CLEANSTART-2026-WA48911 authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users

Multiple security vulnerabilities affect the percona-server-mongodb-operator package. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. See...

CLEANSTART-2026-JC64695 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-26958, CVE-2026-35469, ghsa-f6x5-jh6r-wrfv, ghsa-fw7p-63qq-7hpr, ghsa-gx3x-vq4p-mhhv, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-pc3f-x583-g7j2 applied in versions: 1.16.1-r0, 1.16.1-r1, 1.18.0-r0, 1.19.0-r1

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-JO51351 Security fixes for CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-pc3f-x583-g7j2 applied in versions: 1.18.0-r0, 1.19.0-r0, 1.19.1-r0, 1.19.1-r1

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-DN20646 spdystream is a Go library for multiplexing streams over SPDY connections

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. spdystream is a Go library for multiplexing streams over SPDY connections. See references for individual vulnerability details...

GHSA-PJCQ-XVWQ-HHPJ vulnerabilities

Vulnerabilities for packages: k6, dex, cert-manager, xeol, cert-manager-cmctl, minio, rancher-webhook, kyverno, zot, kyverno-notation-aws, external-secrets-operator, opentofu, spqr, harbor, openbao, rancher-agent, sftpgo-plugin-auth, yunikorn-k8shim, flux, gitea, percona-server-mongodb-operator,...

CVE-2026-32952 vulnerabilities

Vulnerabilities for packages: k6, dex, cert-manager, xeol, cert-manager-cmctl, minio, rancher-webhook, kyverno, zot, kyverno-notation-aws, external-secrets-operator, opentofu, spqr, harbor, openbao, rancher-agent, sftpgo-plugin-auth, yunikorn-k8shim, flux, gitea, percona-server-mongodb-operator,...

CVE-2026-32952 vulnerabilities

Vulnerabilities for packages: opentofu-fips, cert-manager-openshift-routes-fips, agentbeat, percona-server-mongodb-operator-fips, ratify, telegraf, ldap2pg, percona-server-mongodb-operator, dex, rclone-fips, kyverno-fips, minio-fips, seaweedfs-rocksdb, elastic-agent, seaweedfs, trufflehog-fips,...

CLEANSTART-2026-BB70412 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability...

CLEANSTART-2026-AL68245 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. filippo. See references for individual vulnerability details...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: trivy, kiali, falcoctl, kubernetes, postgres-operator, k9s, sonobuoy-fips, percona-server-mongodb-operator-fips, cilium-fips, skaffold-fips, kube-arangodb, rke2-runtime, kots, k8ssandra-client, dynamic-localpv-provisioner, percona-server-mongodb-operator, trivy-fips,...

CLEANSTART-2026-VZ35122 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. filippo. See references for individual vulnerability details...

CLEANSTART-2026-IY92636 During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ...

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it...

CLEANSTART-2026-TZ92532 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. filippo. See references for individual vulnerability details...

CLEANSTART-2026-JZ43336 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details...

CLEANSTART-2026-AN01004 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. filippo. See references for individual vulnerability details...

CLEANSTART-2026-OP90222 filippo

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. filippo. See references for individual vulnerability details...

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

EUVD-2026-18364

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...