CVE-2026-41506 vulnerabilities

Vulnerabilities for packages: trivy, commercial-chainloop-cli, cerbos, grype, terragrunt-fips, crossplane-fips, tfsec, k9s, grype-fips, skaffold-fips, osv-scanner, snyk-cli, scorecard, kots, trivy-fips, chainloop-cli-fips, kubevela-fips, kyverno-fips, pulumi-kubernetes-operator, kaniko-fips,...

GHSA-265R-HFXG-FHMG vulnerabilities

Vulnerabilities for packages: docker-cli-buildx, ctop, kubevela, opa, k8sgpt, buildkitd, chartmuseum, melange, docker-compose, neuvector-scanner, rancher-fleet, envoy-gateway, trivy, newrelic-infrastructure-agent, zot, grype, nerdctl, kargo, k3s, xeol, k8ssandra-client, fuse-overlayfs-snapshotter...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: fulcio-fips, php-fpmexporter, vertical-pod-autoscaler-fips, rabbitmq-default-user-credential-updater, kubernetes-dashboard-metrics-scraper, kubernetes, tfsec, cilium-fips, http-echo, prometheus-alertmanager-fips, cfssl, scorecard, litefs, coredns, tigera-operator-fip...

Google Launches OSV-Scanner Tool to Identify Open Source Vulnerabilities

Google on Tuesday announced the open source availability of OSV-Scanner, a scanner that aims to offer easy access to vulnerability information about various projects. The Go-based tool, powered by the Open Source Vulnerabilities OSV database, is designed to connect "a project's list of dependenci...