OSEC-2026-09 Albatross-console memory exhaustion

Albatross-console doesn't properly terminate when looping over the ringbuffer. This leads to denial of service and memory exhaustion. Scenario A user that has access to albatross-console either via the unix domain socket requires root:albatross by default or via albatross-tls-endpoint requires a...

Arbitrary Command Injection

Overview k8s.io/kubernetes/pkg/kubelet is a package that contains the libraries that drive the Kubelet binary. The kubelet is responsible for node level pod management. It runs on each worker in the cluster. Affected versions of this package are vulnerable to Arbitrary Command Injection via the...

Arbitrary Command Injection

Overview github.com/kubernetes/kubernetes/pkg/kubelet is a kubelet package. Affected versions of this package are vulnerable to Arbitrary Command Injection via the nodes//logs/query API. An attacker with the ability to query a node's '/logs' endpoint can execute arbitrary commands on the host by...

PT-2025-1258

Name of the Vulnerable Software and Affected Versions Kubernetes versions prior to 1.29.14 Kubernetes versions prior to 1.30.10 Kubernetes versions prior to 1.31.6 Description This issue is a command injection affecting Windows nodes via the /logs query API. An attacker with the ability to query ...

PYSEC-2024-298

OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information SETTINGSSUPPORT. This is due to inadequate access control for support information...

CVE-2019-11290 Cloud Foundry UAA logs query parameters in tomcat access file

Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well...