4 matches found
CVE-2026-48529
GitHub MCP Server is GitHub's official MCP Server. From 0.22.0 until 1.1.2, when running in HTTP mode with --lockdown-mode enabled, the RepoAccessCache is implemented as a process-global singleton initialized with the first authenticated user's GraphQL client. All subsequent requests from differe...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: flux-operator, newrelic-infra-operator, ingress-nginx-controller, dkron, dbmate, pluto, nova, omnibump, goreleaser, gh, flux-notification-controller, stakater-reloader, malcontent, apko, supercronic, go, temporal, oras, grafana-rollout-operator,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: omnibump, dataplaneapi, rabbitmq-messaging-topology-operator, dapr-fips, flux-source-controller-fips, sealed-secrets-fips, pluto-fips, cilium-fips, aws-eks-pod-identity-agent-fips, fluxcd-kustomize-mutating-webhook, listmonk, aws-privateca-issuer,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: omnibump, dataplaneapi, rabbitmq-messaging-topology-operator, dapr-fips, flux-source-controller-fips, sealed-secrets-fips, pluto-fips, cilium-fips, aws-eks-pod-identity-agent-fips, fluxcd-kustomize-mutating-webhook, listmonk, aws-privateca-issuer,...