Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.9 views

CVE-2026-42876

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Prior to 2.4.1, a user who only has permission to create ExternalSecret resources can cause the operator to create a Secret that Kubernetes will automatically populat...

4.9CVSS5.5AI score0.00214EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 2:6 p.m.11 views

Malicious code in @bcrumbs.net/bc-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4bd9ccff2d027c9982ab41ff4b4417e62475e70aba04212794f267030f63ab0 The exported BCChat React component embeds a hardcoded Azure Blob SAS URL https://bcuserres.blob.core.windows.net/anonymous with a long-lived SAS tok...

5.8AI score
Exploits0References1
CVE
CVE
added 2026/05/11 6:58 p.m.19 views

CVE-2026-42876

External Secrets Operator (ESO) vulnerability where a user with permission to create ExternalSecret resources can trigger creation of a Secret populated with a long‑lived token for a service account, enabling impersonation of that service account in the namespace. This privilege escalation is pos...

4.9CVSS5.8AI score0.00214EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/08 5:24 p.m.13 views

ExternalSecrets vulnerable to privilege escalation with secret overwriting

ExternalSecrets allows users to craft Service Account tokens for misconfigured Service Accounts in namespaces the users have access to. Impact A user who only has permission to create ExternalSecret resources can cause the operator to create a Secret that Kubernetes will automatically populate wi...

4.9CVSS5.8AI score0.00214EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2025/07/30 12:0 a.m.2 views

Unspecified Vulnerability in FileBrowser

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a security vulnerability that stems from a flaw in the authentication system that can be exploit...

9.8CVSS7.2AI score0.00498EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.4 views

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a security vulnerability that stems from a flaw in the authentication system that can be exploit...

9.8CVSS6.7AI score0.00498EPSS
Exploits1References3
Rows per page
Query Builder