CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: opa, kubescape-operator-fips, gitlab-rails-ce, helm-fips, docker-cli-buildx-fips, helm-mapkubeapis, k8ssandra-client, kaniko-fips, neuvector-scanner, rancher-agent, tw, teleport, cloudbeat-fips, newrelic-infrastructure-agent, cg, headlamp, manifest-tool, eksctl, helm...

GHSA-CRHJ-59GH-8X96 vulnerabilities

Vulnerabilities for packages: gitaly-fips, gitlab-rails-ce, cerbos-fips, kyverno, nemo, kaniko-fips, teleport, cloudbeat-fips, cg, guac, tfsec, apko-fips, argo-cd-fips, chainloop-cli-fips, argocd-image-updater-fips, mapotf, external-secrets-operator, snyk-cli, packer-fips, trivy, bom, gomplate,...

GHSA-M7CR-M3PV-HGRP vulnerabilities

Vulnerabilities for packages: gitaly-fips, gitlab-rails-ce, cerbos-fips, kyverno, nemo, kaniko-fips, teleport, cloudbeat-fips, cg, guac, tfsec, apko-fips, argo-cd-fips, chainloop-cli-fips, argocd-image-updater-fips, mapotf, external-secrets-operator, snyk-cli, packer-fips, trivy, bom, gomplate,...

CVE-2026-45571 vulnerabilities

Vulnerabilities for packages: gitaly-fips, gitlab-rails-ce, cerbos-fips, kyverno, nemo, kaniko-fips, teleport, cloudbeat-fips, cg, guac, tfsec, apko-fips, argo-cd-fips, chainloop-cli-fips, argocd-image-updater-fips, mapotf, external-secrets-operator, snyk-cli, packer-fips, trivy, bom, gomplate,...

CVE-2026-32285 vulnerabilities

Vulnerabilities for packages: terragrunt, kubevela, goreleaser, k8sgpt, nfpm, dgraph, malcontent, opentelemetry-collector, tempo, grafana, grafana-alloy, minio, loki, k3s, cri-tools, dagger, rclone, terraform-mcp-server, nuclei, gitlab-runner, lazygit, opentelemetry-collector-contrib, redpanda,...

CVE-2023-50976

Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API...

EUVD-2023-34868

Malicious code in bioql PyPI...

EUVD-2023-55703

Malicious code in bioql PyPI...

EUVD-2023-28634

Malicious code in bioql PyPI...

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: supercronic, direnv, databricks-cli-fips, kubescape-operator-fips, cerbos-fips, jitsucom-bulker, rancher-agent, eck-operator, apko-fips, argo-cd-fips, eksctl, ini-file, qemu-guesthelper, tigera-operator-fips, polaris-fips, cluster-api-ipam-provider-in-cluster,...

CVE-2023-30450

rpk in Redpanda before 23.1.2 mishandles the redpanda.rpcservertls field, leading to for example situations in which there is a data type mismatch that cannot be automatically fixed by rpk, and instead a user must reconfigure while a cluster is turned off in order to have TLS on broker RPC ports...

CVE-2023-24619

Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk binary logs an AWS Access Key ID and Secret in cleartext to standard output, allowing a local user to view the key in the console, or in Kubernetes logs if stdout output is collected. The fixed versio...

CVE-2023-50976

Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API...

CVE-2023-50976

Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API...

Authorization

Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API...

Redpanda Security Vulnerabilities

Redpanda is a streaming data platform for developers. It is compatible with the Kafka API. Redpanda has a security vulnerability that stems from a lack of authorization checks in the Transactions API. Affected products and versions: Redpanda versions before 23.1.21, 23.2.x versions before 23.2.18...

CVE-2023-50976

Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API...

PT-2023-31716 · Redpanda · Redpanda

Name of the Vulnerable Software and Affected Versions: Redpanda versions prior to 23.1.21 Redpanda versions 23.2.x prior to 23.2.18 Description: The issue is related to missing authorization checks in the "Transactions API". This could potentially allow unauthorized access or actions...

CVE-2023-50976

Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API...

CVE-2023-50976

CVE-2023-50976 affects Redpanda before 23.1.21 and 23.2.x before 23.2.18. The issue is missing authorization checks in the Transactions API, as stated by multiple sources (Redpanda/Redpanda PRs and security portals). Impact is implied as high due to authorization gaps, but the connected documents...