Unity Linux 20.1050e / 20.1070e Security Update: kubernetes (UTSA-2026-017390)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017390 advisory. The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0...

CVE-2026-32604

Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions...

Spinnaker: RCE when using gitrepo artifact types due to improper sanitization of user input on branch and paths

Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions...

EUVD-2026-23963

Spinnaker: RCE when using gitrepo artifact types due to improper sanitization of user input on branch and paths...

GHSA-X3J7-7PGJ-H87R Spinnaker: RCE when using gitrepo artifact types due to improper sanitization of user input on branch and paths

Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions...

CVE-2026-32604

Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions...

CVE-2026-32604 Spinnaker vulnerable to RCE when using gitrepo artifact types due to improper sanitization of user input on branch and paths

Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions...

CVE-2026-32604

Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions...

CVE-2026-32604

CVE-2026-32604 affects Spinnaker before the patched releases 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2. The vulnerability arises in clouddriver components when handling gitrepo artifacts, allowing a bad actor to execute arbitrary commands on the pod (RCE) by exploiting improper input handling on...

PT-2026-33842

Name of the Vulnerable Software and Affected Versions Spinnaker versions prior to 2026.1.0 Spinnaker versions prior to 2026.0.1 Spinnaker versions prior to 2025.4.2 Spinnaker versions prior to 2025.3.2 Description An issue in the clouddriver pods allows a bad actor to execute arbitrary commands...

EUVD-2025-6386

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-1767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the...

GHSA-XGPC-Q899-67P8 Fleet doesn’t validate a server’s certificate when connecting through SSH

Impact A vulnerability has been identified within Fleet where, by default, Fleet will automatically trust a remote server’s certificate when connecting through SSH if the certificate isn’t set in the knownhosts file. This could allow the execution of a man-in-the-middle MitM attack against Fleet...

GO-2025-3521 Kubernetes GitRepo Volume Inadvertent Local Repository Access in k8s.io/kubernetes

Kubernetes GitRepo Volume Inadvertent Local Repository Access in k8s.io/kubernetes...

The vulnerability of the gitRepo function in the Kubernetes cluster management software allows a attacker to influence the confidentiality and integrity of the protected information.

The vulnerability of the gitRepo function in the Kubernetes cluster management software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information...

CVE-2025-1767

A flaw was found in Kubernetes. This vulnerability allows a user with create pod permissions to exploit gitRepo volumes to access local git repositories belonging to other pods on the same node. Mitigation This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone...

Kubernetes GitRepo Volume Inadvertent Local Repository Access

A security vulnerability was discovered in Kubernetes that could allow a user with create pod permission to exploit gitRepo volumes to access local git repositories belonging to other pods on the same node. This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone...

GHSA-3WGM-2GW2-VH5M Kubernetes GitRepo Volume Inadvertent Local Repository Access

A security vulnerability was discovered in Kubernetes that could allow a user with create pod permission to exploit gitRepo volumes to access local git repositories belonging to other pods on the same node. This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation. An attacker with create pod permission could access local git repositories belonging to other pods on the same node by exploiting this vulnerability. Notes: 1 This is only exploitable if the cluster still uses...

CVE-2025-1767

This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remai...