147 matches found
CVE-2026-33726 Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pods to L7 Services Envoy, GAMMA with a local backend on the same node, when Per-Endpoint Routing is...
CVE-2026-33726
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pods to L7 Services Envoy, GAMMA with a local backend on the same node, when Per-Endpoint Routing is...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: pgwatch, jobset-fips, apache-exporter, cluster-api-provider-vsphere, yunikorn-k8shim, json-exporter-fips, prometheus-stackdriver-exporter, docker-compose-fips, boring-registry, gitlab-operator, kubernetes-csi-external-resizer-fips, thanos-receive-controller,...
CVE-2025-47913 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, backup-restore-operator, vault, falco-no-driver, gitlab-rails-ce-fips, terraform, consul-k8s, cert-manager-fips, rke2-runtime-fips, k3s...
GHSA-56W8-48FP-6MGV vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, backup-restore-operator, vault, falco-no-driver, gitlab-rails-ce-fips, terraform, consul-k8s, cert-manager-fips, rke2-runtime-fips, k3s...
CVE-2025-14503
An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...
CVE-2025-64709
Typebot is an open-source chatbot builder. In versions prior to 3.13.1, a Server-Side Request Forgery SSRF vulnerability in the Typebot webhook block HTTP Request component functionality allows authenticated users to make arbitrary HTTP requests from the server, including access to AWS Instance...
CVE-2025-52881 vulnerabilities
Vulnerabilities for packages: grafana-alloy, zarf, amazon-k8s-cni-fips, cloudbeat-fips, blob-csi-fips, kots, kubescape-operator, rancher-agent, docker-fips, grype-db, skaffold, prometheus-podman-exporter, containerd-fips, blob-csi, envoy-gateway-fips, falco-no-driver, dagger, neuvector,...
GHSA-QW9X-CQR3-WC7R vulnerabilities
Vulnerabilities for packages: cluster-autoscaler, grafana-alloy, azure-container-networking, sriov-network-device-plugin, k3s, nvidia-container-toolkit, rancher-agent, rancher, kubernetes, grafana-alloy-fips, prometheus-podman-exporter, eks-distro-fips, rke2-runtime, eks-distro,...
CVE-2025-52565 vulnerabilities
Vulnerabilities for packages: cluster-autoscaler, grafana-alloy, azure-container-networking, sriov-network-device-plugin, k3s, nvidia-container-toolkit, rancher-agent, rancher, kubernetes, grafana-alloy-fips, prometheus-podman-exporter, eks-distro-fips, rke2-runtime, eks-distro,...
CVE-2025-31133 vulnerabilities
Vulnerabilities for packages: cluster-autoscaler, grafana-alloy, azure-container-networking, sriov-network-device-plugin, k3s, nvidia-container-toolkit, rancher-agent, rancher, virt-handler, kubernetes, grafana-alloy-fips, prometheus-podman-exporter, eks-distro-fips, rke2-runtime, eks-distro,...
GHSA-CGRX-MC8F-2PRM vulnerabilities
Vulnerabilities for packages: grafana-alloy, zarf, amazon-k8s-cni-fips, cloudbeat-fips, blob-csi-fips, kots, kubescape-operator, rancher-agent, docker-fips, grype-db, skaffold, prometheus-podman-exporter, containerd-fips, blob-csi, envoy-gateway-fips, falco-no-driver, dagger, neuvector,...
GHSA-9493-H29P-RFM2 vulnerabilities
Vulnerabilities for packages: cluster-autoscaler, grafana-alloy, azure-container-networking, sriov-network-device-plugin, k3s, nvidia-container-toolkit, rancher-agent, rancher, virt-handler, kubernetes, grafana-alloy-fips, prometheus-podman-exporter, eks-distro-fips, rke2-runtime, eks-distro,...
EUVD-2020-5522
Malware in sbrugna...
EUVD-2020-5578
Malware in sbrugna...
EUVD-2023-34409
Malicious code in bioql PyPI...
EUVD-2023-34406
Malicious code in bioql PyPI...
EUVD-2024-1545
Malicious code in bioql PyPI...
EUVD-2023-1884
Malicious code in bioql PyPI...
EUVD-2025-13174
Malicious code in bioql PyPI...