CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: helm-push, helm-operator, docker-cli-buildx, kots, skaffold, eksctl, spegel, dagger, opa-envoy, envoy-gateway, newrelic-infrastructure-agent, headlamp, cluster-api-helm-controller, kubescape, k8sgpt, grype, kargo, containerd, syft, opa, helm-mapkubeapis, k3s,...

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: google-osconfig-agent, trivy-fips, helm-operator, docker-cli-buildx, eksctl, chaos-mesh, kubescape, docker-cli-buildx-fips, packer, wolfictl, cluster-api-helm-controller-fips, osv-scanner, consul-k8s, amazon-ecs-agent-fips, datadog-agent, steampipe, envoy-gateway-fip...

SUSE CVE-2026-31465

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

EUVD-2026-24809

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

CVE-2026-31465

CVE-2026-31465 in the Linux kernel concerns the writeback path for filesystems without data integrity guarantees (e.g., fuse). The fix adds a SB_I_NO_DATA_INTEGRITY superblock flag; when set, sync kicks off writeback of dirty inodes but does not wait for flusher threads to finish. The change move...

PT-2026-34370

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SB I NO DATA INTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set...

GHSA-W4GW-W5JQ-G9JH vulnerabilities

Vulnerabilities for packages: k8s-device-plugin, wuzz, runc, k3s, aws-load-balancer-controller, cilium-envoy, gitness, fuse-overlayfs-snapshotter...

GHSA-W4GW-W5JQ-G9JH vulnerabilities

Vulnerabilities for packages: k8s-device-plugin, wuzz, terraform, gendesk, runc, k3s, aws-load-balancer-controller, localstack, nvidia-gpu-operator-validator, rke2-runtime, rke2-runtime-fips, gitlab-rails-ce, cilium-envoy, backup-restore-operator, gitness, fuse-overlayfs-snapshotter,...

CVE-2025-58190 vulnerabilities

Vulnerabilities for packages: k8s-device-plugin, wuzz, terraform, gendesk, runc, k3s, aws-load-balancer-controller, localstack, nvidia-gpu-operator-validator, rke2-runtime, rke2-runtime-fips, gitlab-rails-ce, cilium-envoy, backup-restore-operator, gitness, fuse-overlayfs-snapshotter,...

CVE-2025-47911 vulnerabilities

Vulnerabilities for packages: k8s-device-plugin, wuzz, terraform, gendesk, runc, k3s, aws-load-balancer-controller, localstack, nvidia-gpu-operator-validator, rke2-runtime, rke2-runtime-fips, gitlab-rails-ce, cilium-envoy, backup-restore-operator, gitness, fuse-overlayfs-snapshotter,...

CVE-2025-47911 vulnerabilities

Vulnerabilities for packages: k8s-device-plugin, wuzz, runc, k3s, aws-load-balancer-controller, cilium-envoy, gitness, fuse-overlayfs-snapshotter...

CVE-2025-58190 vulnerabilities

Vulnerabilities for packages: k8s-device-plugin, wuzz, runc, k3s, aws-load-balancer-controller, cilium-envoy, gitness, fuse-overlayfs-snapshotter...

MiracleLinux 8 : container-tools: rhel8 (AXSA:2020-295:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-295:01 advisory. QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 Bug Fixes: useradd and groupadd fail under rootless Buildah and podman Podman...

container-tools:rhel8 security update

aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah 2:1.33.14-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/a7f8179 - fixes 'CVE-2025-47913...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: falcoctl-fips, helm-operator, nvidia-container-toolkit, rabbitmq-cluster-operator-fips, secrets-store-csi-driver-provider-aws-fips, request-1279-14, newrelic-nri-kube-events-fips, amazon-vpc-cni-plugins-fips, falcosidekick-fips, kubernetes-dashboard-auth-fips,...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: helm-operator, nvidia-container-toolkit, opensearch-k8s-operator, kubescape, harbor, terraform-mcp-server, kube-state-metrics, sftpgo-plugin-pubsub, aws-nuke, spire-server, harbor-cli, sftpgo-plugin-eventsearch, grafana-operator, openbao-k8s, jitsucom-bulker,...

GHSA-265R-HFXG-FHMG vulnerabilities

Vulnerabilities for packages: helm-push, helm-operator, docker-cli-buildx, kots, skaffold, eksctl, spegel, dagger, opa-envoy, envoy-gateway, newrelic-infrastructure-agent, cluster-api-helm-controller, nerdctl, kubescape, k8sgpt, grype, kargo, syft, opa, cilium-cli, k3s, wolfictl, kaniko,...

fuse-overlayfs bug fix and enhancement update

An update is available for fuse-overlayfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

container-tools:ol8 security update

aardvark-dns buildah 2:1.33.11-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/fe85f0d - Resolves: RHEL-61853 2:1.33.10-1 - update to the latest content of...

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-8038)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8038 advisory. aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah cockpit-podman conmon containernetworking-plugins...