CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Chainguard•added 2026/04/11 2:18 a.m.•6 views

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: virt-api, go-spdk-helper-fips, hcl2json-fips, nri-mysql, verticadb-operator, minc, go-discover, kaf, grpc-health-probe, falco-exporter-fips, kcp-fips-0.29, otel-cli, opa-envoy, neuvector-dbgen, aws-eks-pod-identity-agent-fips, hey, listmonk, pvc-autoresizer-fips,...

OSV•added 2026/04/03 12:0 a.m.•4 views

OPENSUSE-SU-2026:10484-1 k6-1.7.1-1.1 on GA media

These are all security issues fixed in the k6-1.7.1-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS5.9AI score0.00522EPSS

Exploits1References1

OSSF Malicious Packages•added 2026/03/22 4:22 p.m.•6 views

Malicious code in opengov-k6-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d6d3e0e21551377d17f0e85338f6ea9650b7c18f717b6e1060b1d50962ed112 The package opengov-k6-core was found to contain malicious code. Source: ghsa-malware 1370c540f2157e1e42d9edb109b0b6c57f27d35cfcfd8ebef2a5dc2d44db6e3...

OSV•added 2026/03/22 4:22 p.m.•5 views

Exploits0References4

MAL-2026-2027 Malicious code in opengov-k6-core (npm)

Snyk•added 2026/03/19 11:0 p.m.•2 views

Exploits0References4

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score

Exploits0References2

Chainguard•added 2026/02/28 7:17 p.m.•6 views

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: gitlab-runner, argocd-image-updater, k8s-agents-operator, secrets-store-csi-driver-provider-gcp-fips, gitlab-operator-fips, ory-kratos, otel-cli, spicedb, helm-operator, azuredisk-csi-fips, kube-arangodb, volsync, skaffold-fips, kubescape-server-fips, src,...

OPENSUSE Linux•added 2026/01/13 12:0 a.m.•2 views

k6-1.5.0-1.1 on GA media (moderate)

k6-1.5.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10030-1 Rating: moderate Cross-References: CVE-2025-61729 CVSS scores: CVE-2025-61729 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-61729 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affect...

8.7CVSS7.2AI score0.00451EPSS

Exploits2

OSV•added 2026/01/12 12:0 a.m.•4 views

OPENSUSE-SU-2026:10030-1 k6-1.5.0-1.1 on GA media

These are all security issues fixed in the k6-1.5.0-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.7AI score0.00451EPSS

Exploits2References1

Chainguard•added 2025/12/07 7:17 p.m.•5 views

GHSA-5MH9-3JWC-RP59 vulnerabilities

Vulnerabilities for packages: prometheus-mysqld-exporter-fips, crossplane-provider-gitlab-fips, kyverno-policy-reporter-plugins-trivy-fips, karma, go-discover, grpc-health-probe, falco-exporter-fips, opa-envoy, helm-operator, aws-eks-pod-identity-agent-fips, azuredisk-csi-fips, wave-fips,...

GHSA-447V-2QG4-H8HC vulnerabilities

Vulnerabilities for packages: rancher-machine, checksec, go-md2man, rancher-system-agent, ferretdb, terraform-provider-sendgrid, ctop, apisix-ingress-controller, terraform-provider-tls, s5cmd, modelmesh-runtime-adapter, velero-plugin-for-aws, falco-exporter, gcsfuse, manifest-tool, distribution,...

GHSA-FRHW-MQJ2-WXW2 vulnerabilities

Vulnerabilities for packages: rancher-machine, apisix-ingress-controller, chart-testing, s5cmd, gcsfuse, http-echo, cri-tools, cluster-api-gcp-controller, dbmate, amass, metrics-server, promxy, cert-exporter, kafkaexporter, cluster-api-provider-vsphere, regclient, smokescreen, lazydocker, spegel,...

Wolfi•added 2025/11/02 2:17 p.m.•8 views

CVE-2025-61723 vulnerabilities

7.5CVSS7.3AI score0.00586EPSS

GHSA-9GCR-GP5F-JW27 vulnerabilities