CVE-2026-42457

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulnerability via the name field of a templateRef. This can lead to the execution of arbitrary external...

CVE-2026-42457

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulnerability via the name field of a templateRef. This can lead to the execution of arbitrary external...

EUVD-2026-30301

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulnerability via the name field of a templateRef. This can lead to the execution of arbitrary external...

ROS-20260327-73-0017

Vulnerability in golang related to the use of a name with an invalid reference. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-31967

HTSlib CVE-2026-31967 concerns the CRAM reader: in cram_decode_slice(), the mate reference id is not validated, which can lead to out-of-bounds reads when mapping to reference names and potentially writing invalid data into SAM records. This can leak program state information or cause a crash. Af...

CVE-2025-68299

In the Linux kernel, the following vulnerability has been resolved: afs: Fix delayed allocation of a cell's anonymous key The allocation of a cell's anonymous key is done in a background thread along with other cell setup such as doing a DNS upcall. In the reported bug, this is triggered by...

CVE-2025-68299 afs: Fix delayed allocation of a cell's anonymous key

In the Linux kernel, the following vulnerability has been resolved: afs: Fix delayed allocation of a cell's anonymous key The allocation of a cell's anonymous key is done in a background thread along with other cell setup such as doing a DNS upcall. In the reported bug, this is triggered by...

CVE-2025-68299 afs: Fix delayed allocation of a cell's anonymous key

In the Linux kernel, the following vulnerability has been resolved: afs: Fix delayed allocation of a cell's anonymous key The allocation of a cell's anonymous key is done in a background thread along with other cell setup such as doing a DNS upcall. In the reported bug, this is triggered by...

CVE-2025-68299

The CVE-2025-68299 entry relates to Linux kernel afs: the delayed allocation of a cell’s anonymous key. A background thread allocated the anonymous key during cell setup, and a bug could trigger oops when afs_parse_source() passes a cell name to afs_lookup_cell() and a key reference is not yet se...

The vulnerability of the Microsoft Visual Studio software lies in the use of a name with an incorrect reference. This allows attackers to write arbitrary files into the system.

The vulnerability of the Microsoft Visual Studio software relates to the use of a name with an incorrect reference. Exploiting this vulnerability could allow a malicious actor to write arbitrary files into the system remotely...

The vulnerability of cloud-based software for creating and using Nextcloud data storage allows a hacker to induce a service failure.

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions is related to the use of a name with an incorrect reference. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability in the checkout.c component of the Git method implementation in the Libgit2 C language allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the checkout.c component, which implements Git methods in the C language using Libgit2, is related to the use of a name with an incorrect reference. Exploiting this vulnerability allows an attacker who operates remotely to access confidential data, compromise its integrity, a...

The vulnerability of the configuration comparison function of the software tool for interacting with servers via CURL, related to the use of a name with an incorrect reference, allows attackers to access confidential data.

The vulnerability of the configuration comparison function of the software tool for interacting with servers via CURL is related to the comparison of paths without considering registrations. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data...