15 matches found
CVE-2026-25750
Langchain Helm Charts are Helm charts for deploying Langchain applications on Kubernetes. Prior to langchain-ai/helm version 0.12.71, a URL parameter injection vulnerability existed in LangSmith Studio that could allow unauthorized access to user accounts through stolen authentication tokens. The...
CVE-2026-25750 LangSmith Studio has URL Parameter Injection Vulnerability that Enables Token Theft via Malicious baseUrl
Langchain Helm Charts are Helm charts for deploying Langchain applications on Kubernetes. Prior to langchain-ai/helm version 0.12.71, a URL parameter injection vulnerability existed in LangSmith Studio that could allow unauthorized access to user accounts through stolen authentication tokens. The...
PT-2026-23069
Name of the Vulnerable Software and Affected Versions Langchain Helm Charts versions prior to 0.12.71 Description Langchain Helm Charts, used for deploying Langchain applications on Kubernetes, had a flaw where a specially crafted link could lead to the theft of authentication tokens. This allowe...
EUVD-2025-200055
Malicious code in kubernetes-helm npm...
MAL-2025-191514 Malicious code in kubernetes-helm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d507ab92764d5a31189e5fc42060eca5ba9b17fd8fc4d35de9ad266c1eb63144 The package kubernetes-helm was found to contain malicious code...
Malicious code in kubernetes-helm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d507ab92764d5a31189e5fc42060eca5ba9b17fd8fc4d35de9ad266c1eb63144 The package kubernetes-helm was found to contain malicious code...
EUVD-2024-26086
Malicious code in bioql PyPI...
ROS-20250905-08
A vulnerability in the package manager for Kubernetes Helm is related to the creation of a JSON schema file in such a way, that Helm could use all available memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A batch manager vulnerabili...
PT-2025-33104
Name of the Vulnerable Software and Affected Versions: Helm versions prior to 3.18.5 Description: Helm, a package manager for Kubernetes Charts, is susceptible to a denial-of-service issue. A crafted JSON Schema file can cause Helm to exhaust available memory, leading to an out-of-memory OOM...
CVE-2025-22248
The bitnami/pgpool Docker image, and the bitnami/postgres-ha k8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. The PGPOOLSRCHECKUSER is the user that Pgpool itself uses to perform streaming replication check...
CVE-2025-22248
The bitnami/pgpool Docker image, and the bitnami/postgres-ha k8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. The PGPOOLSRCHECKUSER is the user that Pgpool itself uses to perform streaming replication check...
CVE-2025-22248 [pgpool] Unauthenticated access to postgres through pgpool
The bitnami/pgpool Docker image, and the bitnami/postgres-ha k8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. The PGPOOLSRCHECKUSER is the user that Pgpool itself uses to perform streaming replication check...
ROS-20250430-16
The package manager vulnerability for Kubernetes Helm is related to the creation of a diagram file in such a way, that it expands and becomes much larger in uncompressed form. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A package manager...
GHSA-C35H-W8HJ-MM55 Apache Pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint
Improper Authentication vulnerability in Apache Pulsar Proxy allows an attacker to connect to the /proxy-stats endpoint without authentication. The vulnerable endpoint exposes detailed statistics about live connections, along with the capability to modify the logging level of proxied connections...
SUSE CVE-2023-25165
Helm is a tool that streamlines installing and managing Kubernetes applications.getHostByName is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a DNS lookup. The DNS...