CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

801 matches found

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7AI score0.00765EPSS

Exploits4References10

RedHat Linux•added 2 days ago•4 views

etcd: etcd: Authorization bypass allows information disclosure and denial of service

A flaw was found in etcd, a distributed key-value store. Unauthorized users can bypass authentication or authorization checks when the gRPC API is exposed to untrusted clients. This allows them to access sensitive cluster topology information, disrupt operations through alarms, interfere with lea...

8.8CVSS6.1AI score0.00249EPSS

Exploits0References5

RedhatCVE•added 2026/06/05 7:17 p.m.•7 views

CVE-2026-6720

When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to talk to the cluster — inline kubeconfig with bearer token,...

7.2CVSS5.6AI score0.00224EPSS

Exploits0References1

OSV•added 2026/06/05 3:26 p.m.•6 views

GHSA-WV8C-6MX2-XF4J Omni: Reader-level users can retrieve imported cluster CA keys via ResourceService

Summary Omni supports importing standalone Talos clusters. During this process, an ImportedClusterSecrets resource is created, which contains the full CA secrets bundle for the cluster being imported. If these secrets are not rotated by the importing actor, an authenticated Omni user with Reader...

7.6CVSS5.6AI score0.00017EPSS

Exploits0References4

Positive Technologies•added 2026/06/05 12:0 a.m.•11 views

PT-2026-46989

7.6CVSS5.6AI score0.00017EPSS

Exploits0References5

CBLMariner•added 2026/06/02 2:56 a.m.•8 views

CVE-2026-44283 affecting package etcd for versions less than 3.5.30-2

CVE-2026-44283 affecting package etcd for versions less than 3.5.30-2. An upgraded version of the package is available that resolves this issue...

4.3CVSS5.8AI score0.00225EPSS

Exploits0

CBLMariner•added 2026/06/02 2:56 a.m.•12 views

CVE-2026-29181 affecting package etcd for versions less than 3.5.30-2

CVE-2026-29181 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...

7.5CVSS5.8AI score0.00329EPSS

Exploits1

CBLMariner•added 2026/06/02 2:56 a.m.•17 views

CVE-2026-39821 affecting package etcd for versions less than 3.5.30-2

CVE-2026-39821 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...

9.6CVSS5.8AI score0.00344EPSS

Exploits0

CBLMariner•added 2026/06/02 2:56 a.m.•16 views

CVE-2026-33814 affecting package etcd for versions less than 3.5.30-2

CVE-2026-33814 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...

7.5CVSS5.8AI score0.00565EPSS

Exploits0

ATTACKERKB•added 2026/06/01 1:19 p.m.•9 views

CVE-2026-10533

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS5.8AI score0.0023EPSS

Exploits0References3

Vulnrichment•added 2026/06/01 1:19 p.m.•9 views

CVE-2026-10533 Openshift: openshift: non-admin user can bypass resourcequota and flood etcd with events causing cluster-wide api degradation

5CVSS5.8AI score0.0023EPSS

Exploits0References2

Cvelist•added 2026/06/01 1:19 p.m.•28 views

CVE-2026-10533 Openshift: openshift: non-admin user can bypass resourcequota and flood etcd with events causing cluster-wide api degradation

5CVSS0.0023EPSS

Exploits0References2

EUVD•added 2026/06/01 1:19 p.m.•11 views

EUVD-2026-33641

5CVSS5.8AI score0.0023EPSS

Exploits0References2

NVD•added 2026/05/28 5:16 p.m.•12 views

CVE-2026-6720

7.2CVSS0.00224EPSS

Exploits0References4

EUVD•added 2026/05/28 3:47 p.m.•10 views

EUVD-2026-32932

7.2CVSS5.8AI score0.00224EPSS

Exploits0References4

Vulnrichment•added 2026/05/28 3:47 p.m.•9 views

CVE-2026-6720 Calicoctl leaks cluster credentials to stderr when verbose logging is enabled

7.2CVSS5.8AI score0.00224EPSS

Exploits0References4

CVE•added 2026/05/28 3:47 p.m.•18 views

CVE-2026-6720

Calico component calicoctl is affected. When run with --log-level=info or --log-level=debug, it prints the full contents of its loaded connection-configuration struct to stderr in a single log line, exposing credentials (inline kubeconfig with bearer token, Kubernetes API bearer token, etcd passw...

7.2CVSS5.8AI score0.00224EPSS

Exploits0References4

ATTACKERKB•added 2026/05/28 3:47 p.m.•8 views

CVE-2026-6720

7.2CVSS5.8AI score0.00224EPSS

Exploits0References5

Positive Technologies•added 2026/05/28 12:0 a.m.•7 views

PT-2026-44417

Name of the Vulnerable Software and Affected Versions calicoctl affected versions not specified Description When the client is invoked with --log-level=info or --log-level=debug, it prints the full contents of its loaded connection-configuration struct to stderr in a single log line. This struct...

7.2CVSS5.8AI score0.00224EPSS

Exploits0References6

AstraLinux•added 2026/05/20 5:53 a.m.•8 views

Astra Linux - уязвимость в etcd

A DNS rebinding vulnerability has been discovered in etcd 3.3.1 and earlier versions. An attacker can manipulate their DNS records to direct requests to localhost, thereby tricking the browser into sending requests to localhost or any other address...

5.5CVSS6.3AI score0.00512EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by