Lucene search
+L

761 matches found

Wolfi
Wolfi
added 6 days ago16 views

CVE-2026-49838 vulnerabilities

Vulnerabilities for packages: cilium-cli, kube-vip...

5.1AI score
Exploits0
Wolfi
Wolfi
added 6 days ago12 views

GHSA-FRRJ-87JH-2772 vulnerabilities

Vulnerabilities for packages: cilium-cli, kube-vip...

5.3AI score
Exploits0
Chainguard
Chainguard
added last week11 views

GHSA-FRRJ-87JH-2772 vulnerabilities

Vulnerabilities for packages: kube-vip-fips, kube-vip, cilium-cli...

5.3AI score
Exploits0
Chainguard
Chainguard
added last week12 views

CVE-2026-49838 vulnerabilities

Vulnerabilities for packages: kube-vip-fips, kube-vip, cilium-cli...

5.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/09 2:0 p.m.6 views

Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Servi...

8.7CVSS6AI score0.00656EPSS
Exploits0References4
NVD
NVD
added 2026/07/08 4:16 p.m.8 views

CVE-2026-15063

A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...

6.3CVSS0.00184EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 2:58 p.m.10 views

CVE-2026-15063

The CVE-2026-15063 affects the gorch service in the trustyai-service-operator. The issue is that, even with authentication enabled, gorch exposes unproxied orchestrator and detector metrics ports, reachable from any pod on the cluster network. This bypasses kube-rbac-proxy authentication, enablin...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/08 2:58 p.m.38 views

CVE-2026-15063 Trustyai-service-operator: trustyai service operator: gorch port bypass when auth is enabled

A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...

6.3CVSS0.00184EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/08 2:58 p.m.6 views

CVE-2026-15063

A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References3
Chainguard
Chainguard
added 2026/07/03 8:22 p.m.14 views

CVE-2026-44162 vulnerabilities

Vulnerabilities for packages: kube-logging-operator...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/07/03 8:22 p.m.12 views

GHSA-XV9W-7V6Q-HPJH vulnerabilities

Vulnerabilities for packages: kube-logging-operator...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/07/03 8:22 p.m.14 views

CVE-2026-44162 vulnerabilities

Vulnerabilities for packages: kube-logging-operator...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/07/03 8:22 p.m.16 views

GHSA-XV9W-7V6Q-HPJH vulnerabilities

Vulnerabilities for packages: kube-logging-operator...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.12 views

GHSA-XF85-363P-868W vulnerabilities

Vulnerabilities for packages: kubescape-operator-fips, argocd-image-updater-fips, eksctl, tw, helm-mapkubeapis, trivy-operator, helm-set-status, gogatekeeper, chaos-mesh-fips, envoy-gateway-fips, kubescape-server, kube-mgmt, kyverno, kubescape-operator, ocm-kubernetes-controller, consul-k8s,...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.11 views

CVE-2026-48978 vulnerabilities

Vulnerabilities for packages: kubescape-operator-fips, argocd-image-updater-fips, eksctl, tw, helm-mapkubeapis, trivy-operator, helm-set-status, gogatekeeper, chaos-mesh-fips, envoy-gateway-fips, kubescape-server, kube-mgmt, kyverno, kubescape-operator, ocm-kubernetes-controller, consul-k8s,...

5.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 12:0 a.m.6 views

Malicious code in @marketfront/header (npm)

The @marketfront/header package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.3AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/30 9:18 a.m.12 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.27 security and extras update

Red Hat OpenShift Container Platform release 4.20.27 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS5.9AI score0.00656EPSS
Exploits0References2
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.8 views

CVE-2026-30405 vulnerabilities

Vulnerabilities for packages: kube-vip-fips, kube-vip, cilium-cli...

7.5CVSS5.1AI score0.00333EPSS
Exploits1
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.18 views

GHSA-4P9M-8GC4-RW2H vulnerabilities

Vulnerabilities for packages: kube-vip-fips, kube-vip, cilium-cli...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.9 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: mattermost-fips, telegraf, argocd-image-updater-fips, seaweedfs-rocksdb, coder, docker-machine-driver-harvester, mattermost, zitadel, prometheus, frankenphp-8.5, trivy-operator, elastic-agent-fips, cert-manager, argo-workflows-fips, coder-fips, prometheus-fips, harbo...

5.3AI score
Exploits0
Rows per page
Query Builder