Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

137 matches found

Cvelist
Cvelistadded 2025/12/14 9:27 p.m.17 views

CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager

A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...

5.8CVSS0.00011EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2025/12/14 9:27 p.m.4 views

CVE-2025-13281

A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...

5.8CVSS7.8AI score0.00011EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2025/12/14 9:27 p.m.3 views

CVE-2025-13281

A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...

5.8CVSS6.5AI score0.00011EPSS
Exploits0References3
OSV
OSVadded 2025/12/12 12:20 p.m.1 views

OESA-2025-2819 kubernetes security update

Container cluster management. Security Fixes: A vulnerability was found in Kubernetes kube-controller-manager up to versions 1.30.14, 1.31.14, 1.32.9, 1.33.5 and 1.34.1. It has been classified as CWE-918 Server-Side Request Forgery. The web server receives a URL or similar request from an upstrea...

5.8CVSS6.7AI score0.00011EPSS
Exploits0References2
OSV
OSVadded 2025/12/12 12:20 p.m.2 views

OESA-2025-2818 kubernetes security update

Container cluster management. Security Fixes: A vulnerability was found in Kubernetes kube-controller-manager up to versions 1.30.14, 1.31.14, 1.32.9, 1.33.5 and 1.34.1. It has been classified as CWE-918 Server-Side Request Forgery. The web server receives a URL or similar request from an upstrea...

5.8CVSS6.7AI score0.00011EPSS
Exploits0References2
OSV
OSVadded 2025/12/12 12:20 p.m.1 views

OESA-2025-2817 kubernetes security update

Container cluster management. Security Fixes: A vulnerability was found in Kubernetes kube-controller-manager up to versions 1.30.14, 1.31.14, 1.32.9, 1.33.5 and 1.34.1. It has been classified as CWE-918 Server-Side Request Forgery. The web server receives a URL or similar request from an upstrea...

5.8CVSS6.7AI score0.00011EPSS
Exploits0References2
OSV
OSVadded 2025/12/12 12:20 p.m.4 views

OESA-2025-2816 kubernetes security update

Container cluster management. Security Fixes: A vulnerability was found in Kubernetes kube-controller-manager up to versions 1.30.14, 1.31.14, 1.32.9, 1.33.5 and 1.34.1. It has been classified as CWE-918 Server-Side Request Forgery. The web server receives a URL or similar request from an upstrea...

5.8CVSS6.7AI score0.00011EPSS
Exploits0References2
OSV
OSVadded 2025/12/12 12:20 p.m.2 views

OESA-2025-2815 kubernetes security update

Container cluster management. Security Fixes: A vulnerability was found in Kubernetes kube-controller-manager up to versions 1.30.14, 1.31.14, 1.32.9, 1.33.5 and 1.34.1. It has been classified as CWE-918 Server-Side Request Forgery. The web server receives a URL or similar request from an upstrea...

5.8CVSS6.7AI score0.00011EPSS
Exploits0References2
Wolfi
Wolfiadded 2025/12/07 7:47 p.m.6 views

CVE-2025-61727 vulnerabilities

Vulnerabilities for packages: cert-manager-webhook-pdns, gatekeeper, opentofu, go-discover, kserve-rest-proxy, kubernetes-csi-livenessprobe, s5cmd, thanos-operator, kube-bench, grafana, k9s, opentelemetry-collector-contrib, newrelic-nri-kube-events, telegraf, karma, terraform-provider-google,...

6.5CVSS7.2AI score0.00008EPSS
Exploits0
Wolfi
Wolfiadded 2025/12/07 7:47 p.m.3 views

GHSA-5MH9-3JWC-RP59 vulnerabilities

Vulnerabilities for packages: cert-manager-webhook-pdns, gatekeeper, opentofu, go-discover, kserve-rest-proxy, kubernetes-csi-livenessprobe, s5cmd, thanos-operator, kube-bench, grafana, k9s, opentelemetry-collector-contrib, newrelic-nri-kube-events, telegraf, karma, terraform-provider-google,...

5.4AI score
Exploits0
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-29178

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.02646EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-3260

Malicious code in bioql PyPI...

7.7CVSS7.8AI score0.00136EPSS
Exploits0References9
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-29177

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.01522EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-1110

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00075EPSS
Exploits0References13
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-29176

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.02067EPSS
Exploits2References4
SUSE CVE
SUSE CVEadded 2025/09/19 11:22 p.m.1 views

SUSE CVE-2025-59358

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service...

7.5CVSS7.2AI score0.00501EPSS
Exploits1References2
SUSE CVE
SUSE CVEadded 2025/09/19 11:22 p.m.1 views

SUSE CVE-2025-59359

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.5AI score0.02067EPSS
Exploits2References2
SUSE CVE
SUSE CVEadded 2025/09/19 11:22 p.m.1 views

SUSE CVE-2025-59360

The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.5AI score0.02646EPSS
Exploits1References2
SUSE CVE
SUSE CVEadded 2025/09/19 11:22 p.m.3 views

SUSE CVE-2025-59361

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.5AI score0.01522EPSS
Exploits1References2
OSV
OSVadded 2025/09/17 5:3 p.m.1 views

GO-2025-3952 Chaos Controller Manager is vulnerable to OS command injection in github.com/chaos-mesh/chaos-mesh

Chaos Controller Manager is vulnerable to OS command injection in github.com/chaos-mesh/chaos-mesh. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

9.8CVSS7.6AI score0.02067EPSS
Exploits2References5
Rows per page
Query Builder