.00057EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:34 p.m.6 views

GO-2026-5568 Podman: WORKDIR symlink traversal vulnerability in github.com/containers/podman

Podman: WORKDIR symlink traversal vulnerability in github.com/containers/podman...

5.3CVSS5.8AI score0.00317EPSS
Exploits1References3
Rows per page
Query Builder