167 matches found
GHSA-VGWF-H737-FF37 vulnerabilities
Vulnerabilities for packages: wolfictl, trivy-operator, kubernetes-dashboard, gptscript, guac, docker-cli-buildx, nfpm, terragrunt, containerd, cloud-provider-aws, kubescape, kaf, flux-source-controller, podman, melange, k3s, osv-scanner, cilium, gh, nuclei, kubernetes, cilium-cli, buildkitd, kin...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: k9s, cert-manager, zot, vitess, nerdctl, skaffold, trivy-operator, k3s, mattermost, argo-cd, cilium, osv-scanner, flux-image-automation-controller, minio, kubernetes-dashboard, flux, rancher, telegraf, kubernetes, zarf, cilium-cli, knative-serving, prometheus-operato...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: policy-controller, wolfictl, fulcio, trivy-operator, ko, atlantis, hcloud, cosign, kubernetes-dashboard, kargo, gptscript, guac, crossplane-provider-aws-elasticache, docker-cli-buildx, sealed-secrets, tekton-chains, src, crossplane-provider-aws-ec2, nfpm, terragrunt,...
GHSA-QPW4-5X99-6VJP vulnerabilities
Vulnerabilities for packages: wolfictl, trivy-operator, kubernetes-dashboard, gptscript, guac, docker-cli-buildx, nfpm, terragrunt, containerd, cloud-provider-aws, kubescape, kaf, flux-source-controller, podman, melange, k3s, osv-scanner, cilium, gh, nuclei, kubernetes, cilium-cli, buildkitd, kin...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: k9s, cert-manager, zot, vitess, nerdctl, skaffold, trivy-operator, k3s, mattermost, argo-cd, cilium, osv-scanner, flux-image-automation-controller, minio, kubernetes-dashboard, flux, rancher, docker-machine-driver-harvester, telegraf, kubernetes, zarf, cilium-cli,...
GHSA-FQW6-GF59-QR4W vulnerabilities
Vulnerabilities for packages: docker, kube-arangodb-fips, buildkitd-fips, trivy, helm-set-status, packer-fips, k8ssandra-client-fips, docker-compose, chaos-mesh, xeol, gogatekeeper, grype-db, eks-node-monitoring-agent, newrelic-infrastructure-agent-fips, wolfictl, newrelic-infrastructure-agent,...
@aidps/canvas-flow (>=1.0.0 <=1.0.1), @antv/xflow (>=2.0.1 <=2.2.4) +116 more potentially affected by unknown CVE via @antv/x6-plugin-selection (>=2.0.0 <=2.2.2)
@antv/x6-plugin-selection NPM version =2.0.0, =1.0.0, =2.0.1, =0.0.1, =0.0.2, =1.0.0-beta.46, =0.0.4, =0.7.0, =0.0.3, =2.0.4, =0.0.27, =3.0.0, =4.0.0-600 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVX6PLUGINSELECTION-16754927...
@abtnode/ux (>=1.16.40 <=1.17.13-beta-20260512-042419-7b556a38), @ada-lc/echarts-materials (>=0.0.1 <=0.0.2) +496 more potentially affected by unknown CVE via echarts-for-react (>=3.0.0-beta.2 <=3.0.6)
echarts-for-react NPM version =3.0.0-beta.2, =1.16.40, =0.0.1, =0.1.0, =0.0.2-7.1, =0.1.1, =1.0.0, =1.0.0, =1.0.0, =1.3.5-beta.937, =1.0.8-alpha, =3.34.0, =0.1.10, =1.0.5, =0.2.0, =0.4.5-next.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-ECHARTSFORREACT-16754865...
@action.sustainability/storybook-dashboard (>=0.1.1 <=0.1.5), @agentlab/ldkg-ui-charts (>=0.1.4 <=0.1.7) +297 more potentially affected by unknown CVE via @antv/async-hook (=2.2.9)
@antv/async-hook NPM version =2.2.9 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/async-hook and may be impacted: - @action.sustainability/storybook-dashboard =0.1.1, =0.1.4, =1.1.15, =0.1.0, =1.0.17-beta.1, =0.0.1-beta.2, =1.2.0-beta.0, =0.0.2...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +369 more potentially affected by CVE-2026-41712 via org.springframework.ai:spring-ai-model (>=2.0.0-M1 <=2.0.0-M5)
org.springframework.ai:spring-ai-model MAVEN version =2.0.0-M1, =0.1.0, =0.1.0, =1.21.9, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.2 and more Source cves: CVE-2026-41712 Source advisory: OSV:GHSA-Q62F-H9X2-GCQC...
