Lucene search
K

58707 matches found

Nuclei
Nuclei
added 14 hours ago168 views

MinIO Operator Console Authentication Bypass

MinIO Console is a graphical user interface for the for MinIO Operator. MinIO itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. id: CVE-2021-41266 info: name: MinIO Operator...

9.8CVSS7.2AI score0.46706EPSS
Exploits1References5
CVE
CVE
added 16 hours ago9 views

CVE-2025-71375

The CVE-2025-71375 issue affects the Python package picklescan (prior to 0.0.34) and stems from failure to detect the built-in function _operator.methodcaller when scanning pickle files for malicious code. This oversight allows attackers to craft pickle payloads that evade detection and can lead ...

8.1CVSS6.3AI score
Exploits0References2
EUVD
EUVD
added 16 hours ago6 views

EUVD-2025-210425

picklescan before 0.0.34 fails to detect the operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using operator.methodcaller that evade detection and execute arbitrary code when loaded by pickle.load...

8.1CVSS6.3AI score
Exploits0References2
CVE
CVE
added 16 hours ago6 views

CVE-2025-71373

CVE-2025-71373 : picklescan before 0.0.33 fails to detect operator.methodcaller calls in pickle files, allowing remote attackers to craft payloads that execute arbitrary code when loaded, compromising systems relying on picklescan for validation.

8.1CVSS6.3AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 16 hours ago6 views

CVE-2025-71373

picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle payloads using operator.methodcaller that execute arbitrary code when loaded, compromising systems relying on...

8.1CVSS6.3AI score
Exploits0References3
EUVD
EUVD
added 16 hours ago7 views

EUVD-2025-210424

picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle payloads using operator.methodcaller that execute arbitrary code when loaded, compromising systems relying on...

8.1CVSS6.3AI score
Exploits0References2
CVE
CVE
added 16 hours ago5 views

CVE-2025-71367

CVE-2025-71367 affects picklescan before 0.0.34. The root cause is a failure to detect _operator.attrgetter calls inside pickle payloads, allowing remote attackers to craft malicious pickle files using _operator.attrgetter in reduce methods and achieve arbitrary code execution when pickle.load() ...

8.1CVSS6.3AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 16 hours ago5 views

CVE-2025-71367

picklescan before 0.0.34 fails to detect operator.attrgetter function calls in pickle payloads, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using operator.attrgetter in reduce methods to execute arbitrary code when pickle.load processes the file...

8.1CVSS6.3AI score
Exploits0References3
EUVD
EUVD
added 16 hours ago7 views

EUVD-2025-210421

picklescan before 0.0.34 fails to detect operator.attrgetter function calls in pickle payloads, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using operator.attrgetter in reduce methods to execute arbitrary code when pickle.load processes the file...

8.1CVSS6.3AI score
Exploits0References2
Chainguard
Chainguard
added yesterday4 views

GHSA-XV9W-7V6Q-HPJH vulnerabilities

Vulnerabilities for packages: kube-logging-operator...

5.9AI score
Exploits0
Chainguard
Chainguard
added yesterday4 views

CVE-2026-44162 vulnerabilities

Vulnerabilities for packages: kube-logging-operator...

5.9AI score
Exploits0
Chainguard
Chainguard
added yesterday3 views

GHSA-Q675-QJ96-32M9 vulnerabilities

Vulnerabilities for packages: seaweedfs-rocksdb, seaweedfs-fips, seaweedfs, seaweedfs-operator-fips, seaweedfs-operator, gitlab-workhorse-ce, seaweedfs-rocksdb-fips...

5.9AI score
Exploits0
Wolfi
Wolfi
added yesterday4 views

CVE-2026-44162 vulnerabilities

Vulnerabilities for packages: kube-logging-operator...

5.9AI score
Exploits0
Wolfi
Wolfi
added yesterday5 views

GHSA-XV9W-7V6Q-HPJH vulnerabilities

Vulnerabilities for packages: kube-logging-operator...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-11769

A flaw was found in the Grafana Operator. This vulnerability allows a malicious user, who can create Dashboard or LibraryPanel resources for a Grafana instance, to exploit a path traversal issue within the jsonnet data templating language. This exploitation can lead to privilege escalation and...

8.8CVSS5.7AI score0.00361EPSS
Exploits0References4
Chainguard
Chainguard
added 2 days ago7 views

GHSA-9R4W-JG96-92MV vulnerabilities

Vulnerabilities for packages: tbot, teleport-operator-fips, teleport...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2 days ago4 views

GHSA-VH4V-2XQ2-G5CG vulnerabilities

Vulnerabilities for packages: xeol-fips, steampipe, falcoctl-fips, kots, kubescape-operator-fips, vcluster-fips, k8ssandra-client-fips, zarf, kyverno-notation-aws-fips, gitness, opentofu-fips, kube-arangodb, kubescape-server-fips, chartmuseum-fips, cloudbeat, kyverno-notation-aws, conftest-fips,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2 days ago6 views

GHSA-8XWF-RJM4-XVHV vulnerabilities

Vulnerabilities for packages: xeol-fips, steampipe, falcoctl-fips, kots, kubescape-operator-fips, vcluster-fips, k8ssandra-client-fips, zarf, kyverno-notation-aws-fips, gitness, opentofu-fips, kube-arangodb, kubescape-server-fips, chartmuseum-fips, cloudbeat, kyverno-notation-aws, conftest-fips,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2 days ago5 views

GHSA-XF85-363P-868W vulnerabilities

Vulnerabilities for packages: xeol-fips, steampipe, falcoctl-fips, kots, kubescape-operator-fips, vcluster-fips, k8ssandra-client-fips, zarf, kyverno-notation-aws-fips, gitness, opentofu-fips, kube-arangodb, kubescape-server-fips, chartmuseum-fips, cloudbeat, kyverno-notation-aws, conftest-fips,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2 days ago5 views

CVE-2026-50162 vulnerabilities

Vulnerabilities for packages: xeol-fips, steampipe, falcoctl-fips, kots, kubescape-operator-fips, vcluster-fips, k8ssandra-client-fips, zarf, kyverno-notation-aws-fips, gitness, opentofu-fips, kube-arangodb, kubescape-server-fips, chartmuseum-fips, cloudbeat, kyverno-notation-aws, conftest-fips,...

5.9AI score
Exploits0
Rows per page
Query Builder