CLEANSTART-2026-JC64695 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-26958, CVE-2026-35469, ghsa-f6x5-jh6r-wrfv, ghsa-fw7p-63qq-7hpr, ghsa-gx3x-vq4p-mhhv, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-pc3f-x583-g7j2 applied in versions: 1.16.1-r0, 1.16.1-r1, 1.18.0-r0, 1.19.0-r1

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-JO51351 Security fixes for CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-pc3f-x583-g7j2 applied in versions: 1.18.0-r0, 1.19.0-r0, 1.19.1-r0, 1.19.1-r1

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-DN20646 spdystream is a Go library for multiplexing streams over SPDY connections

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. spdystream is a Go library for multiplexing streams over SPDY connections. See references for individual vulnerability details...

GHSA-PJCQ-XVWQ-HHPJ vulnerabilities

Vulnerabilities for packages: openbao, telegraf, xeol, percona-server-mongodb-operator, cert-manager-istio-csr, rancher-webhook, k6, gitea, trufflehog, external-secrets-operator, harbor, grafana, kyverno, rancher-agent, minio, opentofu, zot, rclone, dex, nuclei, flux-source-controller, flux,...

CVE-2026-32952 vulnerabilities

Vulnerabilities for packages: openbao, telegraf, xeol, percona-server-mongodb-operator, cert-manager-istio-csr, rancher-webhook, k6, gitea, trufflehog, external-secrets-operator, harbor, grafana, kyverno, rancher-agent, minio, opentofu, zot, rclone, dex, nuclei, flux-source-controller, flux,...

CVE-2026-32952 vulnerabilities

Vulnerabilities for packages: seaweedfs, rclone, cloudbeat-fips, spqr, yunikorn-k8shim, openbao, ldap2pg, harbor, rancher-agent, harbor-fips, flux-source-controller-fips, opentofu-fips, grafana-fips, gitlab-runner, versitygw, beats-fips, external-secrets-operator, seaweedfs-fips,...

CLEANSTART-2026-BB70412 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability...

CLEANSTART-2026-AL68245 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. filippo. See references for individual vulnerability details...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: emissary, tigera-operator-fips, zarf, k8sgpt-operator, linkerd2, cri-tools, istio-fips, cloudbeat-fips, kots, rancher-agent, trident, cluster-api-fips, cloudnative-pg-fips, dynamic-localpv-provisioner, dynamic-localpv-provisioner-fips, aws-node-termination-handler,...

CLEANSTART-2026-VZ35122 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. filippo. See references for individual vulnerability details...

CLEANSTART-2026-IY92636 During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ...

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it...

CLEANSTART-2026-TZ92532 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. filippo. See references for individual vulnerability details...

CLEANSTART-2026-JZ43336 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details...

CLEANSTART-2026-AN01004 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. filippo. See references for individual vulnerability details...

CLEANSTART-2026-OP90222 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. filippo. See references for individual vulnerability details...

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

EUVD-2026-18364

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

PT-2026-29794

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...