CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/01 5:17 p.m.•9 views

CVE-2026-45132

CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow generate-schema.yaml exposes sensitive credentials Personal Access Token and SSH signing key to fork-controlled code due to unsafe checkout and credential handling practices. Th...

10CVSS0.00043EPSS

Cvelist•added 2026/06/01 4:13 p.m.•27 views

CVE-2026-45131 CloudPirates Open Source Helm Charts: GitHub Actions pull_request_target workflow allows secret exfiltration via fork pull requests

10CVSS0.00043EPSS

EUVD•added 2026/06/01 4:13 p.m.•8 views

EUVD-2026-33666

EUVD•added 2026/06/01 4:13 p.m.•8 views

EUVD-2026-33665

CVE•added 2026/06/01 4:13 p.m.•13 views

CVE-2026-45132

CVE-2026-45132 concerns CloudPirates Open Source Helm Charts. Prior to commit fcf9302, a GitHub Actions workflow (generate-schema.yaml) exposed sensitive credentials—Personal Access Token and an SSH signing key —to fork-controlled code due to unsafe checkout and credential handling practices. The...

Cvelist•added 2026/06/01 4:13 p.m.•28 views

CVE-2026-45132 CloudPirates Open Source Helm Charts: GitHub Actions workflow leaks PAT and SSH signing key via unsafe credential handling

10CVSS0.00043EPSS

Vulnrichment•added 2026/06/01 4:13 p.m.•7 views

CVE-2026-45132 CloudPirates Open Source Helm Charts: GitHub Actions workflow leaks PAT and SSH signing key via unsafe credential handling

CNNVD•added 2026/06/01 12:0 a.m.•7 views

CloudPirates Open Source Helm Charts: Code Injection Vulnerability

CloudPirates Open Source Helm Charts is a collection of Helm Charts for cloud-native applications, developed by CloudPirates.io. Previous versions of CloudPirates Open Source Helm Charts had a code injection vulnerability. This vulnerability stems from executing code controlled by the attacker in...

10CVSS5.9AI score0.00043EPSS

CNNVD•added 2026/06/01 12:0 a.m.•5 views

CloudPirates Open Source Helm Charts: Code Injection Vulnerability

CloudPirates Open Source Helm Charts is a collection of Helm Charts for cloud-native applications, developed by CloudPirates.io. Previous versions of CloudPirates Open Source Helm Charts had a code injection vulnerability. This vulnerability stemmed from GitHub Actions workflows exposing sensitiv...

10CVSS5.9AI score0.00043EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•11 views

PT-2026-45468

Name of the Vulnerable Software and Affected Versions CloudPirates Open Source Helm Charts versions prior to commit fcf9302 Description A GitHub Actions workflow named 'generate-schema.yaml' exposes sensitive credentials, specifically a Personal Access Token and an SSH signing key, to code...

10CVSS5.3AI score0.00043EPSS

Exploits0References5

NVD•added 2026/03/04 10:16 p.m.•3 views

CVE-2026-25750

Langchain Helm Charts are Helm charts for deploying Langchain applications on Kubernetes. Prior to langchain-ai/helm version 0.12.71, a URL parameter injection vulnerability existed in LangSmith Studio that could allow unauthorized access to user accounts through stolen authentication tokens. The...

8.5CVSS0.00063EPSS

Vulnrichment•added 2026/03/04 9:58 p.m.•2 views

CVE-2026-25750 LangSmith Studio has URL Parameter Injection Vulnerability that Enables Token Theft via Malicious baseUrl

8.5CVSS6AI score0.00063EPSS

CNNVD•added 2026/03/04 12:0 a.m.•5 views

Langchain Helm Charts 注入漏洞

Langchain Helm Charts is a Kubernetes Helm chart library developed by LangChain for deploying Langchain applications. Versions of Langchain Helm Charts prior to 0.12.71 contained a injection vulnerability. This vulnerability stemmed from URL parameter injections in LangSmith Studio, which could...

8.5CVSS6AI score0.00063EPSS

Positive Technologies•added 2026/03/04 12:0 a.m.•3 views

PT-2026-23069

Name of the Vulnerable Software and Affected Versions Langchain Helm Charts versions prior to 0.12.71 Description Langchain Helm Charts, used for deploying Langchain applications on Kubernetes, had a flaw where a specially crafted link could lead to the theft of authentication tokens. This allowe...

8.5CVSS5.7AI score0.00063EPSS

Exploits0References12

Tenable Nessus•added 2026/02/28 12:0 a.m.•4 views

openSUSE 16 Security Update : openQA, os-autoinst, openQA-devel-container (openSUSE-SU-2026:20261-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20261-1 advisory. Changes in openQA: - Update to version 5.1771422749.560a3b26: fixmcp: set navbar check expression to read-only feat: support inverted result filters in...

9.2CVSS6.1AI score0.00041EPSS

Exploits0References3

Snyk•added 2025/10/29 1:39 a.m.•4 views

Malicious Package

Overview helm-charts-monorepo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score

OSV•added 2025/10/25 12:20 a.m.•1 views

MAL-2025-48688 Malicious code in helm-charts-monorepo (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 927894d07d39eb62e7540bb7cb82999c513d6e9478109895a33f8d8027bae41d Any computer that has this package installed or running should be considered...

7AI score