CVE-2026-47125

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/id/templates/variables endpoint, which writes the system-wide .env.global file used for variable substitution in every project's compose file, is missing an admin...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the ClusterPolicy when apiCall.service.url is used with variable substitution e.g. request.object.. An attacker can retrieve sensitive information from internal services or cloud metadata endpoints b...

Kyverno has unrestricted outbound requests in Kyverno apiCall enabling SSRF

Summary A Server-Side Request Forgery SSRF vulnerability in Kyverno allows authenticated users to induce the admission controller to send arbitrary HTTP requests to attacker-controlled endpoints. When a ClusterPolicy uses apiCall.service.url with variable substitution e.g. request.object.,...

Kyverno Cross-Namespace Privilege Escalation via Policy apiCall

Summary A critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no enforcement that the request is limited to the policy’s namespace. As a result, any authenticated user with...

CVE-2025-69262

pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings. An attacker who can control environment variables during pnpm operations could achieve Remote Cod...

EUVD-2026-1159

pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings. An attacker who can control environment variables during pnpm operations could achieve Remote Cod...

CVE-2025-69262 pnpm vulnerable to Command Injection via environment variable substitution

pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings. An attacker who can control environment variables during pnpm operations could achieve Remote Cod...

GHSA-2PHV-J68V-WWQX pnpm vulnerable to Command Injection via environment variable substitution

Summary A command injection vulnerability exists in pnpm when using environment variable substitution in .npmrc configuration files with tokenHelper settings. An attacker who can control environment variables during pnpm operations could achieve remote code execution RCE in build environments...

pnpm 代码注入漏洞

pnpm is a package manager for pnpm open source. A code injection vulnerability exists in pnpm versions 6.25.0 through 10.26.2, which stems from command injection when using environment variable substitution in the .npmrc configuration file, and could lead to remote code execution...

EUVD-2019-0006

Malware in sbrugna...

PT-2025-34237

Name of the Vulnerable Software and Affected Versions: org.keycloak/keycloak-model-storage-service affected versions not specified Description: A flaw exists in the KeycloakRealmImport custom resource, which substitutes placeholders within imported realm documents, referencing environment...

PT-2025-30438 · Kyverno · Kyverno

Name of the Vulnerable Software and Affected Versions: Kyverno versions 1.14.1 and below Description: Kyverno is susceptible to a Denial of Service DoS vulnerability stemming from improper handling of JMESPath variable substitutions. Attackers possessing permissions to create or update Kyverno...

Exploit for HTTP Request Smuggling in Apache Http_Server

CVE 2023 25690 - Proof of Concept Published: 7 March 2023...

SUSE SLES12 Security Update : ksh (SUSE-SU-2024:2756-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2756-1 advisory. - CVE-2019-14868: Fixed code injection due to environment variables on startup interpreted as arithmetic expression bsc1160796 Other fixes: ...

SUSE-SU-2024:2756-1 Security update for ksh

This update for ksh fixes the following issues: - CVE-2019-14868: Fixed code injection due to environment variables on startup interpreted as arithmetic expression bsc1160796 Other fixes: - do not use posixspawn as it lacks proper job handling bsc1224057 - fix segfault in variable substitution...

GO-2024-2647 CLI for Vela Insecure Variable Substitution in github.com/go-vela/cli

CLI for Vela Insecure Variable Substitution in github.com/go-vela/cli...

GO-2024-2641 Insecure Variable Substitution in Vela in github.com/go-vela/worker

Insecure Variable Substitution in Vela in github.com/go-vela/worker...

GO-2024-2649 Types for Vela Insecure Variable Substitution in github.com/go-vela/types

Types for Vela Insecure Variable Substitution in github.com/go-vela/types...

Insecure Variable Substitution

github.com/go-vela/server is vulnerable to Insecure Variable Substitution. This vulnerability is due to the use of variable substitution combined with insensitive fields such as parameters, image, and entrypoint in Vela pipelines. The vulnerability allows an attacker to bypass log masking and...

Insecure Variable Substitution

github.com/go-vela/types is vulnerable to Insecure Variable Substitution. The vulnerability arises due to the unexpected behavior of variable substitution combined with insensitive fields like parameters, image, and entrypoint. This allows for bypassing log masking and exposing secrets without...