Lucene search
+L

264 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-44182

Jupyter Enterprise Gateway launches remote Jupyter Notebook kernels across distributed clusters like Apache Spark, Kubernetes, and Docker Swarm. In versions prior to 3.3.0, the server interpolates untrusted environment variables e.g., KERNELXXX into Kubernetes manifests without YAML-aware escapin...

10CVSS0.00347EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-44182 Jupyter Enterprise Gateway Has Kubernetes Manifest Injection via Jinja2 Template Rendering

Jupyter Enterprise Gateway launches remote Jupyter Notebook kernels across distributed clusters like Apache Spark, Kubernetes, and Docker Swarm. In versions prior to 3.3.0, the server interpolates untrusted environment variables e.g., KERNELXXX into Kubernetes manifests without YAML-aware escapin...

10CVSS0.00347EPSS
Exploits0References2
CVE
CVE
added 2 days ago9 views

CVE-2026-59864

Kiota (OpenAPI-based HTTP client code generator) prior to v1.32.5 allowed path traversal/out-of-package file inclusion in generated Microsoft 365 Copilot and Teams plugin manifests through attacker-controlled static_template.file values derived from x-ai-adaptive-card and x-ai-capabilities during...

9.3CVSS6.1AI score0.01275EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-59864 Kiota: Path/URL injection into generated Copilot plugin manifest via x-ai-* extensions

Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, kiota plugin add and kiota plugin generate with -t APIPlugin emitted attacker-controlled statictemplate.file values from x-ai-adaptive-card and x-ai-capabilities into generated Microsoft 365 Copilot and Teams plugin manifests...

9.3CVSS0.01275EPSS
Exploits0References4
NVD
NVD
added 2026/07/10 11:16 p.m.8 views

CVE-2026-55175

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS0.00615EPSS
Exploits0References11
CVE
CVE
added 2026/07/10 9:52 p.m.15 views

CVE-2026-55175

Spinnaker CVE-2026-55175 affects Rosco/Kustomize bake operations where unsafe YAML tag processing in rosco manifests can lead to remote code execution on rosco pods. Affected versions are prior to 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 across release lines; fixes are available in 2026.1.1, 20...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References11
EUVD
EUVD
added 2026/07/10 9:52 p.m.5 views

EUVD-2026-43087

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/10 12:0 a.m.6 views

PT-2026-57343

Name of the Vulnerable Software and Affected Versions Spinnaker versions prior to 2026.1.1 Spinnaker versions prior to 2026.0.3 Spinnaker versions prior to 2025.4.4 Spinnaker versions prior to 2025.3.4 Description Unsafe YAML tag processing during Kustomize bake operations in rosco manifests can...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References15
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-362 Jupyter Enterprise Gateway: Kubernetes Manifest Injection in Jinja2 Template Rendering

Summary The environment variables used during the rendering of the Kubernetes manifest allow YAML injection, enabling attackers to overwrite existing keys like securityContext and inject multi-document YAML to create additional unintended Kubernetes resources. Details The server interpolates...

10CVSS6.3AI score0.00347EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-364 Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution

Summary The environment variables KERNELXXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...

10CVSS6.4AI score0.0046EPSS
Exploits0References5
OSV
OSV
added 2026/06/26 10:43 p.m.5 views

GHSA-QVQC-4C52-X6QP regclient may leak authentication credentials to external blob stores

Credentials for a registry may be inadvertently leaked to external servers. A prerequisite for this attack is a malicious registry server, a malicious blob store, or a registry that does not restrict the external URLs for foreign blobs. Example attack A malicious registry serves an OCI image...

6.8CVSS5.7AI score
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/23 4:9 p.m.8 views

CVE-2026-50574

yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On...

9.6CVSS6.5AI score0.00406EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/23 4:9 p.m.33 views

CVE-2026-50574 yt-dlp: Arbitrary code execution via manifest downloads with aria2c

yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On...

8.3CVSS0.00406EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 4:9 p.m.54 views

CVE-2026-50574

CVE-2026-50574 affects yt-dlp, where using aria2c as an external downloader for fragmented manifests (HLS/DASH) allows an attacker to write arbitrary files by passing insufficiently sanitized input to aria2c. On Windows, this can cause immediate arbitrary code execution; on non-Windows, execution...

9.6CVSS6.5AI score0.00406EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2026/06/22 8:43 p.m.4 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the YAML processing. An attacker can execute arbitrary code by supplying crafted YAML input that triggers unsafe class loading during operations such as CloudFormation deployments or CloudFoundry...

8.8CVSS6.2AI score0.01001EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.11 views

Python Library yt-dlp < 2026.6.9 Multiple Vulnerabilities

The detected version of the yt-dlp Python package is prior to 2026.6.9. It is, therefore, affected by multiple vulnerabilities: - A vulnerability exists in yt-dlp that allows a remote attacker to write arbitrary OS-shortcut files such as .desktop, .url, .webloc to the user's filesystem, bypassing...

9.6CVSS6.7AI score0.00555EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/06/16 9:13 p.m.13 views

yt-dlp: Arbitrary code execution via manifest downloads with aria2c

Summary If aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On Windows platforms, this can lead to immediate arbitrary code...

9.6CVSS6.2AI score0.00406EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/06/03 9:37 p.m.7 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview jupyter-enterprise-gateway is an A web server for spawning and communicating with remote Jupyter kernels Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the rendering process of...

10CVSS6AI score0.00347EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/03 9:36 p.m.8 views

Improper Neutralization of Special Elements Used in a Template Engine

Overview jupyter-enterprise-gateway is an A web server for spawning and communicating with remote Jupyter kernels Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the rendering of Kubernetes manifest templates using...

10CVSS6.1AI score0.0046EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.14 views

PT-2026-46096

Summary The environment variables KERNEL XXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...

10CVSS6.4AI score
Exploits0References3
Rows per page
Query Builder