CVE-2026-39821 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6

CVE-2026-39821 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...

CVE-2026-25680 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6

CVE-2026-25680 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...

CVE-2026-27136 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6

CVE-2026-27136 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...

CVE-2026-42502 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6

CVE-2026-42502 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...

CVE-2026-25681 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6

CVE-2026-25681 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...

CVE-2026-42506 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6

CVE-2026-42506 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...

CLEANSTART-2026-QT95147 Security fixes for CVE-2025-61729, CVE-2026-33186, ghsa-p77j-4mvh-x3m3 applied in versions: 1.0.1-r0, 1.1.0-r0

Multiple security vulnerabilities affect the kube-vip package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2025-47911 affecting package kube-vip-cloud-provider for versions less than 0.0.10-5

CVE-2025-47911 affecting package kube-vip-cloud-provider for versions less than 0.0.10-5. A patched version of the package is available...

CVE-2025-58190 affecting package kube-vip-cloud-provider for versions less than 0.0.10-5

CVE-2025-58190 affecting package kube-vip-cloud-provider for versions less than 0.0.10-5. A patched version of the package is available...

CVE-2025-30204 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

CVE-2025-30204 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26. A patched version of the package is available...

CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26. A patched version of the package is available...

CLEANSTART-2026-LR19699 Within HostnameError

Security vulnerability affects the kube-vip package. Within HostnameError...

AZL-77010 CVE-2025-58190 affecting package kube-vip-cloud-provider 0.0.10-4

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

AZL-77007 CVE-2025-47911 affecting package kube-vip-cloud-provider 0.0.10-4

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

CLEANSTART-2026-CO80279 Within HostnameError

Security vulnerability affects the kube-vip package. Within HostnameError...

AZL-75491 CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

CVE-2025-65637 affecting package kube-vip-cloud-provider for versions less than 0.0.2-24

CVE-2025-65637 affecting package kube-vip-cloud-provider for versions less than 0.0.2-24. A patched version of the package is available...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: opentelemetry-operator, nri-nginx, paranoia, k3d, spicedb, prometheus, ko, azurefile-csi, kube-bench, promxy, kubernetes-csi-external-health-monitor, seaweedfs, spegel, sftpgo-plugin-eventstore, skaffold, splunk-otel-collector, gostatsd, stakater-reloader,...

AZL-71614 CVE-2025-65637 affecting package kube-vip-cloud-provider for versions less than 0.0.2-24

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: lvm-driver, secrets-store-csi-driver-provider-aws, dagdotdev, falco, kuberay-operator, pvc-autoresizer, confluent-common-docker, rancher-machine, checksec, kserve-rest-proxy, nats, bank-vaults, gitsign, blobfuse2, addon-resizer, vexctl, mongodb-kubernetes-operator,...