Lucene search
+L

278 matches found

nuclei
nuclei
added 6 hours ago68 views

KubePi JwtSigKey - Admin Authentication Bypass

KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...

9.8CVSS7AI score0.69667EPSS
Exploits1References5
cgr
cgr
added last week7 views

GHSA-FF52-PH69-CF7X vulnerabilities

Vulnerabilities for packages: kyverno-policy-reporter-ui-fips, actions-runner-controller-fips, gh, dbmate-fips, crossplane-provider-aws-appstream-fips, ko-fips, crossplane-provider-aws-neptune, kong-ingress-controller-fips, grype-fips, cert-manager-openshift-routes-fips,...

6.1AI score
Exploits0
wolfi
wolfi
added last week7 views

GHSA-FF52-PH69-CF7X vulnerabilities

Vulnerabilities for packages: victoriametrics, pgpool2exporter, kubelet-csr-approver, mountpoint-s3-csi-driver, kubevela, spicedb, local-static-provisioner, sealed-secrets, q, blob-csi, dive, cloudnative-pg, infinispan-operator, prometheus-operator, amass, kube-vip, azuredisk-csi, delve,...

6.1AI score
Exploits0
cgr
cgr
added 2026/07/02 2:16 p.m.13 views

GHSA-8XWF-RJM4-XVHV vulnerabilities

Vulnerabilities for packages: kube-mgmt-fips, kots, helm-operator-fips, argo-cd-fips, falcoctl, tw, ocm-cli, tigera-operator, cert-manager-cmctl-fips, opentofu, rancher-helm, redpanda-operator, kyverno-notation-aws, helm-operator, zarf-fips, kyverno-fips, k9s-fips, kyverno-notation-aws-fips,...

6.1AI score
Exploits0
cgr
cgr
added 2026/07/02 2:16 p.m.12 views

GHSA-XF85-363P-868W vulnerabilities

Vulnerabilities for packages: kube-mgmt-fips, kots, helm-operator-fips, argo-cd-fips, falcoctl, tw, ocm-cli, tigera-operator, cert-manager-cmctl-fips, harvester-fips, opentofu, rancher-helm, redpanda-operator, kyverno-notation-aws, helm-operator, zarf-fips, kyverno-fips, k9s-fips,...

6.1AI score
Exploits0
cgr
cgr
added 2026/07/02 2:16 p.m.11 views

CVE-2026-50162 vulnerabilities

Vulnerabilities for packages: kube-mgmt-fips, kots, helm-operator-fips, argo-cd-fips, falcoctl, tw, ocm-cli, tigera-operator, cert-manager-cmctl-fips, opentofu, rancher-helm, redpanda-operator, kyverno-notation-aws, helm-operator, zarf-fips, kyverno-fips, k9s-fips, kyverno-notation-aws-fips,...

6.1AI score
Exploits0
cgr
cgr
added 2026/07/02 2:16 p.m.12 views

GHSA-VH4V-2XQ2-G5CG vulnerabilities

Vulnerabilities for packages: kube-mgmt-fips, kots, helm-operator-fips, argo-cd-fips, falcoctl, tw, ocm-cli, tigera-operator, cert-manager-cmctl-fips, opentofu, rancher-helm, redpanda-operator, kyverno-notation-aws, helm-operator, zarf-fips, kyverno-fips, k9s-fips, kyverno-notation-aws-fips,...

6.1AI score
Exploits0
cgr
cgr
added 2026/07/02 2:16 p.m.16 views

GHSA-JXPM-75MH-9FP7 vulnerabilities

Vulnerabilities for packages: kube-mgmt-fips, kots, helm-operator-fips, argo-cd-fips, falcoctl, tw, ocm-cli, tigera-operator, cert-manager-cmctl-fips, opentofu, rancher-helm, redpanda-operator, kyverno-notation-aws, helm-operator, zarf-fips, kyverno-fips, k9s-fips, kyverno-notation-aws-fips,...

6.1AI score
Exploits0
cgr
cgr
added 2026/07/02 2:16 p.m.9 views

CVE-2026-50151 vulnerabilities

Vulnerabilities for packages: kube-mgmt-fips, kots, helm-operator-fips, argo-cd-fips, falcoctl, tw, ocm-cli, tigera-operator, cert-manager-cmctl-fips, opentofu, rancher-helm, redpanda-operator, kyverno-notation-aws, helm-operator, zarf-fips, kyverno-fips, k9s-fips, kyverno-notation-aws-fips,...

6.1AI score
Exploits0
nuclei
nuclei
added 2026/06/26 6:13 p.m.411 views

Ingress-Nginx Controller - Remote Code Execution

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. Note...

