CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Wolfi•added 2026/04/24 7:48 p.m.•8 views

CVE-2026-32952 vulnerabilities

Vulnerabilities for packages: trufflehog, dex, cert-manager, yunikorn-k8shim, terraform, cert-manager-istio-csr, seaweedfs, gitea, percona-server-mongodb-operator, rancher, kyverno-notation-aws, grafana, rancher-agent, minio, spqr, telegraf, zot, ratify, xeol, rclone, sftpgo-plugin-auth,...

7.5CVSS5.8AI score0.01027EPSS

Wolfi•added 2026/04/24 7:48 p.m.•12 views

GHSA-PJCQ-XVWQ-HHPJ vulnerabilities

Chainguard•added 2026/04/23 7:27 p.m.•8 views

GHSA-J88V-2CHJ-QFWX vulnerabilities

Wolfi•added 2026/04/11 2:51 a.m.•7 views

GHSA-FV83-X2XW-2J55 vulnerabilities

Vulnerabilities for packages: aws-load-balancer-controller, spire-server, newrelic-k8s-metadata-injection, dbmate, goreleaser, oras, polaris, dgraph, temporal, stakater-reloader, envoy-ratelimit, flux-image-automation-controller, malcontent, tailscale, kubewatch, nova, grafana-rollout-operator,...

Wolfi•added 2026/04/11 2:51 a.m.•8 views

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: spire-server, verticadb-operator, dbmate, temporal-ui-server, secrets-store-csi-driver-provider-azure, step-kms-plugin, cert-manager, modelmesh-runtime-adapter, polaris, cosign, policy-controller, helm-mapkubeapis, envoy-ratelimit, rancher, aws-flb-cloudwatch,...

Chainguard•added 2026/04/03 7:17 p.m.•8 views

CVE-2026-34986 vulnerabilities

Vulnerabilities for packages: cloudflared-fips, kubescape-operator-fips, cerbos-fips, jitsucom-bulker, rancher-agent, elastic-agent, velero-plugin-for-gcp-fips, tfsec, apko-fips, argo-cd-fips, chainloop-cli-fips, traefik-fips, packer-fips, buildah-fips, google-guest-agent, podman-fips,...

7.5CVSS7.3AI score0.00274EPSS

RedhatCVE•added 2026/03/26 3:11 p.m.•6 views

CVE-2026-30915

SFTPGo is an open source, event-driven file transfer solution. SFTPGo versions before v2.7.1 contain an input validation issue in the handling of dynamic group paths, for example, home directories or key prefixes. When a group is configured with a dynamic home directory or key prefix using...

SUSE CVE•added 2026/03/25 12:25 a.m.•3 views

SUSE CVE-2026-30914

SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...

8.1CVSS5.9AI score0.00521EPSS

Exploits0References3

SUSE CVE•added 2026/03/25 12:25 a.m.•1 views

SUSE CVE-2026-30915

5.3CVSS5.9AI score0.00309EPSS

Exploits0References3

OSV•added 2026/03/16 8:27 p.m.•1 views

GO-2026-4697 SFTPGo improperly sanitizes placeholders in group home directories/key prefixes in github.com/drakkan/sftpgo

SFTPGo improperly sanitizes placeholders in group home directories/key prefixes in github.com/drakkan/sftpgo...

OSV•added 2026/03/16 8:27 p.m.•5 views

GO-2026-4699 SFTPGo Vulnerable to Path Traversal and Permission Bypass via Path Normalization Discrepancy in github.com/drakkan/sftpgo

SFTPGo Vulnerable to Path Traversal and Permission Bypass via Path Normalization Discrepancy in github.com/drakkan/sftpgo...

8.1CVSS5.8AI score0.00521EPSS

Exploits0References2

NVD•added 2026/03/13 7:54 p.m.•3 views

CVE-2026-30914

8.1CVSS0.00521EPSS

NVD•added 2026/03/13 7:54 p.m.•3 views

CVE-2026-30915

5.3CVSS0.00309EPSS

Cvelist•added 2026/03/13 7:4 p.m.•22 views

CVE-2026-30915 SFTPGo improperly sanitizes placeholders in group home directories/key prefixes

5.3CVSS0.00309EPSS

Vulnrichment•added 2026/03/13 7:4 p.m.•4 views

CVE-2026-30915 SFTPGo improperly sanitizes placeholders in group home directories/key prefixes

CVE•added 2026/03/13 7:4 p.m.•9 views

CVE-2026-30915

SFTPGo (open source file transfer app) before v2.7.1 is affected by an input validation issue in dynamic group paths, where placeholders like %username% are not strictly sanitized against relative path components. This can allow a crafted username to cause the substituted path for a group’s home ...