CLEANSTART-2026-QA91937 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-r6j8-c6r2-37rr applied in versions: 0.18.3-r1, 0.18.3-r2

Multiple security vulnerabilities affect the node-feature-discovery package. These issues are resolved in later releases. See references for individual vulnerability details...

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: headlamp-fips, k3s, policy-controller, pulumi-kubernetes-operator, keda, spire-server, coredns, seaweedfs, trufflehog-fips, docker-cli-buildx-fips, packer-fips, elastic-agent-fips, conftest-fips, skaffold, rancher-webhook, sftpgo-plugin-kms, eks-distro-fips,...

GHSA-9493-H29P-RFM2 vulnerabilities

Vulnerabilities for packages: falco-no-driver, kubernetes, podman, k3s, nvidia-container-toolkit, rancher-agent, sriov-network-device-plugin, buildah, grafana-alloy, node-feature-discovery...

CVE-2025-31133 vulnerabilities

Vulnerabilities for packages: falco-no-driver, kubernetes, podman, k3s, nvidia-container-toolkit, rancher-agent, sriov-network-device-plugin, buildah, grafana-alloy, node-feature-discovery...

CVE-2025-52565 vulnerabilities

Vulnerabilities for packages: falco-no-driver, kubernetes, podman, k3s, nvidia-container-toolkit, rancher-agent, sriov-network-device-plugin, buildah, grafana-alloy, node-feature-discovery...

GHSA-QW9X-CQR3-WC7R vulnerabilities

Vulnerabilities for packages: falco-no-driver, kubernetes, podman, k3s, nvidia-container-toolkit, rancher-agent, sriov-network-device-plugin, buildah, grafana-alloy, node-feature-discovery...

CVE-2025-52881 vulnerabilities

Vulnerabilities for packages: falco-no-driver, k3s, mesosphere-vsphere-csi, kubescape-operator, sriov-network-device-plugin, trivy-operator, skaffold, wolfictl, neuvector-scanner, grype, nvidia-container-toolkit, rancher-agent, spegel, kots, newrelic-infrastructure-agent, k9s,...

CVE-2025-52881 vulnerabilities

Vulnerabilities for packages: longhorn-share-manager-fips, spegel, k3s, trivy, falco-no-driver, nerdctl-fips, skopeo, cg, k9s, amazon-k8s-cni-fips, podman, newrelic-infrastructure-agent-fips, neuvector-scanner-fips, newrelic-infrastructure-agent, sriov-network-device-plugin, skaffold,...

CVE-2025-52565 vulnerabilities

Vulnerabilities for packages: grafana-alloy, kubernetes, k3s, node-feature-discovery, cluster-autoscaler, rancher-agent, kubernetes-fips, falco-no-driver, grafana-alloy-fips, podman, nvidia-container-toolkit, rancher, azure-container-networking, sriov-network-device-plugin, rke2-runtime,...

GHSA-QW9X-CQR3-WC7R vulnerabilities

Vulnerabilities for packages: grafana-alloy, kubernetes, k3s, node-feature-discovery, cluster-autoscaler, rancher-agent, kubernetes-fips, falco-no-driver, grafana-alloy-fips, podman, nvidia-container-toolkit, rancher, azure-container-networking, sriov-network-device-plugin, rke2-runtime,...

CVE-2025-31133 vulnerabilities

Vulnerabilities for packages: grafana-alloy, kubernetes, k3s, node-feature-discovery, cluster-autoscaler, rancher-agent, virt-handler-fips, kubernetes-fips, falco-no-driver, virt-handler, grafana-alloy-fips, podman, nvidia-container-toolkit, rancher, azure-container-networking,...

GHSA-CGRX-MC8F-2PRM vulnerabilities

Vulnerabilities for packages: longhorn-share-manager-fips, spegel, k3s, trivy, falco-no-driver, nerdctl-fips, skopeo, cg, k9s, amazon-k8s-cni-fips, podman, newrelic-infrastructure-agent-fips, neuvector-scanner-fips, newrelic-infrastructure-agent, sriov-network-device-plugin, skaffold,...

GHSA-9493-H29P-RFM2 vulnerabilities

Vulnerabilities for packages: grafana-alloy, kubernetes, k3s, node-feature-discovery, cluster-autoscaler, rancher-agent, virt-handler-fips, kubernetes-fips, falco-no-driver, virt-handler, grafana-alloy-fips, podman, nvidia-container-toolkit, rancher, azure-container-networking,...

GHSA-6V2P-P543-PHR9 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard-web, spegel, consul-k8s-fips, k3s, crossplane-provider-sql-fips, aws-network-policy-agent-fips, lvm-driver, rook, policy-controller, cert-manager-fips, pulumi-kubernetes-operator, keda, step-issuer-fips, spire-server,...

CVE-2025-4563 vulnerabilities

Vulnerabilities for packages: azuredisk-csi, kubernetes-csi-driver-hostpath, rancher-fleet, azurefile-csi, blob-csi, cloud-provider-gcp-cloud-controller-manager, cluster-autoscaler, rancher-agent, mesosphere-vsphere-csi, yunikorn-k8shim, rancher, argo-cd, node-feature-discovery,...

CVE-2025-4563 vulnerabilities

Vulnerabilities for packages: azuredisk-csi, longhorn-share-manager-fips, kubernetes-csi-driver-hostpath, docker-machine-driver-harvester, longhorn-share-manager, node-feature-discovery, argo-cd, cluster-autoscaler, rancher-agent, azurefile-csi, argo-cd-fips,...

GHSA-JFVP-7X6P-H2PV vulnerabilities

Vulnerabilities for packages: kubernetes, neuvector-scanner, podman, grype, k8s-device-plugin, k3s, buildah, opentelemetry-collector-contrib, runc, grafana-alloy, docker, cadvisor, ctop, syft...

CVE-2024-45310 vulnerabilities

Vulnerabilities for packages: kubernetes, neuvector-scanner, podman, grype, k8s-device-plugin, k3s, buildah, opentelemetry-collector-contrib, runc, grafana-alloy, docker, cadvisor, ctop, syft...

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, argocd-image-updater, aws-efs-csi-driver, kubernetes-csi-driver-hostpath, kubernetes, node-feature-discovery, cluster-autoscaler, ip-masq-agent, kubernetes-fips, local-static-provisioner, aws-ebs-csi-driver-fips, spark-operator, nodetaint,...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, argocd-image-updater, aws-efs-csi-driver, kubernetes-csi-driver-hostpath, kubernetes, node-feature-discovery, cluster-autoscaler, ip-masq-agent, kubernetes-fips, local-static-provisioner, aws-ebs-csi-driver-fips, spark-operator, nodetaint,...