CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 2026/05/01 9:30 a.m.•5 views

OpenStack Ironic Python Agent Includes Functionality from Untrusted Control Sphere

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

Exploits0References4Affected Software1

Snyk•added 2026/05/01 9:30 a.m.•3 views

Unsafe Dependency Resolution

Overview ironic-python-agent is an Ironic Python Agent Ramdisk Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the grub-install process. An attacker can achieve code execution by providing a malicious partition image that is deployed and subsequently chrooted ...

8.5CVSS6.2AI score0.0006EPSS

OSV•added 2026/05/01 9:30 a.m.•1 views

GHSA-RMXR-45GJ-889W OpenStack Ironic Python Agent Includes Functionality from Untrusted Control Sphere

NVD•added 2026/05/01 9:16 a.m.•1 views

Exploits0References4

CVE-2026-43003

8CVSS0.0006EPSS

OSV•added 2026/05/01 9:16 a.m.•2 views

UBUNTU-CVE-2026-43003

UbuntuCve•added 2026/05/01 9:16 a.m.•1 views

CVE-2026-43003

8CVSS5.9AI score0.0006EPSS

EUVD•added 2026/05/01 12:0 a.m.•2 views

EUVD-2026-26489

Vulnrichment•added 2026/05/01 12:0 a.m.•1 views

CVE-2026-43003

CNNVD•added 2026/05/01 12:0 a.m.•6 views

OpenStack ironic-python-agent 安全漏洞

OpenStack ironic-python-agent is an open-source proxy program for bare metal nodes in OpenStack. There are security vulnerabilities in the version of OpenStack ironic-python-agent from 1.0.0 to 11.5.0. These vulnerabilities stem from the execution of grub-install within a chroot environment, whic...

8CVSS6AI score0.0006EPSS

Exploits0References1

Cvelist•added 2026/05/01 12:0 a.m.•25 views

CVE-2026-43003

8CVSS0.0006EPSS

CVE•added 2026/05/01 12:0 a.m.•4 views

CVE-2026-43003

CVE-2026-43003 affects OpenStack Ironic Python Agent (IPA) versions 1.0.0 through 11.5.0. The issue arises when IPA sometimes executes grub-install from within a chroot of the deployed partition image, enabling code execution in the presence of a malicious image. The CVSSv3.1 metrics indicate a h...

Exploits0References2Affected Software1

Positive Technologies•added 2026/05/01 12:0 a.m.•2 views

PT-2026-36307

Name of the Vulnerable Software and Affected Versions OpenStack ironic-python-agent versions 1.0.0 through 11.5.0 Description Ironic Python Agent IPA may execute the grub-install function from within a chroot of the deployed partition image. This behavior can lead to arbitrary code execution if a...

8CVSS6.4AI score0.0006EPSS

Exploits0References6

Debian CVE•added 2026/05/01 12:0 a.m.•2 views

CVE-2026-43003

Securelist•added 2026/02/11 2:0 p.m.•2 views

Exploits0

The game is over: when “free” comes at too high a price. What we know about RenEngine

We often describe cases of malware distribution under the guise of game cheats and pirated software. Sometimes such methods are used to spread complex malware that employs advanced techniques and sophisticated infection chains. In February 2026, researchers from Howler Cell announced the discover...

6AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-0048

Malware in sbrugna...

7.2CVSS7.1AI score0.00211EPSS

Exploits0References6

OSV•added 2024/09/06 1:15 a.m.•4 views

DEBIAN-CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

4.3CVSS6.5AI score0.00274EPSS

Exploits0References1

OSV•added 2024/09/06 1:15 a.m.•16 views

CVE-2024-44082

6.3AI score

NVD•added 2024/09/06 1:15 a.m.•20 views

CVE-2024-44082

4.3CVSS0.00274EPSS