CVE-2026-33814 vulnerabilities

Vulnerabilities for packages: terraform, trust-manager, victoriametrics-cluster, terraform-provider-kubernetes, bank-vaults, influx, helm-set-status, opentofu, aws-flb-kinesis, kapp, rancher-system-upgrade-controller, gitaly, azuredisk-csi, cass-operator, helm-push, newrelic-nri-statsd,...

CVE-2026-33814 vulnerabilities

Vulnerabilities for packages: wave, k8s-device-plugin, knative-net-istio-fips, kubo, kueue-fips, mig-parted-fips, crossplane-provider-family-azure, bento, k6, rancher-fleet-fips, sftpgo, traefik-fips, aws-flb-firehose, addon-resizer, eks-distro-fips, kubedock, pulumi-kubernetes-operator,...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: falcoctl, kiali, juicefs-csi-driver, k8sgpt-operator, cri-tools, cilium-cli, rancher-fleet, hubble, k9s, istio, rancher-agent, k8sgpt, cert-manager-istio-csr, kubernetes-dashboard-api, sonobuoy, terraform-provider-kubernetes, cilium, argo-cd, gitlab-kas,...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: kcp-fips-0.29, rancher-fleet-fips, linkerd2-fips, eks-distro-fips, rancher-agent, cloudnative-pg, terraform-provider-kubernetes, percona-xtradb-cluster-operator-fips, kubescape-server-fips, kubescape-server, linkerd2, juicefs-csi-driver, kiali-fips, vcluster,...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: gcsfuse, wal-g, litestream, runc, net-kourier, kine, cilium-cli, memcached-exporter, terraform, authservice, kubeflow-katib, mattermost, modelmesh-runtime-adapter, aws-flb-cloudwatch, step-kms-plugin, minio-object-browser, terraform-provider-kubernetes,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: kine, oras, memcached-exporter, terraform, victoriametrics-cluster, kubeflow-katib, terraform-provider-kubernetes, rancher-loglevel, bank-vaults, influx, rancher-telemetry, helm-set-status, opentofu, aws-flb-kinesis, kapp, rancher-system-upgrade-controller, spegel,...

GHSA-HFVC-G4FC-PQHX vulnerabilities

Vulnerabilities for packages: gcsfuse, tfsec, kine, op-geth, k8sgpt, kubernetes-dns-node-cache, flux-source-controller, bank-vaults, harbor, kubescape-operator, secrets-store-csi-driver, blob-csi, knative-operator, opentofu, gitness, percona-server-mongodb-operator, dagger, kuma, sftpgo, gitaly,...

GHSA-HFVC-G4FC-PQHX vulnerabilities

Vulnerabilities for packages: kubo, knative-net-istio-fips, bento, k6, sftpgo, traefik-fips, pulumi-kubernetes-operator, eks-distro-fips, livekit-server, backup-restore-operator, prometheus-adapter, kubernetes-csi-external-snapshotter, loki, cerbos, falco-no-driver, elastic-agent, gomplate-fips,...

CVE-2026-39883 vulnerabilities

Vulnerabilities for packages: kubo, knative-net-istio-fips, bento, k6, sftpgo, traefik-fips, pulumi-kubernetes-operator, eks-distro-fips, livekit-server, backup-restore-operator, prometheus-adapter, kubernetes-csi-external-snapshotter, loki, cerbos, falco-no-driver, elastic-agent, gomplate-fips,...

CVE-2026-28799 PJSIP: Heap use-after-free in PJSIP presence subscription termination handler

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework evsub.c that is triggered during presence unsubscription SUBSCRIBE with Expires=0. This issue has been patched i...

GHSA-RJCG-56PH-3QVG vulnerabilities

Vulnerabilities for packages: oras, terraform, terraform-provider-kubernetes, rancher-loglevel, gosu, rancher-telemetry, helm-set-status, opentofu, kapp, helm-push, newrelic-nri-statsd, azurefile-csi, rancher-machine, trillian, atlantis, fscrypt, fulcio, external-dns, vertical-pod-autoscaler,...

GHSA-447V-2QG4-H8HC vulnerabilities

Vulnerabilities for packages: gcsfuse, wire-go, crane, runc, helm-docs, tfsec, net-kourier, sbom-scorecard, kubernetes-replicator, portieris, oras, terraform, extism, dfc, hey, spark-operator, cfssl, mattermost, modelmesh-runtime-adapter, sigstore-scaffolding, rancher-loglevel,...

CVE-2025-58188 vulnerabilities

Vulnerabilities for packages: gcsfuse, wire-go, crane, runc, helm-docs, tfsec, net-kourier, sbom-scorecard, kubernetes-replicator, portieris, oras, terraform, extism, dfc, hey, spark-operator, cfssl, mattermost, modelmesh-runtime-adapter, sigstore-scaffolding, rancher-loglevel,...

GHSA-FRHW-MQJ2-WXW2 vulnerabilities

Vulnerabilities for packages: oras, terraform, terraform-provider-kubernetes, rancher-loglevel, gosu, bank-vaults, rancher-telemetry, helm-set-status, opentofu, kapp, spegel, helm-push, newrelic-nri-statsd, azurefile-csi, rancher-machine, trillian, atlantis, fscrypt, fulcio, external-dns,...

GHSA-WCW9-47FP-RRFR vulnerabilities

Vulnerabilities for packages: gcsfuse, wire-go, crane, runc, helm-docs, tfsec, net-kourier, sbom-scorecard, kubernetes-replicator, portieris, oras, terraform, extism, dfc, hey, spark-operator, cfssl, mattermost, modelmesh-runtime-adapter, sigstore-scaffolding, rancher-loglevel,...

GHSA-9GCR-GP5F-JW27 vulnerabilities

Vulnerabilities for packages: gcsfuse, wire-go, crane, runc, helm-docs, tfsec, net-kourier, sbom-scorecard, kubernetes-replicator, portieris, oras, terraform, extism, dfc, hey, spark-operator, cfssl, mattermost, modelmesh-runtime-adapter, sigstore-scaffolding, rancher-loglevel,...

GHSA-QH38-484V-W52X vulnerabilities

Vulnerabilities for packages: gcsfuse, wire-go, crane, runc, helm-docs, tfsec, net-kourier, sbom-scorecard, kubernetes-replicator, portieris, oras, terraform, extism, dfc, hey, spark-operator, cfssl, mattermost, modelmesh-runtime-adapter, sigstore-scaffolding, rancher-loglevel,...

CVE-2025-61723 vulnerabilities

Vulnerabilities for packages: gcsfuse, wire-go, crane, runc, helm-docs, tfsec, net-kourier, sbom-scorecard, kubernetes-replicator, portieris, oras, terraform, extism, dfc, hey, spark-operator, cfssl, mattermost, modelmesh-runtime-adapter, sigstore-scaffolding, rancher-loglevel,...

Unspecified Vulnerability in libIEC61850

libIEC61850 is an open source library for IEC 61850. A security vulnerability exists in the 'ControlObjectClientsetCommandTerminationHandler' function in the client/clientcontrol.c file in libIEC61850 v1.3. An attacker can exploit this vulnerability to obtain SEGV...