Lucene search
K

483 matches found

RedhatCVE
RedhatCVE
added yesterday6 views

CVE-2026-15584

A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes...

7.5CVSS6AI score
Exploits0References3
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43087

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References11
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-55175 Spinnaker: Improper yaml processing on kustomize bake operations

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS0.00615EPSS
Exploits0References11
NVD
NVD
added 6 days ago7 views

CVE-2026-15063

A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...

6.3CVSS0.00184EPSS
Exploits0References2
Fedora
Fedora
added 2026/07/07 1:10 a.m.10 views

[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.2-1.fc43

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

9.1CVSS6.8AI score0.00651EPSS
Exploits1
Fedora
Fedora
added 2026/07/07 12:51 a.m.15 views

[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.2-1.fc44

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

9.1CVSS6.8AI score0.00651EPSS
Exploits1
OSV
OSV
added 2026/06/30 6:20 p.m.3 views

GHSA-M63V-2G9W-2W6V Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation

Summary A follow-up bypass of the round-4 PodSpec hardening GHSA-gx55-f84r-v3r7, GHSA-wmgg-3p4h-48x7, GHSA-v455-mv2v-5g92. Those advisories validate and sanitize the PodSpec spec.runtime.podSpec / spec.builder.podSpec / function.spec.podSpec, but the Environment CRD also exposes...

9.9CVSS5.8AI score0.0029EPSS
Exploits0References6
OSV
OSV
added 2026/06/30 6:18 p.m.4 views

GHSA-WMGG-3P4H-48X7 Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover

Summary A stronger framing of the same root cause as GHSA-gx55-f84r-v3r7: the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough lacked validation, and MergePodSpec propagated dangerous fields into the generated pods. Details Three independent flaws compounded: 1. Validate gap...

9.9CVSS5.8AI score0.003EPSS
Exploits0References8
Fedora
Fedora
added 2026/06/29 1:11 a.m.10 views

[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.1-1.fc43

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
Fedora
Fedora
added 2026/06/29 12:58 a.m.6 views

[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.1-1.fc44

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
NVD
NVD
added 2026/06/16 10:16 a.m.19 views

CVE-2026-54191

Unauthenticated Cross Site Scripting XSS in Pods = 3.3.8 versions...

7.1CVSS0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.10 views

EUVD-2026-37053

Unauthenticated Cross Site Scripting XSS in Pods = 3.3.8 versions...

7.1CVSS5.2AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.35 views

CVE-2026-54191 WordPress Pods plugin <= 3.3.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Pods = 3.3.8 versions...

7.1CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.23 views

CVE-2026-54191

CVE-2026-54191 corresponds to an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Pods plugin, affecting versions ≤ 3.3.8. The provided sources identify the affected product/version and describe the issue as XSS that can be triggered without authentication, with a CVSSv3....

7.1CVSS5.1AI score0.00146EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 6:17 p.m.16 views

CVE-2026-50565

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission builder pods were created with ServiceAccountName: fission-builder and no AutomountServiceAccountToken: false, so the...

4.9CVSS0.00255EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 5:28 p.m.8 views

CVE-2026-50565 Fission builder pods auto-mount the fission-builder ServiceAccount token in the user-supplied builder container

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission builder pods were created with ServiceAccountName: fission-builder and no AutomountServiceAccountToken: false, so the...

4.9CVSS5.4AI score0.00255EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:28 p.m.24 views

CVE-2026-50565

CVE-2026-50565 affects Fission (Kubernetes-native serverless framework). Before v1.24.0, builder pods were created with ServiceAccountName: fission-builder and AutomountServiceAccountToken was not disabled, causing the kubelet to auto-mount the service-account token into every container in the po...

4.9CVSS5.4AI score0.00255EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:27 p.m.28 views

CVE-2026-50564 Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs fo...

9.9CVSS0.00274EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 5:27 p.m.22 views

CVE-2026-50564 Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs fo...

9.9CVSS5.4AI score0.00274EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:27 p.m.39 views

CVE-2026-50564

CVE-2026-50564 concerns Fission’s Environment CRD prior to version 1.24.0, where spec.runtime.podSpec and spec.builder.podSpec were merged into runtime/builder pod specs without filtering. This allowed propagation of hostNetwork, hostPID, hostIPC, container privileged, and serviceAccountName from...

9.9CVSS5.5AI score0.00274EPSS
Exploits0References3
Rows per page
Query Builder