131 matches found
CVE-2026-55069
Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computatio...
CVE-2026-55069 Kestra BasicAuth Password Stored as SHA-512 Enables Offline Brute-Force Attack
Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computatio...
PT-2026-52986
Name of the Vulnerable Software and Affected Versions Kestra versions prior to 1.3.24 Description The BasicAuth authentication component of the Kestra OSS workflow orchestration platform stores passwords using SHA-512, which has a high computation speed. An attacker with read access to the...
GHSA-F49J-V924-FX9W Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution
Summary The environment variables KERNELXXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...
Containers on fire: from container escapes to supply chain attacks
Introduction Modern infrastructures universally rely on containerization to deploy applications, scale services, and build cloud platforms. The use of Docker, Kubernetes, and similar technologies has become the corporate standard for efficient automation. However, as containers grow in popularity...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Argoproj Argo_Cd
CVE-2026-42880 — ArgoCD Secret Exposure via ServerSideDiff A...
GHSA-3278-C88V-XRH4 Kong Ingress Controller for Kubernetes (KIC): Secret-backed plugin configurations leak through non-sensitive diagnostics endpoint
Summary A vulnerability in the Kong Ingress Controller KIC allows for the unauthorized exposure of sensitive plugin credentials through the diagnostics interface. Even when configured to redact sensitive information using --dump-sensitive-config=false, KIC fails to sanitize the Plugins field in...
Kong Ingress Controller for Kubernetes (KIC): Secret-backed plugin configurations leak through non-sensitive diagnostics endpoint
Summary A vulnerability in the Kong Ingress Controller KIC allows for the unauthorized exposure of sensitive plugin credentials through the diagnostics interface. Even when configured to redact sensitive information using --dump-sensitive-config=false, KIC fails to sanitize the Plugins field in...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Information Disclosure
Argo CD is vulnerable to Information Exposure. The vulnerability is due to missing authorization and insufficient data masking in the ServerSideDiff endpoint, which allows an attacker with read-only access to extract plaintext Kubernetes Secret data through the Server-Side Apply dry-run mechanism...
CVE-2026-42876 External Secrets Operator: Priviledge escalation with secret overwriting
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Prior to 2.4.1, a user who only has permission to create ExternalSecret resources can cause the operator to create a Secret that Kubernetes will automatically populat...
CVE-2026-42880
A flaw was found in Argo CD, a GitOps continuous delivery tool for Kubernetes. A missing authorization and data-masking gap in the ServerSideDiff endpoint allows an attacker with read-only access to extract sensitive Kubernetes Secret data. This information disclosure occurs by leveraging the...
BIT-ARGO-CD-2026-42880 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...
CVE-2026-42880
CVE-2026-42880 (Argo CD) : A missing authorization/data-masking gap in Argo CD’s ServerSideDiff endpoint allows an attacker with read-only access to extract plaintext Secret data from etcd via the Kubernetes API server’s Server-Side Apply dry-run. Affected versions are 3.2.0–3.2.10 and 3.3.0–3.3....
ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction
Summary There is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext Kubernetes Secret data from etcd via the Kubernetes API server's Server-Side Apply dry-run mechanism. Details Argo CD masks Secret...
EUVD-2026-28469
ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction...
Argo CD 信息泄露漏洞
Argo CD is an open-source tool developed by Argo for Kubernetes, designed for declarative GitOps continuous delivery. Versions of Argo CD prior to 3.2.11 and 3.3.0–3.3.9 contained a vulnerability related to information leakage. This vulnerability stemmed from a lack of authorization and data...
CVE-2026-43824
Argo CD vulnerable via ServerSideDiff: versions 3.2.0–3.2.10 and 3.3.0–3.3.8 expose cleartext Kubernetes Secret data. Root cause is the ServerSideDiff endpoint returning raw Secret data when IncludeMutationWebhook is enabled, effectively leaking sensitive information in responses. Upstream fixes ...