Lucene search
K

4393 matches found

RedhatCVE
RedhatCVE
added yesterday9 views

CVE-2026-62147

The Tempo Operator's gateway component failed to consistently apply namespace-scoped redaction on some query API response paths when query RBAC was enabled, allowing an authenticated user to read span attributes belonging to other tenants' namespaces. Mitigation There is no mitigation or workarou...

6.5CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57809

Name of the Vulnerable Software and Affected Versions Tempo Operator affected versions not specified Description The gateway component fails to consistently apply namespace-scoped redaction on certain query API response paths when query RBAC Role-Based Access Control is enabled. This allows an...

6.5CVSS6.1AI score
Exploits0References4
NVD
NVD
added 4 days ago7 views

CVE-2026-56329

Capgo before 12.128.2 contains a cross-tenant preview namespace collision vulnerability caused by non-bijective decoding of double underscores to dots in preview hostname parsing. Attackers can register app IDs with underscores that collide with other tenants' dotted app IDs, causing preview...

6.4CVSS0.00237EPSS
Exploits0References2
CVE
CVE
added 4 days ago7 views

CVE-2026-56329

CVE-2026-56329 affects Capgo before 12.128.2. The issue arises from non-bijective decoding of double underscores to dots in preview hostname parsing, causing a cross-tenant preview namespace collision. Attackers can register app IDs with underscores that collide with other tenants’ dotted app IDs...

6.4CVSS6.1AI score0.00237EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-56329 Capgo - Cross-Tenant Preview Namespace Collision via Non-Bijective Underscore Decoding

Capgo before 12.128.2 contains a cross-tenant preview namespace collision vulnerability caused by non-bijective decoding of double underscores to dots in preview hostname parsing. Attackers can register app IDs with underscores that collide with other tenants' dotted app IDs, causing preview...

6.4CVSS0.00237EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 5 days ago6 views

kernel: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

7.5CVSS6.2AI score0.00151EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 6 days ago3 views

Security Bulletin: Nomad vulnerable to cross-namespace host volume claim deletion

Summary HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace...

4.2CVSS5.9AI score0.0016EPSS
Exploits0Affected Software1
NVD
NVD
added 6 days ago6 views

CVE-2026-14896

HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. This...

4.2CVSS0.0016EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-14896 Nomad vulnerable to cross-namespace host volume claim deletion

HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. This...

4.2CVSS0.0016EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42392

HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. This...

4.2CVSS6AI score0.0016EPSS
Exploits0References1
CVE
CVE
added 6 days ago7 views

CVE-2026-14896

HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature, potentially allowing an operator with host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. Root cau...

4.2CVSS6AI score0.0016EPSS
Exploits0References1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 6 days ago6 views

Nomad vulnerable to cross-namespace host volume claim deletion

Summary HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace...

4.2CVSS6.1AI score0.0016EPSS
Exploits0Affected Software1
NVD
NVD
added 6 days ago7 views

CVE-2026-14373

HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other workloads on...

7.7CVSS0.00248EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 6 days ago3 views

Security Bulletin: Nomad Docker driver Linux host namespace bypass

Summary HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other...

7.7CVSS5.9AI score0.00248EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-14373 Nomad Docker driver Linux host namespace bypass

HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other workloads on...

7.7CVSS0.00248EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42349

HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other workloads on...

7.7CVSS6AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 6 days ago9 views

CVE-2026-14373

HashiCorp Nomad and Nomad Enterprise are affected by CVE-2026-14373 where the Docker task driver did not enforce allow_privileged for host namespace mode options (process, IPC, user, UTS). This can allow an authenticated job submitter to place a container in the host namespace on Linux clients an...

7.7CVSS6AI score0.00248EPSS
Exploits0References1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 6 days ago7 views

Nomad Docker driver vulnerable to host namespace bypass on Linux

Summary HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver’s host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other...

7.7CVSS6.1AI score0.00248EPSS
Exploits0Affected Software1
NVD
NVD
added last week7 views

CVE-2026-53935

Cilium is a networking, observability, and security solution. Prior to 1.17.16, from 1.18.2 to 1.18.9, and from 1.19.0 to 1.19.3, users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, enabling hijacking traffic to Services in any namespa...

6.9CVSS0.00341EPSS
Exploits0References7
OSV
OSV
added last week7 views

CVE-2026-53935 CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation

Cilium is a networking, observability, and security solution. Prior to 1.17.16, from 1.18.2 to 1.18.9, and from 1.19.0 to 1.19.3, users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, enabling hijacking traffic to Services in any namespa...

6.9CVSS6AI score0.00341EPSS
Exploits0References9
Rows per page
Query Builder