58671 matches found
MinIO Operator Console Authentication Bypass
MinIO Console is a graphical user interface for the for MinIO Operator. MinIO itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. id: CVE-2021-41266 info: name: MinIO Operator...
CVE-2026-46604 vulnerabilities
Vulnerabilities for packages: seaweedfs-fips, listmonk, gitlab-workhorse-ce, seaweedfs, seaweedfs-operator, hugo, rclone-fips, rclone, seaweedfs-operator-fips...
GHSA-QVQC-4C52-X6QP vulnerabilities
Vulnerabilities for packages: gpu-operator, guac, gpu-operator-fips...
CVE-2026-49349 vulnerabilities
Vulnerabilities for packages: gpu-operator, guac, gpu-operator-fips...
Security Bulletin: Multiple Vulnerabilities in IBM Operator for PostgreSQL
Summary Multiple vulnerabilities were addressed in IBM Operator for PostgreSQL version v28.3.3. Vulnerability Details CVEID:CVE-2026-45447 DESCRIPTION: Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: nemo, reports-server, knative-kafka-broker, gitlab-workhorse-ce-fips, drone-fips, kubevela-fips, kyverno, flux-source-controller, knative-serving-fips, zarf-fips, argocd-image-updater-fips, cloudbeat, frankenphp-8.4, gitlab-rails-ce, fscrypt, prometheus-fips, harbor,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: rootlesskit, nemo, crossplane-provider-azure-operationsmanagement, cosign, crossplane-provider-azure-spring, helmfile, pulumi-language-dotnet, reports-server, sops, nfpm, teleport-operator-fips, knative-kafka-broker, crossplane-provider-azure-orbital,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-redshiftserverless-fips, nemo, helmfile, crossplane-provider-aws-wafv2, sops, knative-kafka-broker, crossplane-provider-azure-orbital, syft-fips, crossplane-provider-aws-ram, crossplane, gitlab-cng-fips, kubevela-fips, packer,...
GHSA-QPW4-5X99-6VJP vulnerabilities
Vulnerabilities for packages: rootlesskit, nemo, pulumi-language-dotnet, reports-server, nfpm, teleport-operator-fips, knative-kafka-broker, gitlab-workhorse-ce-fips, syft-fips, drone-fips, terraform-fips, kubevela-fips, witness, packer, kyverno, flux-source-controller, knative-serving-fips,...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-redshiftserverless-fips, nemo, helmfile, crossplane-provider-aws-wafv2, sops, knative-kafka-broker, crossplane-provider-azure-orbital, syft-fips, crossplane-provider-aws-ram, crossplane, gitlab-cng-fips, kubevela-fips, packer,...
GHSA-89GR-R52H-F8RX vulnerabilities
Vulnerabilities for packages: rootlesskit, nemo, crossplane-provider-azure-operationsmanagement, cosign, crossplane-provider-azure-spring, helmfile, pulumi-language-dotnet, reports-server, sops, nfpm, teleport-operator-fips, knative-kafka-broker, crossplane-provider-azure-orbital,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: nemo, pulumi-language-dotnet, reports-server, nfpm, teleport-operator-fips, knative-kafka-broker, gitlab-workhorse-ce-fips, syft-fips, terraform-fips, kubevela-fips, witness, packer, kyverno, flux-source-controller, knative-serving-fips, zarf-fips, chainloop-cli,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: nemo, reports-server, knative-kafka-broker, gitlab-workhorse-ce-fips, drone-fips, kubevela-fips, kyverno, flux-source-controller, knative-serving-fips, zarf-fips, argocd-image-updater-fips, cloudbeat, frankenphp-8.4, gitlab-rails-ce, fscrypt, prometheus-fips, harbor,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: skaffold, sops, vault-benchmark, wolfictl, cluster-api-azure-controller, cert-manager, minio, tflint, ko, buildah, opentelemetry-collector, crossplane-provider-family-azure, nerdctl, rancher, rootlesskit, cosign, cilium, gitea, knative-serving, mattermost, kyverno,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: skaffold, sops, vault-benchmark, wolfictl, cluster-api-azure-controller, cert-manager, minio, tflint, ko, buildah, opentelemetry-collector, crossplane-provider-family-azure, nerdctl, rancher, rootlesskit, cosign, cloudflared, cilium, gitea, knative-serving,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: skaffold, vitess, snyk-cli, cilium-cli, trivy, prometheus, kots, chisel, k9s, cert-manager, minio, osv-scanner, argocd-image-updater, kaf, helm, spire-server, kubescape, opentelemetry-collector, nerdctl, kubernetes, rancher, flux, rancher-agent, loki, external-dns,...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: skaffold, sops, vault-benchmark, wolfictl, cluster-api-azure-controller, cert-manager, minio, tflint, ko, buildah, opentelemetry-collector, crossplane-provider-family-azure, nerdctl, rancher, rootlesskit, cosign, cloudflared, cilium, gitea, knative-serving,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: vitess, snyk-cli, cilium-cli, docker-cli-buildx, prometheus, kots, cert-manager, minio, kaf, helm, spire-server, buildah, opentelemetry-collector, nerdctl, kubernetes, rancher, flux, rancher-agent, loki, external-dns, istio, cilium, knative-serving, telegraf,...
CVE-2026-9640
A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...
CVE-2026-9640
A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...