20 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: calico-fips, chisel-fips, grype-db, tekton-pipelines-fips, knative-eventing-fips, ko-fips, rancher-agent, kubescape-server-fips, zitadel, crossplane-provider-azure-managedidentity, teleport, flux-notification-controller-fips, kubernetes, drone-fips,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: calico-fips, chisel-fips, tekton-pipelines-fips, knative-eventing-fips, rancher-agent, zitadel, kubescape-server-fips, trivy-fips, kubernetes, drone-fips, nemo, k3s, kubescape-server, frankenphp-8.5, osv-scanner, prometheus, gitlab-workhorse-ce-fips, argo-workflows,...
GHSA-89GR-R52H-F8RX vulnerabilities
Vulnerabilities for packages: calico-fips, chisel-fips, grype-db, tekton-pipelines-fips, knative-eventing-fips, ko-fips, rancher-agent, kubescape-server-fips, zitadel, crossplane-provider-azure-managedidentity, teleport, flux-notification-controller-fips, kubernetes, drone-fips,...
GHSA-H2QV-FJ59-J46J vulnerabilities
Vulnerabilities for packages: apache-pulsar-fips, apicurio-registry, hono, thingsboard, request-9047-keycloak-fips, apache-hop-fips, keycloak-fips, knative-kafka-broker-fips, management-api-for-apache-cassandra-5.0, celeborn, zipkin, pinot, apache-hop, pinot-fips, apache-pulsar, neo4j,...
CVE-2026-48059 vulnerabilities
Vulnerabilities for packages: apache-pulsar-fips, apicurio-registry, hono, thingsboard, request-9047-keycloak-fips, apache-hop-fips, keycloak-fips, knative-kafka-broker-fips, management-api-for-apache-cassandra-5.0, celeborn, zipkin, pinot, apache-hop, pinot-fips, apache-pulsar, neo4j,...
CVE-2026-33814 vulnerabilities
Vulnerabilities for packages: chisel-fips, cilium-certgen-fips, crossplane-provider-aws-kafkaconnect-fips, kubescape-server-fips, kubernetes, fluent-operator, step-kms-plugin, nginx-kubernetes-ingress-fips, aws-iam-authenticator-fips, crossplane-provider-azure-resources, hugo-fips, kiam,...
GHSA-CM33-6792-R9FM vulnerabilities
Vulnerabilities for packages: camunda-zeebe, spark-kubernetes-operator-fips, trino, apache-pulsar-fips, apicurio-registry, hono, flyway, flyway-fips, keycloak, s3proxy-fips, thingsboard, opensearch-fips, elasticsearch-fips, kafka-bridge-fips, s3proxy, spark, commercial-elasticsearch,...
CVE-2026-42579 vulnerabilities
Vulnerabilities for packages: camunda-zeebe, spark-kubernetes-operator-fips, trino, apache-pulsar-fips, apicurio-registry, hono, flyway, flyway-fips, keycloak, s3proxy-fips, thingsboard, opensearch-fips, elasticsearch-fips, kafka-bridge-fips, s3proxy, spark, commercial-elasticsearch,...
GHSA-5QCV-4RPC-JP93 vulnerabilities
Vulnerabilities for packages: debezium-connector-spanner, hono, debezium-connector-vitess, thingsboard, opensearch-fips, knative-kafka-broker-fips, debezium-connector-ibmi, wildfly, druid, logstash, debezium, opensearch, apache-nifi, debezium-connector-informix, knative-kafka-broker, seata,...
CVE-2026-35554 vulnerabilities
Vulnerabilities for packages: debezium-connector-spanner, hono, debezium-connector-vitess, thingsboard, opensearch-fips, knative-kafka-broker-fips, debezium-connector-ibmi, wildfly, druid, logstash, debezium, opensearch, apache-nifi, debezium-connector-informix, knative-kafka-broker, seata,...
GHSA-W9FJ-CFPG-GRVV vulnerabilities
Vulnerabilities for packages: camunda-zeebe, trino, apache-pulsar-fips, apicurio-registry, hono, flyway, flyway-fips, keycloak, thingsboard, opensearch-fips, elasticsearch-fips, kafka-bridge-fips, spark, commercial-elasticsearch, apache-hop-fips, keycloak-fips, knative-kafka-broker-fips,...
CVE-2026-33871 vulnerabilities
Vulnerabilities for packages: camunda-zeebe, trino, apache-pulsar-fips, apicurio-registry, hono, flyway, flyway-fips, keycloak, thingsboard, opensearch-fips, elasticsearch-fips, kafka-bridge-fips, spark, commercial-elasticsearch, apache-hop-fips, keycloak-fips, knative-kafka-broker-fips,...
GHSA-PWQR-WMGM-9RR8 vulnerabilities
Vulnerabilities for packages: camunda-zeebe, trino, apache-pulsar-fips, apicurio-registry, hono, flyway, flyway-fips, keycloak, thingsboard, opensearch-fips, elasticsearch-fips, kafka-bridge-fips, spark, commercial-elasticsearch, keycloak-fips, knative-kafka-broker-fips, kafbat-ui-fips, localstac...
CVE-2026-33870 vulnerabilities
Vulnerabilities for packages: camunda-zeebe, trino, apache-pulsar-fips, apicurio-registry, hono, flyway, flyway-fips, keycloak, thingsboard, opensearch-fips, elasticsearch-fips, kafka-bridge-fips, spark, commercial-elasticsearch, keycloak-fips, knative-kafka-broker-fips, kafbat-ui-fips, localstac...
GHSA-3CQM-MF7H-PRRJ vulnerabilities
Vulnerabilities for packages: s3proxy-fips, knative-kafka-broker, s3proxy...
CVE-2021-0341 vulnerabilities
Vulnerabilities for packages: s3proxy-fips, knative-kafka-broker, s3proxy...
Video call app Huddle01 exposed 600K+ user logs
The Cybernews research team found that video call app Huddle01 exposed email addresses, real names, and other identifiers through an unprotected Kafka broker. Think of an unprotected Kafka broker like a post office that stores and delivers confidential mail. Now, imagine the manager leaves the...
Millions of (very) private chats exposed by two AI companion apps
Cybernews discovered how two AI companion apps, Chattee Chat and GiMe Chat, exposed millions of intimate conversations from over 400,000 users. This is not the first time we have to write about AI "girlfriends" exposing their secrets—and it probably won't be the last. This latest incident is a...
CVE-2024-31141
CVE-2024-31141 affects Apache Kafka Clients (2.3.0–3.7.0, including 3.5.2 and 3.6.2) with ConfigProvider plugins that read from disk or environment variables via FileConfigProvider/DirectoryConfigProvider/EnvVarConfigProvider. The root cause is improper privilege management that allows untrusted ...
com.adendamedia:cornucopia_2.11 (>=0.5.0 <=0.6.2), com.deciphernow:franz_2.11 (=1.0.0) +17 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.11 (>=0.11-M2 <=0.22)
com.typesafe.akka:akka-stream-kafka2.11 MAVEN version =0.11-M2, =0.5.0, =2.0.5, =0.1.3, =1.0.0, =1.2.0, =1.2.0, =1.2.0, =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.4.9, =1.4.15 - de.nierbeck.floating.data:akka-ingest2.11 =0.1.1 - de.nierbeck.floating.data:akka-server2.11 =0.1.1 and more Source cves:...