CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/08 6:34 p.m.•2 views

EUVD-2025-209308

A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation...

NVD•added 2026/04/08 5:20 p.m.•1 views

CVE-2025-14243

5.3CVSS0.00077EPSS

Vulnrichment•added 2026/04/08 5:6 p.m.•3 views

CVE-2026-32591 Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration

A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An...

5.2CVSS5.7AI score0.0001EPSS

CVE•added 2026/04/08 5:4 p.m.•5 views

CVE-2026-32590

CVE-2026-32590 affects Red Hat Quay and relates to the handling of resumable container image layer uploads. The vulnerability stems from how intermediate upload data is stored in the database: if this data is tampered with, an attacker could trigger arbitrary code execution on the Quay server (re...

8.8CVSS6.2AI score0.00091EPSS

Exploits0References8Affected Software2

Vulnrichment•added 2026/04/08 5:4 p.m.•1 views

CVE-2026-32589 Mirror-registry: quay: insecure direct object reference in blobupload

A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to rea...

7.4CVSS5.8AI score0.00052EPSS

Exploits0References8

Vulnrichment•added 2026/04/08 4:41 p.m.•2 views

CVE-2025-14243 Mirror-registry: openshift mirror registry: user enumeration via authentication error messages

Cvelist•added 2026/04/08 4:41 p.m.•18 views

CVE-2025-14243 Mirror-registry: openshift mirror registry: user enumeration via authentication error messages

5.3CVSS0.00077EPSS

RedhatCVE•added 2026/04/08 4:37 p.m.•3 views

CVE-2025-14243

CVE•added 2026/04/08 4:26 p.m.•7 views

CVE-2026-2377

CVE-2026-2377 affects mirror-registry’s log export functionality. Authenticated users can trigger a server-side request forgery (SSRF) by supplying a crafted URL, allowing the backend to reach internal network resources. This may expose sensitive information or access to internal systems. The des...

6.5CVSS6AI score0.00018EPSS

Exploits0References7Affected Software2

Cvelist•added 2026/04/08 4:26 p.m.•22 views

CVE-2026-2377 Mirror-registry: quay: quay: server-side request forgery via log export functionality

6.5CVSS0.00018EPSS

Exploits0References7

Vulnrichment•added 2026/04/08 4:26 p.m.•3 views

CVE-2026-2377 Mirror-registry: quay: quay: server-side request forgery via log export functionality

6.5CVSS6AI score0.00018EPSS

Exploits0References7

Positive Technologies•added 2026/04/08 12:0 a.m.•1 views

PT-2026-31329

CNNVD•added 2026/04/08 12:0 a.m.•2 views

Red Hat OpenShift Mirror Registry 安全漏洞

Red Hat OpenShift Mirror Registry is a lightweight container image repository service provided by Red Hat Corporation. There is a security vulnerability in Red Hat OpenShift Mirror Registry. This vulnerability stems from failed authentication processes and different error messages during account...

5.3CVSS5.8AI score0.00077EPSS

CNNVD•added 2026/04/08 12:0 a.m.•3 views

Red Hat OpenShift Mirror Registry 代码问题漏洞

Red Hat OpenShift Mirror Registry is a lightweight container image repository service provided by Red Hat Corporation. There are code-related vulnerabilities in Red Hat OpenShift Mirror Registry. These vulnerabilities allow authenticated users to utilize the log export feature to provide custom...

6.5CVSS5.9AI score0.00018EPSS