CLEANSTART-2026-OD47693 Security fixes for CVE-2025-0913, CVE-2025-15558, CVE-2025-4673, CVE-2025-47907, CVE-2025-47914, CVE-2025-58181, CVE-2025-62156, CVE-2025-62157, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-35469, ghsa-37cx-329c-33x3, ghsa-3xc5-wrhm-f963, ghsa-c2hv-4pfj-mm2r, ghsa-cfpf-hrx2-8rv6, ghsa-fw7p-63qq-7hpr, ghsa-p436-gjf2-799p, ghsa-p84v-gxvw-73pf applied in versions: 3.7.0-r0, 3.7.3-r0, 3.7.4-r0, 3.7.6-r0, 3.7.9-r0, 3.7.9-r1, 3.7.9-r2, 4.0.2-r0, 4.0.4-r0, 4.0.4-r1

Multiple security vulnerabilities affect the argo-workflows-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-JC64695 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-26958, CVE-2026-35469, ghsa-f6x5-jh6r-wrfv, ghsa-fw7p-63qq-7hpr, ghsa-gx3x-vq4p-mhhv, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-pc3f-x583-g7j2 applied in versions: 1.16.1-r0, 1.16.1-r1, 1.18.0-r0, 1.19.0-r1

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

SUSE CVE-2026-45803

gh is GitHub's official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...

CLEANSTART-2026-QS87161 Security fixes for CVE-2026-24051, CVE-2026-26958, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39882, CVE-2026-40179, CVE-2026-41889, CVE-2026-42151, CVE-2026-42154, CVE-2026-42499, CVE-2026-42501, CVE-2026-44903, ghsa-8rm2-7qqf-34qm, ghsa-9h8m-3fm2-qjrq, ghsa-9jj7-4m8r-rfcm, ghsa-fw7p-63qq-7hpr, ghsa-fw8g-cg8f-9j28, ghsa-j88v-2chj-qfwx, ghsa-p77j-4mvh-x3m3, ghsa-vffh-x6r8-xx99, ghsa-w8rr-5gcm-pp58, ghsa-wg65-39gg-5wfj, ghsa-xmrv-pmrh-hhx2 applied in versions: 2.19.0-r0, 2.19.0-r1, 2.19.0-r2, 2.19.0-r3

Multiple security vulnerabilities affect the keda package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-47141

creationtimestamp| type| source ---|---|--- 2026-05-18 12:49:16+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-9g8x-92q2-p28f...

CVE-2026-47139

creationtimestamp| type| source ---|---|--- 2026-05-18 12:48:57+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-r9pm-gxmw-wv6p...

CVE-2026-47140

creationtimestamp| type| source ---|---|--- 2026-05-18 12:48:43+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-rp36-8xq3-r6c4...

CVE-2026-47208

creationtimestamp| type| source ---|---|--- 2026-05-18 12:46:19+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-76w7-j9cq-rx2j...

CVE-2026-47131

creationtimestamp| type| source ---|---|--- 2026-05-18 12:45:44+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-v6mx-mf47-r5wg...

Exploit for Embedded Malicious Code in Tanstack Tanstack\/Arktype-Adapter

TanStack Supply Chain Compromise - IOC Checker bash curl -...

GHSA-PWJX-QHCG-RVJ4

creationtimestamp| type| source ---|---|--- 2026-05-17 18:09:49+00:00| seen| https://gist.github.com/web3securityauditor/7d7d8acf63a2ec18ed25f500c878c123...

Grafana Says It Rejected Ransom Demand After Source Code Theft

Grafana says hackers stole its source code after accessing a GitHub token, but no customer data or systems were affected...

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its codebase. "Our investigation has determined that no customer data or personal information was accessed during this incident, and we have...

CVE-2026-46717

creationtimestamp| type| source ---|---|--- 2026-05-17 02:58:21+00:00| published-proof-of-concept| https://github.com/nezhahq/nezha/security/advisories/GHSA-w4g9-mxgg-j532...

CVE-2026-46716

creationtimestamp| type| source ---|---|--- 2026-05-17 02:58:20+00:00| published-proof-of-concept| https://github.com/nezhahq/nezha/security/advisories/GHSA-99gv-2m7h-3hh9 2026-05-30 03:00:04+00:00| seen| https://t.me/GithubRedTeam/86474 2026-05-30 07:00:13+00:00| seen|...

GHSA-VFVV-C25P-M7MM vulnerabilities

Vulnerabilities for packages: pixi, uv...

CVE-2026-46701

creationtimestamp| type| source ---|---|--- 2026-05-16 15:11:55+00:00| published-proof-of-concept| https://github.com/Jovancoding/Network-AI/security/advisories/GHSA-j3vx-cx2r-pvg8...

CVE-2026-46695

creationtimestamp| type| source ---|---|--- 2026-05-16 09:54:51+00:00| published-proof-of-concept| https://github.com/boxlite-ai/boxlite/security/advisories/GHSA-g6ww-w5j2-r7x3...

CVE-2026-46625

creationtimestamp| type| source ---|---|--- 2026-05-16 05:48:24+00:00| published-proof-of-concept| https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j...

CVE-2026-46679

creationtimestamp| type| source ---|---|--- 2026-05-16 03:00:35+00:00| published-proof-of-concept| https://github.com/libp2p/js-libp2p/security/advisories/GHSA-4f8r-922h-2vgv...