CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: k9s, zot, gogatekeeper, chartmuseum, skaffold, wolfictl, trivy-operator, steampipe, k3s, neuvector-scanner, helm-set-status, osv-scanner, syft, docker-compose, headlamp, grype, opa, consul-k8s, rancher, rancher-helm, xeol, k8ssandra-client, kargo, eksctl, teleport,...

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: docker, kube-arangodb-fips, buildkitd-fips, trivy, helm-set-status, packer-fips, k8ssandra-client-fips, docker-compose, chaos-mesh, xeol, gogatekeeper, grype-db, eks-node-monitoring-agent, newrelic-infrastructure-agent-fips, wolfictl, newrelic-infrastructure-agent,...

SUSE CVE-2026-31465

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

EUVD-2026-24809

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

CVE-2026-31465

CVE-2026-31465 in the Linux kernel concerns the writeback path for filesystems without data integrity guarantees (e.g., fuse). The fix adds a SB_I_NO_DATA_INTEGRITY superblock flag; when set, sync kicks off writeback of dirty inodes but does not wait for flusher threads to finish. The change move...

PT-2026-34370

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SB I NO DATA INTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set...

GHSA-W4GW-W5JQ-G9JH vulnerabilities

Vulnerabilities for packages: cilium-envoy, k8s-device-plugin, wuzz, runc, k3s, fuse-overlayfs-snapshotter, aws-load-balancer-controller, gitness...

GHSA-W4GW-W5JQ-G9JH vulnerabilities

Vulnerabilities for packages: nvidia-gpu-operator-validator, gitlab-rails-ce, cilium-envoy-fips, fuse-overlayfs-snapshotter, gitness, rke2-runtime, wuzz, rke2-runtime-fips, backup-restore-operator, gendesk, k3s, localstack, aws-load-balancer-controller, k8s-device-plugin, cilium-envoy, runc,...

CVE-2025-58190 vulnerabilities

Vulnerabilities for packages: nvidia-gpu-operator-validator, gitlab-rails-ce, cilium-envoy-fips, fuse-overlayfs-snapshotter, gitness, rke2-runtime, wuzz, rke2-runtime-fips, backup-restore-operator, gendesk, k3s, localstack, aws-load-balancer-controller, k8s-device-plugin, cilium-envoy, runc,...

CVE-2025-47911 vulnerabilities

Vulnerabilities for packages: nvidia-gpu-operator-validator, gitlab-rails-ce, cilium-envoy-fips, fuse-overlayfs-snapshotter, gitness, rke2-runtime, wuzz, rke2-runtime-fips, backup-restore-operator, gendesk, k3s, localstack, aws-load-balancer-controller, k8s-device-plugin, cilium-envoy, runc,...

CVE-2025-58190 vulnerabilities

Vulnerabilities for packages: cilium-envoy, k8s-device-plugin, wuzz, runc, k3s, fuse-overlayfs-snapshotter, aws-load-balancer-controller, gitness...

CVE-2025-47911 vulnerabilities

Vulnerabilities for packages: cilium-envoy, k8s-device-plugin, wuzz, runc, k3s, fuse-overlayfs-snapshotter, aws-load-balancer-controller, gitness...

MiracleLinux 8 : container-tools: rhel8 (AXSA:2020-295:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-295:01 advisory. QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 Bug Fixes: useradd and groupadd fail under rootless Buildah and podman Podman...

container-tools:rhel8 security update

aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah 2:1.33.14-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/a7f8179 - fixes 'CVE-2025-47913...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: nvidia-nsight-compute-13.0, k8ssandra-operator, temporal-ui-server, kubernetes-csi-external-attacher, nri-kubernetes, kube-fluentd-operator, s5cmd, cilium-certgen, gogatekeeper, thanos, kine, newrelic-infrastructure-agent, mongodb-kubernetes-operator,...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: gogatekeeper, ko, tekton-pipelines, kubernetes-csi-external-attacher, pvc-autoresizer, kubernetes-dashboard-auth, dfc, gptscript, kuberlr, nri-kubernetes, redis-operator, timestamp-authority, cis-operator, gotestsum, nri-elasticsearch, tekton-chains,...

GHSA-265R-HFXG-FHMG vulnerabilities

Vulnerabilities for packages: zot, chartmuseum, nerdctl, skaffold, wolfictl, k3s, neuvector-scanner, osv-scanner, syft, docker-compose, rancher-fleet, grype, opa, xeol, k8ssandra-client, kargo, eksctl, envoy-gateway, kubevela, zarf, cilium-cli, flux-helm-controller, k8sgpt,...

fuse-overlayfs bug fix and enhancement update

An update is available for fuse-overlayfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

container-tools:ol8 security update

aardvark-dns buildah 2:1.33.11-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/fe85f0d - Resolves: RHEL-61853 2:1.33.10-1 - update to the latest content of...

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-8038)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8038 advisory. aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah cockpit-podman conmon containernetworking-plugins...