k8sGPT has Prompt Injection through its k8sGPT-Operator

Summary In the auto-remediation pipeline, objecttoexecution.go was deserializing the AI-generated YAML directly into a Deployment object, but there was lack of validation from the original Deployment object. Details This issue was fixed after coordination with Alex Jones. PoC To minimize the...

Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource

Impact A developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace — production database credentials, API keys, service tokens — with a single kubectl apply. The operator reads the victim's secret using its ClusterRole and write...

Information Disclosure

github.com/authzed/spicedb is vulnerable to Information Disclosure. The vulnerability is due to the exclusion operator in the authorization schema, where a large payload can cause the WriteRelationships call to fail silently, and incorrect permission check results are returned, allowing attackers...

PT-2026-20223

IBM MQ Operator SC2 v3.2.0–3.8.1, LTS v2.0.0–2.0.29 and IBM‑supplied MQ Advanced container images across affected SC2, CD, and LTS 9.3.x–9.4.x releases contain a vulnerability where log messages are not properly neutralized before being written to log files. This flaw could allow an unauthorized...

CVE-2024-39742

IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication under certain configurations due to a partial string comparison vulnerability. IBM X-Force ID: 297169...

GO-2025-4093 MARIN3R: Cross-Namespace Vulnerability in the Operator in github.com/3scale-sre/marin3r

MARIN3R: Cross-Namespace Vulnerability in the Operator in github.com/3scale-sre/marin3r...

EUVD-2021-1363

Malware in sbrugna...

EUVD-2020-17346

Malware in sbrugna...

EUVD-2024-2358

Malicious code in bioql PyPI...

SUSE CVE-2025-55196

External Secrets Operator is a Kubernetes operator that integrates external secret management systems. From version 0.15.0 to before 0.19.2, a vulnerability was discovered where the List calls for Kubernetes Secret and SecretStore resources performed by the PushSecret controller did not apply a...

CVE-2025-55196 External Secrets Operator Missing Namespace Restriction in PushSecret and SecretStore List() Calls Allows Unauthorized Secret Access

External Secrets Operator is a Kubernetes operator that integrates external secret management systems. From version 0.15.0 to before 0.19.2, a vulnerability was discovered where the List calls for Kubernetes Secret and SecretStore resources performed by the PushSecret controller did not apply a...

Red Hat File Integrity Operator 安全漏洞

Red Hat File Integrity Operator is a file integrity checking software from Red Hat. A security vulnerability exists in Red Hat File Integrity Operator versions prior to 0.15.2, which stems from a usersetup script that improperly modifies the permissions of the /etc/passwd file, which could result...

CVE-2025-24286

A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code...

CVE-2025-24286

CVE-2025-24286 affects Veeam Backup & Replication (12.x) where an authenticated user with the Backup Operator role can modify backup jobs, potentially enabling arbitrary code execution. The Red Hat/NC SC engagement notes and other sources corroborate this as a vulnerability in the backup server t...

CVE-2025-2786

A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...

PT-2025-14478

Name of the Vulnerable Software and Affected Versions Tempo Operator affected versions not specified Description A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allow...

The vulnerability of the IBM MQ Operator software, which manages containerized environments, stems from the use of cryptographic algorithms that contain defects. This allows attackers to exploit these vulnerabilities to disclose protected information.

The vulnerability of the IBM MQ Operator, a software tool for managing containerized environments, is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose protected information...

IBM MQ Operator Denial of Service Vulnerability

IBM MQ Operator is a tool from International Business Machines IBM for managing the lifecycle of IBM MQ Queue Manager. A denial of service vulnerability exists in IBM MQ Operator versions 2.0.26 and 3.2.4, which stems from improper memory allocation and can be exploited by an attacker to cause a...

PT-2024-36825 · Unknown · Fence Agents Remediation Operator

Name of the Vulnerable Software and Affected Versions: Fence Agents Remediation operator affected versions not specified Description: A flaw was found in the Fence Agents Remediation operator, allowing a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the...

dahaboo.com Cross Site Scripting vulnerability OBB-3930457

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...