1779 matches found
CVE-2026-45132
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow generate-schema.yaml exposes sensitive credentials Personal Access Token and SSH signing key to fork-controlled code due to unsafe checkout and credential handling practices. Th...
CVE-2026-45131
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
PT-2026-49599
Impact skillctl 0.1.0 and 0.1.1 contained four path-safety vulnerabilities that, in combination, allowed an attacker to: 1. Exfiltrate arbitrary files on the operator's machine by publishing a malicious skills library containing a symlink inside a skill folder e.g. niania →...
Linux Distros Unpatched Vulnerability : CVE-2026-46057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - landlock: Fix LOGSUBDOMAINSOFF inheritance across fork hookcredtransfer only copies the Landlock security blob when the source credential has a domain. This is...
American Fuzzy Lop plus plus 5.00c
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...
CVE-2026-45131
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
EUVD-2026-33666
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
CVE-2026-45131
CloudPirates Open Source Helm Charts are affected by a vulnerability in the GitHub Actions pull-request.yaml workflow where attacker-controlled code from fork pull requests could run in a privileged context, exposing repository secrets (e.g., Docker Hub credentials/tokens). The issue precedes com...
CVE-2026-45131 CloudPirates Open Source Helm Charts: GitHub Actions pull_request_target workflow allows secret exfiltration via fork pull requests
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
CVE-2026-45131 CloudPirates Open Source Helm Charts: GitHub Actions pull_request_target workflow allows secret exfiltration via fork pull requests
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
PT-2026-45467
Name of the Vulnerable Software and Affected Versions CloudPirates Open Source Helm Charts versions prior to commit fcf9302 Description A GitHub Actions workflow in the pull-request.yaml file executes attacker-controlled code from fork pull requests within a privileged context. This allows for th...
CVE-2026-44358
Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspace after copying the fork's checkout into it, creating an untrusted search path for both binary...
CVE-2026-44358
The CVE-2026-44358 affects Espressif Shared GitHub DangerJS, a reusable GitHub Action for Espressif projects. Before 1.0.1, the action’s entrypoint.sh invoked DangerJS from the caller’s workspace after copying the fork’s checkout, creating an untrusted search path for binary and Node.js module re...
CVE-2026-44358
Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspace after copying the fork's checkout into it, creating an untrusted search path for both binary...
EUVD-2026-32908
Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspace after copying the fork's checkout into it, creating an untrusted search path for both binary...
SUSE CVE-2026-46057
In the Linux kernel, the following vulnerability has been resolved: landlock: Fix LOGSUBDOMAINSOFF inheritance across fork hookcredtransfer only copies the Landlock security blob when the source credential has a domain. This is inconsistent with landlockrestrictself which can set LOGSUBDOMAINSOFF...
PT-2026-44387
Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspace after copying the fork's checkout into it, creating an untrusted search path for both binary...
CVE-2026-46057
In the Linux kernel, the following vulnerability has been resolved: landlock: Fix LOGSUBDOMAINSOFF inheritance across fork hookcredtransfer only copies the Landlock security blob when the source credential has a domain. This is inconsistent with landlockrestrictself which can set LOGSUBDOMAINSOFF...
UBUNTU-CVE-2026-46057
In the Linux kernel, the following vulnerability has been resolved: landlock: Fix LOGSUBDOMAINSOFF inheritance across fork hookcredtransfer only copies the Landlock security blob when the source credential has a domain. This is inconsistent with landlockrestrictself which can set LOGSUBDOMAINSOFF...
CVE-2026-46057 landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork()
In the Linux kernel, the following vulnerability has been resolved: landlock: Fix LOGSUBDOMAINSOFF inheritance across fork hookcredtransfer only copies the Landlock security blob when the source credential has a domain. This is inconsistent with landlockrestrictself which can set LOGSUBDOMAINSOFF...