CLEANSTART-2026-CS02869 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, ghsa-p77j-4mvh-x3m3 applied in versions: 2.18.0-r0, 2.18.0-r1, 2.18.0-r2

Multiple security vulnerabilities affect the kubernetes-csi-livenessprobe-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-OH47925 Security fixes for CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810 applied in versions: 4.13.0-r0, 4.13.0-r1, 4.13.0-r2

Multiple security vulnerabilities affect the kubernetes-csi-driver-nfs-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

RHCOS 3 : OpenShift Container Platform 3.11 openshift-external-storage (RHSA-2019:4054)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:4054 advisory. - kubernetes-csi: CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation CVE-2019-11255...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: mc, dynamic-localpv-provisioner, etcd, temporal, trillian, terraform, envoy-ratelimit, gitaly, crossplane-provider-keycloak, amazon-k8s-cni, redka, kubernetes-dashboard, aws-node-termination-handler, incert, terraform-provider-time, rancher-system-upgrade-controller,...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: mc, kine, net-kourier, sftpgo-plugin-eventstore, memcached-exporter, vexctl, etcd, terraform-provider-azapi, temporal, trillian, cloud-provider-azure, envoy-ratelimit, terraform, gitaly, crossplane-provider-keycloak, zot, redka, kubernetes-dashboard, step-issuer,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: minc, tekton-chains-fips, newrelic-infra-operator, prometheus-pushgateway-fips, local-path-provisioner-fips, kyverno-policy-reporter-plugins-kyverno, newrelic-fluent-bit-output-fips, stakater-reloader-fips, kyverno-policy-reporter-kyverno-plugin,...

GHSA-HFVC-G4FC-PQHX vulnerabilities

Vulnerabilities for packages: rancher-system-agent, kine, pulumi-language-dotnet, thanos, kube-rbac-proxy, etcd, temporal, docker-compose, trillian, cloud-provider-azure, envoy-ratelimit, fluent-bit-plugin-loki, gitaly, percona-server-mongodb-operator, neuvector-sigstore-interface,...

CLEANSTART-2026-LC01167 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.4.0-r1, 8.4.0-r2

Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-WM95952 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.5.0-r0, 8.5.0-r1

Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-27142 vulnerabilities

Vulnerabilities for packages: mc, net-kourier, pulumi-language-dotnet, sftpgo-plugin-eventstore, memcached-exporter, kube-rbac-proxy, thanos, terraform-provider-azapi, aws-load-balancer-controller, docker-compose, trillian, gitaly, neuvector-sigstore-interface, kube-vip-cloud-provider, redka,...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: mc, net-kourier, pulumi-language-dotnet, sftpgo-plugin-eventstore, memcached-exporter, kube-rbac-proxy, thanos, terraform-provider-azapi, aws-load-balancer-controller, docker-compose, trillian, gitaly, neuvector-sigstore-interface, kube-vip-cloud-provider, redka,...

GHSA-J3GX-2473-5FP8 vulnerabilities

Vulnerabilities for packages: mc, dynamic-localpv-provisioner, kube-rbac-proxy, trillian, gitaly, neuvector-sigstore-interface, amazon-k8s-cni, redka, kubernetes-dashboard, azurefile-csi, terraform-provider-time, rancher-system-upgrade-controller, kube-fluentd-operator, cilium-certgen,...

GHSA-RV83-G57W-FR8J vulnerabilities

Vulnerabilities for packages: mc, dynamic-localpv-provisioner, kube-rbac-proxy, trillian, gitaly, neuvector-sigstore-interface, amazon-k8s-cni, redka, kubernetes-dashboard, azurefile-csi, terraform-provider-time, rancher-system-upgrade-controller, kube-fluentd-operator, cilium-certgen,...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: prometheus-pushgateway-fips, newrelic-fluent-bit-output-fips, kyverno-policy-reporter-kyverno-plugin, knative-net-istio, secrets-store-csi-driver-provider-aws-fips, gitlab-pages, amazon-cloudwatch-agent-operator, kaf, mesosphere-vsphere-csi-fips,...

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: ansible-operator, kyverno-policy-reporter-plugins-kyverno, rancher-system-agent, percona-server-mongodb-operator-fips, velero-plugin-for-gcp, traefik, jaeger-operator, cluster-api-gcp-controller, gcsfuse, pulumi-kubernetes-operator, spire-server,...

CVE-2025-68121 vulnerabilities

Vulnerabilities for packages: mc, dynamic-localpv-provisioner, rancher-system-agent, kube-rbac-proxy, etcd, trillian, terraform, envoy-ratelimit, crossplane-provider-keycloak, kubernetes-dashboard, aws-node-termination-handler, incert, azurefile-csi, terraform-provider-time,...

GHSA-8JVR-VH7G-F8GX vulnerabilities

Vulnerabilities for packages: mc, dynamic-localpv-provisioner, rancher-system-agent, kube-rbac-proxy, etcd, linkerd2-proxy-init, trillian, terraform, envoy-ratelimit, gitaly, crossplane-provider-keycloak, amazon-k8s-cni, kubernetes-dashboard, aws-node-termination-handler, incert, azurefile-csi,...

CVE-2025-61732 vulnerabilities

Vulnerabilities for packages: mc, dynamic-localpv-provisioner, rancher-system-agent, kube-rbac-proxy, etcd, linkerd2-proxy-init, trillian, terraform, envoy-ratelimit, gitaly, crossplane-provider-keycloak, amazon-k8s-cni, kubernetes-dashboard, aws-node-termination-handler, incert, azurefile-csi,...

GHSA-CM6P-QC7V-M3JW vulnerabilities

Vulnerabilities for packages: mc, dynamic-localpv-provisioner, rancher-system-agent, linkerd2-proxy-init, terraform, neuvector-sigstore-interface, redka, kubernetes-dashboard, azurefile-csi, terraform-provider-time, rancher-system-upgrade-controller, protoc-gen-go, crossplane-provider-azure-sql,...

CVE-2025-61726 vulnerabilities

Vulnerabilities for packages: mc, dynamic-localpv-provisioner, kine, net-kourier, rancher-system-agent, wgcf, cloud-provider-azure, frp, aws-eks-pod-identity-agent, percona-server-mongodb-operator, terraform, manifest-tool, nats-top, neuvector-sigstore-interface, kube-vip-cloud-provider, redka,...