CVE-2026-32282 vulnerabilities

Vulnerabilities for packages: flux, istio, kots, runc, kaf, libnvidia-container, karpenter, net-kourier, newrelic-fluent-bit-output, kubernetes, nerdctl, argo-cd, kubescape, aactl, dask-gateway, external-dns, cilium-cli, k3s, prometheus-operator, azurefile-csi, kubernetes-dashboard, coredns,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: rqlite, cloudnative-pg, opensearch-k8s-operator, crossplane-provider-azure-managedidentity, terraform-provider-aws, kubescape, harbor, victoriametrics-cluster, flannel, flux-operator, terraform-mcp-server, kube-state-metrics, sftpgo-plugin-pubsub, victoriametrics,...

GHSA-XJ38-JXC5-RPPX vulnerabilities

Vulnerabilities for packages: commercial-chainloop-cli, aws-flb-firehose-fips, gitlab-kas-fips, knative-serving, beats, kubescape, mattermost, opentofu, elastic-agent-fips, prometheus-elasticsearch-exporter, gitlab-rails-ce-fips, fuse-overlayfs-snapshotter, traefik-fips, gitaly-fips,...

CVE-2026-32282 vulnerabilities

Vulnerabilities for packages: commercial-chainloop-cli, aws-flb-firehose-fips, gitlab-kas-fips, knative-serving, beats, kubescape, mattermost, opentofu, elastic-agent-fips, prometheus-elasticsearch-exporter, gitlab-rails-ce-fips, fuse-overlayfs-snapshotter, traefik-fips, gitaly-fips,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: nats-server, commercial-chainloop-cli, gitlab-kas-fips, kubescape, cloudflared-fips, amazon-ecs-agent, nsc-fips, cert-manager-cmctl, knative-eventing, oras, caddy, spegel-fips, extism, kubernetes, azuredisk-csi, harbor, flux-operator, prometheus-podman-exporter-fips,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: nats-server, commercial-chainloop-cli, gitlab-kas-fips, kubescape, cloudflared-fips, amazon-ecs-agent, nsc-fips, cert-manager-cmctl, knative-eventing, oras, caddy, spegel-fips, extism, kubernetes, azuredisk-csi, harbor, flux-operator, prometheus-podman-exporter-fips,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: apache-beam-java-sdk, gitlab-kas-fips, kubescape, stakater-reloader, cert-manager-cmctl, kapp-fips, caddy, spegel-fips, azuredisk-csi, minify-fips, mkcert, supercronic-fips, modelmesh-runtime-adapter, go-md2man, pluto, prometheus-pushgateway-fips,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: nats-server, commercial-chainloop-cli, tetragon, virt-controller, gitlab-kas-fips, kubescape, kubernetes-csi-external-resizer, pgwatch, cloudflared-fips, amazon-ecs-agent, stakater-reloader, vexctl, nsc-fips, kubernetes-ingress-defaultbackend-fips, cert-manager-cmctl...

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception via the eventstream decoder process. An attacker can cause the host process to terminate unexpectedly by sending a crafted EventStream response frame containing a header value type byte outside the valid range...

CVE-2025-65637 vulnerabilities

Vulnerabilities for packages: kubeflow, aws-flb-firehose, kube-fluentd-operator, kpt, newrelic-nri-statsd, aws-flb-cloudwatch, neuvector-dbgen, hello-world-golang, src-fingerprint, smokescreen, gostatsd, sonobuoy, go-discover, docker-credential-gcr, terraform-provider-google, aws-flb-kinesis,...

GHSA-4F99-4Q7P-P3GH vulnerabilities

Vulnerabilities for packages: kubeflow, aws-flb-firehose, kube-fluentd-operator, kpt, newrelic-nri-statsd, aws-flb-cloudwatch, neuvector-dbgen, hello-world-golang, src-fingerprint, smokescreen, gostatsd, sonobuoy, go-discover, docker-credential-gcr, terraform-provider-google, aws-flb-kinesis,...

CVE-2025-65637 vulnerabilities

Vulnerabilities for packages: aws-flb-kinesis-fips, hello-world-golang, aws-flb-firehose-fips, kubeflow, src-fingerprint-fips, terraform-provider-google-fips, kpt, kubeflow-fips, sonobuoy, stakater-reloader, falcoctl-fips, neuvector-dbgen, neuvector-dbgen-fips, go-discover-fips, smokescreen,...

GHSA-4F99-4Q7P-P3GH vulnerabilities

Vulnerabilities for packages: aws-flb-kinesis-fips, hello-world-golang, aws-flb-firehose-fips, kubeflow, src-fingerprint-fips, terraform-provider-google-fips, kpt, kubeflow-fips, sonobuoy, stakater-reloader, falcoctl-fips, neuvector-dbgen, neuvector-dbgen-fips, go-discover-fips, smokescreen,...

Malicious code in @posthog/kinesis-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2f869c9f2e7f4d35c729f506eb479a88bab7ca0dcd2aa6f2485319d87f39dd5 The package @posthog/kinesis-plugin was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190884 Malicious code in @posthog/kinesis-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2f869c9f2e7f4d35c729f506eb479a88bab7ca0dcd2aa6f2485319d87f39dd5 The package @posthog/kinesis-plugin was found to contain malicious code. Source: google-open-source-security...

EUVD-2025-198941

Malicious code in @posthog/kinesis-plugin npm...

New Home for Spring Integration AWS

The Spring Integration for AWS was always an independent Spring Integration extension project with its own plans and release cycles. The consumption of this single jar library has always added a complexity from the dependency management perspective. It depends not only on Spring Integration modul...

EUVD-2006-5435

Malware in sbrugna...

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: gitlab-kas-fips, kubescape, opentelemetry-collector-fips, jaeger-operator, cert-manager-cmctl, aws-otel-collector-fips, caddy, temporal-server-fips, prometheus-redis-exporter, db-operator-fips, spegel-fips, mc, extism, kubernetes, azuredisk-csi,...

Amazon Linux 2 : aws-kinesis-agent (ALAS-2025-2898)

The version of aws-kinesis-agent installed on the remote host is prior to 2.0.12-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2898 advisory. Jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data...