CLEANSTART-2026-KO66630 Security fixes for CVE-2026-25679, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 1.9.0-r0, 1.9.0-r1

Multiple security vulnerabilities affect the karpenter package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-MI82983 Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 1.8.6-r0, 1.8.6-r1, 1.9.0-r0

Multiple security vulnerabilities affect the karpenter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-MP87020 If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources

Multiple security vulnerabilities affect the karpenter package. If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. See references for individual vulnerability details...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: trivy, knative-net-istio-fips, datadog-agent, influxd, caddy, commercial-chainloop-backend, crossplane-provider-azure-managedidentity, gatus-fips, ingress-nginx-controller, docker-machine-driver-harvester, eks-node-monitoring-agent, terraform-provider-azuread,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: trivy, knative-net-istio-fips, kapp, datadog-agent, influxd, caddy, commercial-chainloop-backend, crossplane-provider-azure-managedidentity, prometheus-pushgateway-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure-managedidentity, custom-pod-autoscaler-fips, ingress-nginx-controller, crossplane-provider-aws-sqs-fips, rabbitmq-messaging-topology-operator, goose, git-lfs, pvc-autoresizer, newrelic-nri-statsd, gitaly, thanos-receive-controller-fips,...

GHSA-GJVH-7JH8-7XHM vulnerabilities

Vulnerabilities for packages: trivy, knative-net-istio-fips, kapp, datadog-agent, influxd, caddy, commercial-chainloop-backend, crossplane-provider-azure-managedidentity, prometheus-pushgateway-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: trivy, knative-net-istio-fips, kapp, datadog-agent, influxd, caddy, commercial-chainloop-backend, crossplane-provider-azure-managedidentity, prometheus-pushgateway-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller,...

CLEANSTART-2026-KJ02127 Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.8.6-r0, 1.8.6-r1

Multiple security vulnerabilities affect the karpenter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-25679 vulnerabilities

Vulnerabilities for packages: secrets-store-csi-driver-provider-aws, kubernetes-csi-external-snapshotter, kubernetes-dashboard-metrics-scraper, mc, pulumi-language-dotnet, flux-operator, kserve-modelmesh-serving, newrelic-nri-statsd, gatekeeper, metrics-server, sftpgo, kubernetes-dashboard-web,...

GHSA-RV83-G57W-FR8J vulnerabilities

Vulnerabilities for packages: secrets-store-csi-driver-provider-aws, kubernetes-csi-external-snapshotter, kubernetes-dashboard-metrics-scraper, mc, pulumi-language-dotnet, flux-operator, kserve-modelmesh-serving, newrelic-nri-statsd, gatekeeper, metrics-server, sftpgo, kubernetes-dashboard-web,...

CVE-2026-27139 vulnerabilities

Vulnerabilities for packages: secrets-store-csi-driver-provider-aws, kubernetes-csi-external-snapshotter, kubernetes-dashboard-metrics-scraper, mc, pulumi-language-dotnet, flux-operator, kserve-modelmesh-serving, newrelic-nri-statsd, gatekeeper, metrics-server, sftpgo, kubernetes-dashboard-web,...

GHSA-J3GX-2473-5FP8 vulnerabilities

Vulnerabilities for packages: secrets-store-csi-driver-provider-aws, kubernetes-csi-external-snapshotter, kubernetes-dashboard-metrics-scraper, mc, pulumi-language-dotnet, flux-operator, kserve-modelmesh-serving, newrelic-nri-statsd, gatekeeper, metrics-server, sftpgo, kubernetes-dashboard-web,...

GHSA-RV83-G57W-FR8J vulnerabilities

Vulnerabilities for packages: knative-net-istio-fips, kapp, datadog-agent, influxd, restic-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, postgres-operator-fips, terraform-provider-azuread, crossplane-provider-aws-sqs-fips, elastic-agent,...

GHSA-J3GX-2473-5FP8 vulnerabilities

Vulnerabilities for packages: knative-net-istio-fips, kapp, datadog-agent, influxd, restic-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, postgres-operator-fips, terraform-provider-azuread, crossplane-provider-aws-sqs-fips, elastic-agent,...

CVE-2026-25679 vulnerabilities

Vulnerabilities for packages: knative-net-istio-fips, kapp, datadog-agent, influxd, restic-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, postgres-operator-fips, terraform-provider-azuread, crossplane-provider-aws-sqs-fips, elastic-agent,...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: knative-net-istio-fips, datadog-agent, influxd, restic-fips, gatus-fips, ingress-nginx-controller, terraform-provider-azuread, crossplane-provider-aws-sqs-fips, elastic-agent, kube-state-metrics, goose, kapp-controller-fips, ollama-fips, envoy-gateway-fips, snyk-cli,...

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: gitlab-runner, terraform-provider-sendgrid-fips, azurefile-csi-fips, vexctl, git-lfs, prometheus-beat-exporter-fips, pvc-autoresizer, custom-pod-autoscaler-operator, karma-fips, newrelic-nri-statsd, apm-server-fips, checksec, terraform-provider-time, wazero-fips,...

GHSA-3WQC-MWFX-672P vulnerabilities

Vulnerabilities for packages: beats-fips, karpenter-fips, blob-csi-fips, eks-distro, blob-csi, gitlab-pages-fips, eks-distro-fips, grafana-fips, knative-operator, wal-g, k3s...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: trivy, caddy, fulcio, http-echo, kube-bench, opa, kube-state-metrics, git-lfs, prometheus-beat-exporter-fips, snyk-cli, metacontroller, ko-fips, newrelic-nri-statsd, external-secrets-fips, cadvisor, sonobuoy, vertical-pod-autoscaler-fips, prometheus-pushgateway,...