CLEANSTART-2026-QA91937 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-r6j8-c6r2-37rr applied in versions: 0.18.3-r1, 0.18.3-r2

Multiple security vulnerabilities affect the node-feature-discovery package. These issues are resolved in later releases. See references for individual vulnerability details...

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, kube-metrics-adapter, eks-distro, cluster-api-gcp-controller, gitaly, tflint-fips, k9s, kubernetes-csi-external-provisioner-fips, kube-vip-cloud-provider, kine, istio, velero-plugin-for-gcp-fips, elastic-agent,...

GHSA-9493-H29P-RFM2 vulnerabilities

Vulnerabilities for packages: grafana-alloy, rancher-agent, node-feature-discovery, nvidia-container-toolkit, buildah, falco-no-driver, podman, k3s, sriov-network-device-plugin, kubernetes...

CVE-2025-31133 vulnerabilities

Vulnerabilities for packages: grafana-alloy, rancher-agent, node-feature-discovery, nvidia-container-toolkit, buildah, falco-no-driver, podman, k3s, sriov-network-device-plugin, kubernetes...

CVE-2025-52565 vulnerabilities

Vulnerabilities for packages: grafana-alloy, rancher-agent, node-feature-discovery, nvidia-container-toolkit, buildah, falco-no-driver, podman, k3s, sriov-network-device-plugin, kubernetes...

GHSA-QW9X-CQR3-WC7R vulnerabilities

Vulnerabilities for packages: grafana-alloy, rancher-agent, node-feature-discovery, nvidia-container-toolkit, buildah, falco-no-driver, podman, k3s, sriov-network-device-plugin, kubernetes...

CVE-2025-52881 vulnerabilities

Vulnerabilities for packages: zarf, grype, mesosphere-vsphere-csi, blob-csi, checksec, dagger, skaffold, sriov-network-device-plugin, kubernetes, wolfictl, k8s-device-plugin, osv-scanner, zot, grafana-alloy, rancher-agent, node-feature-discovery, syft, envoy-gateway, neuvector-scanner,...

CVE-2025-52881 vulnerabilities

Vulnerabilities for packages: datadog-agent, cluster-autoscaler-fips, kots, eks-distro, rancher-agent, neuvector-scanner-fips, grype-fips, k9s, chainctl, sriov-network-device-plugin, zot, skopeo-fips, virt-handler, trivy-operator, envoy-gateway, mesosphere-vsphere-csi, grafana-alloy-fips,...

GHSA-QW9X-CQR3-WC7R vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, rke2-runtime, eks-distro, rancher-agent, rancher, podman, sriov-network-device-plugin, node-feature-discovery, node-feature-discovery-fips, falco-no-driver, buildah, cluster-autoscaler, k3s, nvidia-container-toolkit, prometheus-podman-exporte...

CVE-2025-52565 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, rke2-runtime, eks-distro, rancher-agent, rancher, podman, sriov-network-device-plugin, node-feature-discovery, node-feature-discovery-fips, falco-no-driver, buildah, cluster-autoscaler, k3s, nvidia-container-toolkit, prometheus-podman-exporte...

CVE-2025-31133 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, rke2-runtime, eks-distro, rancher-agent, rancher, podman, sriov-network-device-plugin, virt-handler-fips, node-feature-discovery, node-feature-discovery-fips, falco-no-driver, buildah, virt-handler, cluster-autoscaler, k3s,...

GHSA-9493-H29P-RFM2 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, rke2-runtime, eks-distro, rancher-agent, rancher, podman, sriov-network-device-plugin, virt-handler-fips, node-feature-discovery, node-feature-discovery-fips, falco-no-driver, buildah, virt-handler, cluster-autoscaler, k3s,...

GHSA-CGRX-MC8F-2PRM vulnerabilities

Vulnerabilities for packages: datadog-agent, cluster-autoscaler-fips, kots, eks-distro, rancher-agent, neuvector-scanner-fips, grype-fips, k9s, chainctl, sriov-network-device-plugin, zot, skopeo-fips, virt-handler, trivy-operator, envoy-gateway, mesosphere-vsphere-csi, grafana-alloy-fips,...

GHSA-6V2P-P543-PHR9 vulnerabilities

Vulnerabilities for packages: victoriametrics-operator, rabbitmq-messaging-topology-operator-fips, cluster-autoscaler-fips, google-guest-agent-manager, eks-distro, cinder-csi-plugin-fips, victoriametrics-cluster, crossplane-provider-aws-cloudfront, gitaly, actions-runner-controller-fips,...

CVE-2025-4563 vulnerabilities

Vulnerabilities for packages: rancher-fleet, rancher-system-agent, vcluster, cluster-autoscaler, docker-machine-driver-harvester, yunikorn-k8shim, rancher-agent, node-feature-discovery, argo-cd, calico, mesosphere-vsphere-csi, blob-csi, kubernetes-csi-driver-hostpath,...

CVE-2025-4563 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, azuredisk-csi, emissary-fips, rancher-agent, kubernetes-csi-driver-hostpath, cloud-provider-gcp-cloud-controller-manager-fips, rancher-fleet, rancher, rancher-system-agent, cloud-provider-gcp-cloud-controller-manager, yunikorn-k8shim-fips,...

GHSA-JFVP-7X6P-H2PV vulnerabilities

Vulnerabilities for packages: grafana-alloy, syft, buildah, grype, neuvector-scanner, docker, runc, ctop, podman, k3s, cadvisor, opentelemetry-collector-contrib, kubernetes, k8s-device-plugin...

CVE-2024-45310 vulnerabilities

Vulnerabilities for packages: grafana-alloy, syft, buildah, grype, neuvector-scanner, docker, runc, ctop, podman, k3s, cadvisor, opentelemetry-collector-contrib, kubernetes, k8s-device-plugin...

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, kubernetes-csi-driver-hostpath, rancher-webhook, local-static-provisioner, node-feature-discovery, ip-masq-agent, aws-ebs-csi-driver, aws-efs-csi-driver, rancher-webhook-fips, argocd-image-updater, argocd-image-updater-fips,...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, kubernetes-csi-driver-hostpath, rancher-webhook, local-static-provisioner, node-feature-discovery, ip-masq-agent, aws-ebs-csi-driver, aws-efs-csi-driver, rancher-webhook-fips, argocd-image-updater, argocd-image-updater-fips,...