Lucene search
K

124 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-39479

Trivy: Helm chart tar bomb causes OOM via unbounded io.ReadAll in parser...

6.9CVSS6.1AI score0.0025EPSS
Exploits0References5
EUVD
EUVD
added yesterday4 views

EUVD-2026-43544

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS6.2AI score0.00284EPSS
Exploits0References3
NVD
NVD
added 2 days ago5 views

CVE-2026-62185

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS0.00284EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-62185 Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS0.00284EPSS
Exploits0References2
CVE
CVE
added 2 days ago10 views

CVE-2026-62185

The CVE-2026-62185 affects the Argo CD Helm Chart prior to 10.0.0, which fails to install network policies by default. As a result, any pod on the cluster can access the repo-server and other Argo APIs, enabling unrestricted network access. This can lead to cluster compromise and remote code exec...

8.6CVSS6.2AI score0.00284EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-57887

Name of the Vulnerable Software and Affected Versions Argo CD Helm Chart versions prior to 10.0.0 Description The software fails to install network policies by default, which allows any pod within the cluster to access the repo-server and other Argo APIs. This unrestricted network access can be...

8.6CVSS6.5AI score0.00284EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 5:16 p.m.8 views

CVE-2026-54448

Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive .tgz, its custom tar unpacker reads each entry with io.ReadAlltr and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to...

6.9CVSS0.0025EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:27 p.m.6 views

CVE-2026-54448

Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive .tgz, its custom tar unpacker reads each entry with io.ReadAlltr and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to...

6.9CVSS5.8AI score0.0025EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/25 4:27 p.m.17 views

CVE-2026-54448

CVE-2026-54448 affects Trivy. Prior to version 0.71.0, its Helm chart scanner uses a custom tar unpacker that reads each archive entry with io.ReadAll(tr) without a size limit, enabling a malicious .tgz to decompress to gigabytes and trigger the OS OOM killer. This could cause the Trivy process t...

6.9CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/18 6:37 p.m.22 views

CVE-2026-47847

Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADBREPLICATIONUSER and MARIADBREPLICATIONPASSWORD environment variables defaulted to monitor and monitor respectively. This user...

5.3CVSS0.00187EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 6:37 p.m.93 views

CVE-2026-47847

Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential in the Galera replication health-check user. The environment variables MARIADB_REPLICATION_USER and MARIADB_REPLICATION_PASSWORD default to monitor and monitor , granting the user REPLICATION CLI...

5.3CVSS5.3AI score0.00187EPSS
Exploits0References1
OSV
OSV
added 2026/06/18 12:0 p.m.7 views

BIT-MARIADB-GALERA-2026-47847 Default replication credential monitor:monitor created

Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADBREPLICATIONUSER and MARIADBREPLICATIONPASSWORD environment variables defaulted to monitor and monitor respectively. This user...

5.3CVSS5.5AI score0.00187EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/11 12:0 a.m.8 views

Security update for trivy (important)

openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2025:0303-1 Rating: important References: 1232948 1235265 1246151 Cross-References: CVE-2024-45338 CVE-2024-51744 CVE-2025-53547 CVSS scores: CVE-2024-45338 SUSE: 8.2...

8.4CVSS7AI score0.00874EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/06 1:46 p.m.10 views

Security Bulletin: Due to use of spring-web-6.2.17.jar, IBM Sterling Connect:Direct Web Services is vulnerable to allows an attacker to consume available disk space.

Summary spring-web-6.2.17.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22740. Vulnerability Details CVEID:CVE-2026-22740 DESCRIPTION: A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp...

6.5CVSS5.5AI score0.00344EPSS
Exploits0Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/04/12 8:1 a.m.9 views

Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment

...

4.8CVSS5.2AI score0.00199EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/09 9:2 p.m.24 views

CVE-2026-35206 Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment

Helm is a package manager for Charts for Kubernetes. In Helm versions =3.20.1 and =4.1.3, a specially crafted Chart will cause helm pull --untar chart URL | repo/chartname to write the Chart's contents to the immediate output directory as defaulted to the current working directory; or as given by...

4.8CVSS0.00199EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/03/30 9:17 a.m.7 views

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...

8.7CVSS6.8AI score0.00407EPSS
Exploits0References26
SUSE Linux
SUSE Linux
added 2026/03/30 9:16 a.m.6 views

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...

8.7CVSS6.8AI score0.00407EPSS
Exploits0References26
OSV
OSV
added 2026/03/30 9:16 a.m.3 views

SUSE-SU-2026:1141-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: - Version 5.2.6-0 Update translation strings uyuni-tools: - Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after...

7.8CVSS5.9AI score0.00407EPSS
Exploits0References13
OSV
OSV
added 2026/03/30 9:15 a.m.3 views

SUSE-SU-2026:1140-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: - Version 5.2.6-0 Update translation strings uyuni-tools: - Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after...

7.8CVSS5.9AI score0.00407EPSS
Exploits0References13
Rows per page
Query Builder