CVE-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

CVE-2026-0621

Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service ReDoS vulnerability in the UriTemplate class when processing RFC 6570 exploded array patterns. The dynamically generated regular expression used during URI matching contains nested...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Node DOS vulnerability in Kubernetes [CVE-2025-0426]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Node DOS vulnerability in Kubernetes, due to a flaw in the kubelet read-only HTTP endpoint CVE-2025-0426. Kubernetes is used in our speech-utilities. This vulnerabilitiy has been addressed. Please read the details for remediation...

Linux Distros Unpatched Vulnerability : CVE-2025-47291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - containerd is an open-source container runtime. A bug was found in the containerd's CRI implementation where containerd, starting in version 2.0.1 and prior to...

SUSE CVE-2025-47291

containerd is an open-source container runtime. A bug was found in the containerd's CRI implementation where containerd, starting in version 2.0.1 and prior to version 2.0.5, doesn't put usernamespaced containers under the Kubernetes' cgroup hierarchy, therefore some Kubernetes limits are not...

CVE-2025-47291

containerd is an open-source container runtime. A bug was found in the containerd's CRI implementation where containerd, starting in version 2.0.1 and prior to version 2.0.5, doesn't put usernamespaced containers under the Kubernetes' cgroup hierarchy, therefore some Kubernetes limits are not...

GO-2025-3465 Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes

Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes...

Node Denial of Service via kubelet Checkpoint API

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

CVE-2025-0426

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

DEBIAN-CVE-2025-0426

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

AZL-56714 CVE-2025-0426 affecting package kubernetes for versions less than 1.30.10-1

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

CVE-2025-0426

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

CVE-2025-0426

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

CVE-2025-0426

CVE-2025-0426 (Kubernetes) : The vulnerability concerns the kubelet read-only HTTP endpoint. A flood of container checkpoint requests to the unauthenticated endpoint can exhaust node disk space, leading to a Node DoS. The provided connected IBM/KB content lists this CVE and reproduces the Kuberne...

CVE-2025-0426

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

PT-2026-2478

Name of the Vulnerable Software and Affected Versions Node.js versions 8.x through 18.x Node.js versions 20.x through 20.20.0 Node.js versions 22.x through 22.22.0 Node.js versions 24.x through 24.13.0 Node.js versions 25.x through 25.3.0 Description A critical issue exists in Node.js related to...

AZL-53405 CVE-2023-6476 affecting package cri-o for versions less than 1.22.3-10

A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node...