CVE-2026-40898 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, dkron-fips, k3s, opentelemetry-operator, kyverno-policy-reporter-plugins-trivy-fips, q, kube-metrics-adapter-fips, kyverno-policy-reporter-plugins-trivy, kubedock-fips, coredns-fips, k8sgateway, kargo, kube-metrics-adapter,...

GHSA-W2Q5-6Q6X-X959 vulnerabilities

Vulnerabilities for packages: ipfs-cluster, cloud-provider-azure-fips, wolfictl, elastic-agent, chainctl-fips, kserve-localmodelnode-agent-fips, sops, cue, tkn, task-fips, longhorn-cli-fips, cosign-fips, longhorn-instance-manager-fips, grype-db, kapp-controller-fips, secretgen-controller-fips,...

GHSA-298W-VVM4-WW55 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, wazuh-dashboard, wazuh-dashboard-fips, opensearch-dashboards...

ROOT-APP-MAVEN-CVE-2025-8885 CVE-2025-8885 in io.root.org.bouncycastle:bc-fips - Patched by Root

Root has patched CVE-2025-8885 in the io.root.org.bouncycastle:bc-fips package for Root:Maven. Multiple fixed versions available...

go-toolset:ol8 security update

delve golang 1.25.9-1.0.1 - EXPERIMENTAL: Introduce fipsnoenforceems GODEBUG var - Backported from OL9u7 - Resolves: OLDIS-53586...

CVE-2026-8716 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-runner-fips, gitlab-runner...

GHSA-WGQ9-QP63-G8J3 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-runner-fips, gitlab-runner...

GHSA-R38R-HVG8-XQHF vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-runner-fips, gitlab-runner...

GHSA-5P55-QCQV-882W vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-runner-fips, gitlab-runner...

CVE-2026-6713 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-runner-fips, gitlab-runner...

CVE-2026-1402 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-runner-fips, gitlab-runner...

CVE-2026-39834 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure-servicelinker, gitlab-kas, minio-fips, crossplane-provider-aws-vpc, mods, crossplane-provider-aws-redshiftserverless-fips, openbao, chainloop-control-plane-fips, ko-fips, crossplane-provider-aws-route53, cloudbeat,...

CVE-2026-8723 vulnerabilities

Vulnerabilities for packages: kibana, saf, kubeflow-pipelines, tileserver-gl-fips, opensearch-dashboards, tileserver-gl, redisinsight, thingsboard, prism, argo-workflows, sqlpad, thingsboard-fips, unleash, kubeflow-centraldashboard, json-server, opensearch-dashboards-fips, pelias-api, code-server...

GHSA-Q8MJ-M7CP-5Q26 vulnerabilities

Vulnerabilities for packages: kibana, saf, kubeflow-pipelines, tileserver-gl-fips, opensearch-dashboards, tileserver-gl, redisinsight, thingsboard, prism, argo-workflows, sqlpad, thingsboard-fips, unleash, kubeflow-centraldashboard, json-server, opensearch-dashboards-fips, pelias-api, code-server...

GHSA-WG65-39GG-5WFJ vulnerabilities

Vulnerabilities for packages: minio-fips, ld-relay-fips, prometheus-fips, minio, ld-relay, prometheus...

CVE-2026-42151 vulnerabilities

Vulnerabilities for packages: minio-fips, ld-relay-fips, prometheus-fips, minio, ld-relay, prometheus...

SUSE SLES12 Security Update : openssh (SUSE-SU-2026:2025-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2025-1 advisory. This update for openssh fixes the following issues Tenable has extracted the preceding description block directly from the SUSE security...

GHSA-QJX8-664M-686J vulnerabilities

Vulnerabilities for packages: redisinsight, saf, kibana, wazuh-dashboard-fips...

CVE-2026-46625 vulnerabilities

Vulnerabilities for packages: redisinsight, saf, kibana, wazuh-dashboard-fips...

SUSE CVE-2026-39829

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...