CVE-2026-39821 affecting package opa for versions less than 0.63.0-4

CVE-2026-39821 affecting package opa for versions less than 0.63.0-4. A patched version of the package is available...

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: docker-compose, tw, xeol, tigera-operator, cluster-api-helm-controller, neuvector-scanner, trivy-operator, kubescape-operator, grype, datadog-agent, gogatekeeper, k8sgpt, kargo, kaniko, kube-arangodb, k9s, linkerd2, rancher-agent, steampipe, fuse-overlayfs-snapshotte...

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: helm-push, zot, helm-operator, tw, trivy-fips, skaffold, cluster-api-helm-controller-fips, docker-compose, manifest-tool, consul-k8s-fips, kaniko, tigera-operator, helm, opa, kargo, helm-set-status, neuvector-scanner-fips, spegel-fips, docker-cli-buildx,...

OPENSUSE-SU-2026:10755-1 opa-1.16.2-1.1 on GA media

These are all security issues fixed in the opa-1.16.2-1.1 package on the GA media of openSUSE Tumbleweed...

actix-web-opentelemetry (>=0.2.0 <=0.17.0), alopex-dataframe (=0.2.0) +197 more potentially affected by CVE-2026-43868 via thrift (>=0.0.4 <=0.17.0)

thrift CARGO version =0.0.4, =0.2.0, =0.3.0, =0.3.5, =0.3.5, =0.2.0, =0.7.0, =0.1.0, =0.1.0, =0.32.1, =0.2.1, =0.5.0 and more Source cves: CVE-2026-43868 Source advisory: OSV:GHSA-2F9F-GQ7V-9H6M...

org.apache.polaris:polaris-admin (>=1.0.0-incubating <=1.4.0), org.apache.polaris:polaris-api-catalog-service (>=1.0.0-incubating <=1.4.0) +23 more potentially affected by CVE-2026-42811 via org.apache.polaris:polaris-core (>=1.0.0-incubating <=1.4.0)

org.apache.polaris:polaris-core MAVEN version =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.3.0-incubating, =1.3.0-incubating, =1.1.0-incubating, =1.1.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.4.0 and more Source...

org.apache.polaris:polaris-extensions-auth-opa-tests (>=1.3.0-incubating <=1.4.0), org.apache.polaris:polaris-runtime-spark-tests (>=1.0.0-incubating <=1.4.0) +3 more potentially affected by CVE-2026-42812 via org.apache.polaris:polaris-runtime-service (>=1.0.0-incubating <=1.4.0)

org.apache.polaris:polaris-runtime-service MAVEN version =1.0.0-incubating, =1.3.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.4.0 Source cves: CVE-2026-42812 Source advisory: SNYK:JAVA-ORGAPACHEPOLARIS-16422548...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: flannel, slsa-verifier, vexctl, vault-benchmark, docker-machine-driver-harvester, xeol, argo-rollouts, cue, kubescape-operator, aws-node-termination-handler, crossplane-provider-azure-authorization, ingress-nginx-controller, cluster-api-provider-vsphere,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: flannel, slsa-verifier, vexctl, postgres-operator, kargo, dataplaneapi, kine, falco-no-driver, terraform-provider-azapi, aws-flb-kinesis, polaris, bazelisk, aws-sigv4-proxy, kots, nri-nginx, knative-eventing, prometheus, kubernetes-dashboard-metrics-scraper,...

CVE-2025-11065 affecting package opa for versions less than 0.63.0-3

CVE-2025-11065 affecting package opa for versions less than 0.63.0-3. A patched version of the package is available...

CVE-2025-11065 affecting package opa for versions less than 0.63.0-6

CVE-2025-11065 affecting package opa for versions less than 0.63.0-6. A patched version of the package is available...

GHSA-8FJ7-8H3W-XWFM vulnerabilities

Vulnerabilities for packages: zot, rancher-support-bundle-kit, src, terraform-provider-aws-fips, crossplane-provider-aws-kms, traefik, nova-fips, syncthing-fips, kyverno-policy-reporter-fips, omni, kube-logging-operator, grafana-mimir, helm-diff-fips, apko, kubo-fips, apm-server,...

CVE-2026-27141 vulnerabilities

Vulnerabilities for packages: zot, rancher-support-bundle-kit, src, terraform-provider-aws-fips, crossplane-provider-aws-kms, traefik, nova-fips, syncthing-fips, kyverno-policy-reporter-fips, omni, kube-logging-operator, grafana-mimir, helm-diff-fips, apko, kubo-fips, apm-server,...

CVE-2026-26205 vulnerabilities

Vulnerabilities for packages: opa-envoy...

GHSA-9F29-V6MM-PW6W vulnerabilities

Vulnerabilities for packages: opa-envoy...

GHSA-9F29-V6MM-PW6W vulnerabilities

Vulnerabilities for packages: opa-fips-envoy, opa-envoy...

CVE-2026-26205 vulnerabilities

Vulnerabilities for packages: opa-fips-envoy, opa-envoy...

GO-2026-4506 opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in input.parsed_path in github.com/open-policy-agent/opa-envoy-plugin

opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in input.parsedpath in github.com/open-policy-agent/opa-envoy-plugin...

CVE-2026-26205

opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as...

CVE-2026-26205

opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as...