@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @abyedev/hono-dotenv (=1.0.0) +537 more potentially affected by CVE-2026-44455 via hono (>=0.5.10 <=4.12.15)
hono NPM version =0.5.10, =0.1.8-fix.3, =5.0.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.1.4, =2026.4.4, =1.0.2, =0.1.1, =0.0.1, =0.0.2-a, =0.1.22, =1.1.1, =1.3.0 and more Source cves: CVE-2026-44455 Source advisory: OSV:GHSA-69XW-7HCM-H432...
CVE-2026-41889 vulnerabilities
Vulnerabilities for packages: azure-service-operator, grafana, kubeflow-pipelines, steampipe, falcosidekick, k3s, caddy, sqlexporter, cloudprober, timescaledb-parallel-copy, step-ca, bento, ferretdb, splunk-otel-collector, pgtimetable, cerbos, kuma, telegraf, spqr, teleport, step-issuer,...
CVE-2026-41506 vulnerabilities
Vulnerabilities for packages: k9s, grafana, zot, gitlab-runner, skaffold, wolfictl, trivy-operator, steampipe, pulumi-language-yaml, witness, argo-cd, osv-scanner, tfsec, syft, flux-image-automation-controller, rancher-fleet, grype, src-fingerprint, flux, xeol, goreleaser, cerbos, kargo, gptscrip...
2adif (=0.1.0), 3robotics (=0.0.1) +1532 more potentially affected by CVE-2026-42304 via twisted (>=20.3.0 <=26.4.0)
twisted PYPI version =20.3.0, =0.0.12, =3.0.9, =3.0.0, =0.1.0, =23.12.0rc1, =0.10.0, =0.0.1, =0.4.0, =3.0.0, =0.1.4, =1.0.0, =1.0.2 - aha-scrapyd =1.3.0 and more Source cves: CVE-2026-42304 Source advisory: OSV:GHSA-GRGV-6HW6-V9G4...
arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.4.13) +38 more potentially affected by CVE-2026-35192 via django (>=6.0.0 <=6.0.4)
django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 - django-tasks-aws =0.2.0b1 and more Source cves: CVE-2026-35192 Source advisory: OSV:PYSEC-2026-50...
com.github.niupengyu.schedule:ahead-schedule-distributed (>=1.2.6-RELEASE <=1.2.8-RELEASE), com.github.niupengyu:ahead-frame-socket (>=1.2.1-RELEASE <=1.2.3-RELEASE) +40 more potentially affected by CVE-2026-42779 via org.apache.mina:mina-core (>=2.1.0 <=2.1.11)
org.apache.mina:mina-core MAVEN version =2.1.0, =1.2.6-RELEASE, =1.2.1-RELEASE, =2.2.1, =2.2.1, =3.0.0, =1.0.0, =3.0.11, =3.6.7, =3.6.7, =3.6.7, =3.6.10 and more Source cves: CVE-2026-42779 Source advisory: OSV:GHSA-VF5J-865M-MQ7C...
africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +2767 more potentially affected by CVE-2026-22745 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.3.4)
org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =1.1.0, =1.1.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =0.0.1, =v0.3.12, =v0.3.10, =v0.3.12, =2.1.2.RELEASE, =4.1.36, =4.1.7, =4.7.1 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 - br.com.m4rc310:br-com-m4rc310-libs =1.0.1 and more...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: grafana, cert-manager, zot, gitlab-runner, minio, flux, rancher, ratify, xeol, telegraf, spqr, teleport, nuclei, yunikorn-k8shim, terraform, gitea, cert-manager-istio-csr, harbor, external-secrets-operator, openbao, sftpgo-plugin-auth, k6, rclone, rancher-agent,...
GHSA-J88V-2CHJ-QFWX vulnerabilities
Vulnerabilities for packages: azure-service-operator, grafana, kubeflow-pipelines, steampipe, falcosidekick, k3s, caddy, sqlexporter, cloudprober, timescaledb-parallel-copy, step-ca, bento, ferretdb, splunk-otel-collector, pgtimetable, cerbos, kuma, telegraf, spqr, teleport, step-issuer,...
@adaptivestone/framework (>=2.7.3 <=3.0.22), @agsiri/common-utils (>=1.0.0 <=1.2.12) +320 more potentially affected by CVE-2026-41693 via i18next-fs-backend (>=1.0.2 <=2.6.3)
i18next-fs-backend NPM version =1.0.2, =2.7.3, =1.0.0, =0.2.0, =0.3.0, =3.7.0, =0.2.11, =1.1.0, =1.1.1, =1.0.0, =2.0.1, =2.0.1, =2.0.1, =2.0.1, =2.7.1-rc.5 and more Source cves: CVE-2026-41693 Source advisory: OSV:GHSA-8847-338W-5HCJ...