CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: rancher-helm, conjur-cli, kubernetes-dashboard-metrics-scraper, loki-fips, otel-cli, onepassword-operator, monstache, k8s-device-plugin-fips, vault-benchmark, oras-fips, amazon-ssm-agent-fips, db-operator, rclone-fips, emissary, helm-fips,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: onepassword-operator, protoc-gen-go-grpc, helm-fips, nfs-subdir-external-provisioner-fips, zot, harbor-scanner-trivy-fips, apache-beam-java-sdk, wazero, ko, falcoctl-fips, git-lfs, whereabouts-fips, mariadb-operator-fips, gpu-operator, localstack, cni-plugins-fips,...

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: vitess, buildkitd, cluster-api-azure-controller, cerbos, grafana-alloy, rancher, nri-nginx, apm-server, kubernetes-dashboard-api, nri-rabbitmq, monstache, kubecolor, envconsul, nuclei, opa, hubble, emissary, aws-eks-pod-identity-agent, argo-events, plugin-barman-clou...

PT-2025-33645 · Undefined · Undefined

🚨 URGENT: Kubernetes admins must patch CVE-2025-02383 SUSE-2025-02383-2 ✅ Affects: kube-apiserver v1.26.x ✅ Risk: Moderate-severity RBAC bypass. ✅ Fix: Apply SUSE patches NOW + validate with kube-bench. Read more: 👉 https://t.co/VRCE9nkHn3 https://t.co/ukAF3LWe56...

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: rancher-helm, flux-kustomize-controller-fips, conjur-cli, kubernetes-dashboard-metrics-scraper, loki-fips, otel-cli, skaffold-fips, trino, amazon-ssm-agent-fips, db-operator, cass-operator-fips-no-pvc-delete, helm-fips, kbld, rook, trivy-fips, cert-exporter, kbld-fip...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: k3s, task, thanos-operator, cfssl, tailscale, nri-nginx, yq, eksctl, kubebuilder, caddy, nri-mssql, haproxy-ingress, etcd, vertical-pod-autoscaler, newrelic-fluent-bit-output, nri-discovery-kubernetes, fuse-overlayfs-snapshotter, k3d, src, gke-gcloud-auth-plugin,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: k3s, task, thanos-operator, cfssl, tailscale, nri-nginx, yq, eksctl, kubebuilder, caddy, nri-mssql, haproxy-ingress, etcd, vertical-pod-autoscaler, newrelic-fluent-bit-output, nri-discovery-kubernetes, fuse-overlayfs-snapshotter, k3d, src, gke-gcloud-auth-plugin,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard-metrics-scraper, protoc-gen-go-grpc, cass-operator-fips-no-pvc-delete, helm-fips, nfs-subdir-external-provisioner-fips, rook, kube-rbac-proxy-fips, trivy-fips, cert-exporter, harbor-scanner-trivy-fips, certificate-transparency-fips, ksops, direnv...

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: caddy, k3s, ferretdb, kine, amass, spicedb, src, step, temporal-server, step-ca, trillian, argo-workflows, kots, kube-bench...

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: falcosidekick-fips, spicedb, amass, kine, kots, kube-bench-fips, argo-workflows-fips, caddy, argo-workflows, ferretdb, src, step, caddy-fips, temporal-server-fips, wavefront-collector-for-kubernetes, keda-fips, trillian-fips, trillian, temporal-server, k3s, kube-benc...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: k3s, thanos-operator, cfssl, hugo-extended, crossplane-provider-azure-storage, newrelic-nri-kube-events, kubeflow, crossplane-provider-aws-cloudformation, eksctl, caddy, haproxy-ingress, etcd, vertical-pod-autoscaler, bank-vaults, nri-discovery-kubernetes,...

GHSA-7JWH-3VRQ-Q3M8 vulnerabilities

Vulnerabilities for packages: caddy, k3s, ferretdb, kine, amass, spicedb, src, step, temporal-server, step-ca, trillian, argo-workflows, kots, kube-bench...

GHSA-7JWH-3VRQ-Q3M8 vulnerabilities

Vulnerabilities for packages: falcosidekick-fips, spicedb, amass, kine, kots, kube-bench-fips, argo-workflows-fips, caddy, argo-workflows, ferretdb, src, step, caddy-fips, temporal-server-fips, wavefront-collector-for-kubernetes, keda-fips, trillian-fips, trillian, temporal-server, k3s, kube-benc...

GHSA-MRWW-27VC-GGHV vulnerabilities

Vulnerabilities for packages: falcosidekick-fips, spicedb, amass, kine, kots, kube-bench-fips, argo-workflows-fips, caddy, argo-workflows, ferretdb, src, step, caddy-fips, temporal-server-fips, wavefront-collector-for-kubernetes, keda-fips, trillian-fips, trillian, temporal-server, k3s, kube-benc...

Critical Photon OS Security Update - PHSA-2023-3.0-0606

Updates of 'linux-esx', 'linux', 'linux-secure', 'linux-rt', 'nxtgn-openssl', 'linux-aws', 'ntp', 'nginx-ingress', 'nodejs', 'kube-bench' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2023-4.0-0417

Updates of 'libXi', 'protobuf', 'binutils', 'libtiff', 'docker-compose', 'binutils-aarch64-linux-gnu', 'bindutils', 'libarchive', 'ntp', 'samba-client', 'kube-bench', 'nodejs' packages of Photon OS have been released...

Kube-Bench - Checks Whether Kubernetes Is Deployed According To Security Best Practices As Defined In The CIS Kubernetes Benchmark

kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Tests are configured with YAML files, making this tool easy to update as test specifications evolve. Please Note 1. kube-bench implements the CIS...