CVE-2026-32952 vulnerabilities

Vulnerabilities for packages: rancher, external-secrets-operator, yunikorn-k8shim, flux, rancher-webhook, openbao, spqr, cert-manager-istio-csr, percona-server-mongodb-operator, kyverno-notation-aws, cert-manager-csi-driver, grafana, harbor, nuclei, telegraf, xeol, terraform, cert-manager-cmctl,...

GHSA-PJCQ-XVWQ-HHPJ vulnerabilities

Vulnerabilities for packages: rancher, external-secrets-operator, yunikorn-k8shim, flux, rancher-webhook, openbao, spqr, cert-manager-istio-csr, percona-server-mongodb-operator, kyverno-notation-aws, cert-manager-csi-driver, grafana, harbor, nuclei, telegraf, xeol, terraform, cert-manager-cmctl,...

GHSA-92MM-2PJQ-R785 vulnerabilities

Vulnerabilities for packages: trivy-operator, k9s, tflint, zarf, trivy, xeol, terraform, kots, tfsec, opentofu, steampipe, zot, conftest, kubescape, snyk-cli, wolfictl, task, syft, grype, terragrunt...

CVE-2026-4660 vulnerabilities

Vulnerabilities for packages: trivy-operator, k9s, tflint, zarf, trivy, xeol, terraform, kots, tfsec, opentofu, steampipe, zot, conftest, kubescape, snyk-cli, wolfictl, task, syft, grype, terragrunt...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: envconsul, modelmesh-runtime-adapter, knative-operator, cloud-provider-azure, flux, yunikorn-k8shim, cloud-provider-vsphere, openbao, secrets-store-csi-driver, kubernetes-csi-external-health-monitor, grafana-agent-operator, redpanda, vexctl, aws-flb-kinesis,...

Fedora 43 : opentofu (2026-49b5d5c5e6)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-49b5d5c5e6 advisory. Update to 1.11.5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

CVE-2026-25499

Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...

GHSA-W2JF-268Q-MRVH vulnerabilities

Vulnerabilities for packages: opentofu...

GHSA-W2JF-268Q-MRVH vulnerabilities

Vulnerabilities for packages: opentofu...

Fedora: Security Advisory (FEDORA-2025-6968ab200a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : opentofu (2025-21b93506d5)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-21b93506d5 advisory. Update to 1.10.7 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 41 : opentofu (2025-c555ce4089)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c555ce4089 advisory. Update to 1.10.7 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Fedora 42 : opentofu (2025-6ab111452f)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-6ab111452f advisory. Update to 1.10.7 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

OPENSUSE-SU-2025:15711-1 opentofu-1.10.7-1.1 on GA media

These are all security issues fixed in the opentofu-1.10.7-1.1 package on the GA media of openSUSE Tumbleweed...

Fedora: Security Advisory (FEDORA-2025-121049bbf7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: cloud-sql-proxy, step-kms-plugin, cg, rancher-system-upgrade-controller, flux, azuredisk-csi, kubernetes-dashboard-web, timescaledb-tune, trivy, buildkitd, cluster-api, nri-redis, aws-otel-collector, kubecolor, node-problem-detector, rabbitmq-cluster-operator, opa,...

CVE-2025-8959 vulnerabilities

Vulnerabilities for packages: trivy-operator, k9s, tflint, zarf, trivy, rancher-fleet, xeol, kots, terraform, tfsec, opentofu, steampipe, zot, conftest, kubescape, snyk-cli, wolfictl, syft, grype, terragrunt...

GHSA-WJRX-6529-HCJ3 vulnerabilities

Vulnerabilities for packages: trivy-operator, k9s, tflint, zarf, trivy, rancher-fleet, xeol, kots, terraform, tfsec, opentofu, steampipe, zot, conftest, kubescape, snyk-cli, wolfictl, syft, grype, terragrunt...

CVE-2025-8959 vulnerabilities

Vulnerabilities for packages: rancher-fleet, trivy, k9s-fips, terraform, snyk-cli, conftest-fips, terragrunt, xeol, zot, cloudbeat, grype, opentofu, conftest, chainctl, opentofu-fips, syft-fips, trivy-operator-fips, terraform-fips, steampipe, wolfictl, cloudbeat-fips, tfsec, rancher-fleet-fips,...

GHSA-WJRX-6529-HCJ3 vulnerabilities

Vulnerabilities for packages: rancher-fleet, trivy, k9s-fips, terraform, snyk-cli, conftest-fips, terragrunt, xeol, zot, cloudbeat, grype, opentofu, conftest, chainctl, opentofu-fips, syft-fips, trivy-operator-fips, terraform-fips, steampipe, wolfictl, cloudbeat-fips, tfsec, rancher-fleet-fips,...