CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: cert-manager-csi-driver, grpcurl, cerbos, cloud-sql-proxy, swagger, frp, extism, task, configmap-reload, knative-serving, kube-state-metrics, apache-exporter, promxy, k8sgpt-operator, knative-operator, custom-pod-autoscaler, bank-vaults, thanos-operator,...

CVE-2026-25679 vulnerabilities

Vulnerabilities for packages: cass-operator, zarf, cerbos, cloud-sql-proxy, swagger, configmap-reload, k8sgpt, kube-state-metrics, apache-exporter, promxy, knative-operator, bank-vaults, thanos-operator, volume-modifier-for-k8s, kubebuilder, migrate, kyverno-policy-reporter, cert-manager, tetrago...

CVE-2026-27142 vulnerabilities

Vulnerabilities for packages: terraform-provider-pagerduty, k8s-device-plugin, spqr, minio-object-browser, kubernetes-csi-external-snapshotter, spicedb, blob-csi, cass-operator, sftpgo-plugin-kms, kubernetes-csi-external-provisioner, zarf, nginx-prometheus-exporter, cerbos, cloud-sql-proxy, gital...

EUVD-2022-38133

Malicious code in bioql PyPI...

EUVD-2023-32362

Malicious code in bioql PyPI...

PT-2024-6180 · Nginx · Nginx Agent

Name of the Vulnerable Software and Affected Versions: NGINX Agent affected versions not specified Description: The issue is related to the config dirs function of the NGINX Agent and NGINX Instance Manager platform, which allows an attacker to upload arbitrary files outside the intended director...

CVE-2023-28724

NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Default credentials

NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

PT-2023-2757 · Nginx · Nginx Instance Manager +3

Name of the Vulnerable Software and Affected Versions: NGINX Management Suite affected versions not specified NGINX Instance Manager affected versions not specified NGINX API Connectivity Manager affected versions not specified NGINX Security Monitoring affected versions not specified Description...

CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

Design/Logic Flaw

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

CVE-2023-1550 NGINX Agent vulnerability CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

K000133135: NGINX Agent vulnerability CVE-2023-1550

Security Advisory Description NGINX Agent inserts sensitive information into a log file. CVE-2023-1550 Impact An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note :...

K37080719: NGINX Instance Manager vulnerability CVE-2022-35241

Security Advisory Description When NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. CVE-2022-35241 Impact System performance can degrade until system inodes become free. This vulnerability allows a remote, authenticated attacker to cause a...

CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Design/Logic Flaw

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2022-35241 NGINX Instance Manager vulnerability CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2022-35241

CVE-2022-35241 affects NGINX Instance Manager (NGINX IM) and is documented by F5 as an issue where undisclosed requests can cause increased disk resource utilization, enabling a remote, authenticated attacker to degrade system performance (DoS). Affected branches: NGINX IM 2.x (2.0.0–2.3.0) with ...