CVE-2026-25679 vulnerabilities

Vulnerabilities for packages: cass-operator, zarf, cerbos, cloud-sql-proxy, swagger, configmap-reload, k8sgpt, kube-state-metrics, apache-exporter, promxy, knative-operator, bank-vaults, thanos-operator, volume-modifier-for-k8s, kubebuilder, migrate, kyverno-policy-reporter, cert-manager, tetrago...

GHSA-J3GX-2473-5FP8 vulnerabilities

Vulnerabilities for packages: cass-operator, zarf, cerbos, cloud-sql-proxy, swagger, configmap-reload, k8sgpt, kube-state-metrics, apache-exporter, promxy, knative-operator, bank-vaults, thanos-operator, volume-modifier-for-k8s, kubebuilder, migrate, kyverno-policy-reporter, cert-manager, tetrago...

CVE-2026-27142 vulnerabilities

Vulnerabilities for packages: terraform-provider-pagerduty, k8s-device-plugin, spqr, minio-object-browser, kubernetes-csi-external-snapshotter, spicedb, blob-csi, cass-operator, sftpgo-plugin-kms, kubernetes-csi-external-provisioner, zarf, nginx-prometheus-exporter, cerbos, cloud-sql-proxy, gital...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: terraform-provider-pagerduty, k8s-device-plugin, spqr, minio-object-browser, kubernetes-csi-external-snapshotter, spicedb, blob-csi, cass-operator, sftpgo-plugin-kms, kubernetes-csi-external-provisioner, zarf, nginx-prometheus-exporter, cerbos, cloud-sql-proxy, gital...

EUVD-2026-10319

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

EUVD-2026-10318

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

CVE-2026-25604

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

CVE-2026-25604

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

CVE-2026-25604 Apache Airflow AWS Auth Manager - Host Header Injection Leading to SAML Authentication Bypass

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

CVE-2026-25604

CVE-2026-25604 affects Apache Airflow with the AWS Auth Manager: the code uses the client-supplied Host header to build the SAML ACS URL, bypassing validation against the configured instance URL. This enables potential cross-instance SAML token reuse and unauthorized access if a malicious Host he...

CVE-2026-25604

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

PT-2026-24054

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

CVE-2026-29067 ZITADEL: Account Takeover Due to Improper Instance Validation in V2 Login

ZITADEL is an open source identity management platform. From version 4.0.0-rc.1 to 4.7.0, a potential vulnerability exists in ZITADEL's password reset mechanism in login V2. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming requests to construct the URL for the password rese...

CVE-2026-29067 ZITADEL: Account Takeover Due to Improper Instance Validation in V2 Login

ZITADEL is an open source identity management platform. From version 4.0.0-rc.1 to 4.7.0, a potential vulnerability exists in ZITADEL's password reset mechanism in login V2. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming requests to construct the URL for the password rese...

CVE-2026-28680

CVE-2026-28680 affects Ghostfolio before version 2.245.0. An attacker can abuse the manual asset import feature to perform a full-read SSRF, enabling exfiltration of sensitive cloud metadata (IMDS) and the ability to probe internal network services. The vulnerability exhibits high confidentiality...

CVE-2026-28680 Ghostfolio: Full-Read SSRF in Manual Asset Import

Ghostfolio is an open source wealth management software. Prior to version 2.245.0, an attacker can exploit the manual asset import feature to perform a full-read SSRF, allowing them to exfiltrate sensitive cloud metadata IMDS or probe internal network services. This issue has been patched in...

CVE-2026-28508 Idno: Unauthenticated SSRF via URL Unfurl Endpoint

Idno is a social publishing platform. Prior to version 1.6.4, a logic error in the API authentication flow causes the CSRF protection on the URL unfurl service endpoint to be trivially bypassed by any unauthenticated remote attacker. Combined with the absence of a login requirement on the endpoin...

CVE-2026-26124

'.../...//' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005555 advisory. In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove cpuhp instance node before remove cpuhp state cpuhpstateaddinstance and...

CVE-2025-50196 Chamilo: OS Command Injection in /plugin/vchamilo/views/editinstance.php via POST main_database parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/editinstance.php via the POST maindatabase parameter. This issue has been patched in version 1.11.30...