9.8CVSS7.6AI score0.99098EPSS
Exploits20References5
cgr
cgr
added 2026/06/23 8:21 p.m.14 views

GHSA-XJVP-4FHW-GC47 vulnerabilities

Vulnerabilities for packages: podman, buildah, cadvisor-fips, k8s-device-plugin, buildah-fips, node-feature-discovery-fips, sriov-network-device-plugin, podman-fips, prometheus-podman-exporter-fips, node-feature-discovery, sriov-network-device-plugin-fips, prometheus-podman-exporter,...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/06/23 8:20 p.m.11 views

GHSA-XJVP-4FHW-GC47 vulnerabilities

Vulnerabilities for packages: rancher-agent, buildah, sriov-network-device-plugin, nvidia-container-toolkit, rancher, k8s-device-plugin, podman, cadvisor, node-feature-discovery...

6.1AI score
Exploits0
cgr
cgr
added 2026/06/23 8:16 a.m.11 views

CVE-2026-41178 vulnerabilities

Vulnerabilities for packages: external-secrets-operator-fips, kube-mgmt-fips, crossplane-provider-azure-synapse, helm-operator-fips, falcoctl, kserve, spire-server, kong-ingress-controller-fips, grype-fips, crossplane-provider-azure-powerbidedicated, cert-manager-openshift-routes-fips, opentofu,...

5.3CVSS6.1AI score0.00237EPSS
Exploits0
wolfi
wolfi
added 2026/05/22 7:48 p.m.31 views

GHSA-FQW6-GF59-QR4W vulnerabilities

Vulnerabilities for packages: containerd, docker-compose, spegel, grype, envoy-gateway, xeol, k3s, eksctl, linkerd2, zarf, kubescape, gatekeeper, tw, zot, helm, syft, helm-push, trivy-operator, k8ssandra-client, gogatekeeper, wolfictl, manifest-tool, kubevela, docker-cli-buildx, tigera-operator,...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/05/22 7:48 p.m.29 views

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: containerd, docker-compose, spegel, grype, envoy-gateway, xeol, k3s, eksctl, linkerd2, zarf, kubescape, gatekeeper, tw, zot, helm, syft, helm-push, trivy-operator, k8ssandra-client, gogatekeeper, wolfictl, manifest-tool, kubevela, docker-cli-buildx, tigera-operator,...

7.8CVSS7AI score0.00221EPSS
Exploits1
cgr
cgr
added 2026/05/22 7:17 p.m.17 views

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: kube-mgmt-fips, kots, helm-operator-fips, tw, tigera-operator, datadog-agent, syft-fips, grype-fips, newrelic-infrastructure-agent-fips, dagger, eks-node-monitoring-agent, newrelic-infrastructure-agent, rancher-helm, redpanda-operator, packer-fips, gitlab-rails-ce,...

7.8CVSS7AI score0.00221EPSS
Exploits1
vulnersosv
vulnersosv
added 2026/05/21 4:36 p.m.7 views

org.open-metadata:openmetadata-dist (>=0.12.1 <=DEMO_BETA1), org.open-metadata:openmetadata-k8s-operator (>=1.12.0 <=1.12.10) +2 more potentially affected by CVE-2026-46481 via org.open-metadata:openmetadata-service (>=DEMO_BETA1 <=1.12.3)

org.open-metadata:openmetadata-service MAVEN version =DEMOBETA1, =0.12.1, =1.12.0, =1.10.0, =1.12.10 - org.open-metadata:openmetadata-ui =0.12.1.preview Source cves: CVE-2026-46481 Source advisory: OSV:GHSA-9VMH-WHC4-7PHG...

8.3CVSS5.7AI score0.00241EPSS
Exploits0
osv
osv
added 2026/05/18 1:34 p.m.8 views

CLEANSTART-2026-CR27895 Security fixes for CVE-2026-42304, CVE-2026-44307, ghsa-2h4p-vjrc-8xpq, ghsa-grgv-6hw6-v9g4 applied in versions: 4.3.5-r0

Multiple security vulnerabilities affect the jupyterhub-k8s-hub package. These issues are resolved in later releases. See references for individual vulnerability details...

8.7CVSS5.8AI score0.00609EPSS
Exploits2References7
osv
osv
added 2026/05/18 1:24 p.m.6 views

CLEANSTART-2026-UV23635 Security fixes for CVE-2026-44431, CVE-2026-44432 applied in versions: 4.3.3-r0

Multiple security vulnerabilities affect the jupyterhub-k8s-hub package. These issues are resolved in later releases. See references for individual vulnerability details...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References5
osv
osv
added 2026/05/18 1:20 p.m.19 views

CLEANSTART-2026-VU08393 Security fixes for CVE-2025-0913, CVE-2025-4673, CVE-2025-47907, CVE-2025-47911, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 2.6.1-r0, 2.6.1-r1, 2.6.1-r7, 2.6.1-r8, 2.6.1-r9

Multiple security vulnerabilities affect the opensearch-k8s-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.9AI score0.00813EPSS
Exploits5References81
Rows per page
Query Builder