EUVD-2026-16577

Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution. This issue was fixed in 3.18.4...

CVE-2026-25099

Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution. This issue was fixed in 3.18.4...

CVE-2026-25099 Remote Code Execution via Unrestricted File Upload in Bludit

Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution. This issue was fixed in 3.18.4...

PT-2026-28339

Name of the Vulnerable Software and Affected Versions Bludit versions prior to 3.18.4 Description The API plugin in Bludit allows a user with a valid API token to upload files of any type and extension without restriction. Successful exploitation of this issue can lead to Remote Code Execution. T...

EUVD-2025-20751

Malicious code in bioql PyPI...

WordPress 12 Step Meeting List Plugin <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin 12 Step Meeting List versions = 3.18.3...

Security update for helm

This update for helm fixes the following issues: Update to version 3.18.4 bsc1246152, CVE-2025-53547: Disabling linter due to unknown issue f20a4ad Matt Farina builddeps: bump the k8s-io group with 7 updates 563b094 dependabotbot Updating link handling 00de613 Matt Farina Patch Instructions: To...

SUSE-SU-2025:20595-1 Security update for helm

This update for helm fixes the following issues: Update to version 3.18.4 bsc1246152, CVE-2025-53547: Disabling linter due to unknown issue f20a4ad Matt Farina builddeps: bump the k8s-io group with 7 updates 563b094 dependabotbot Updating link handling 00de613 Matt Farina...

CBL Mariner 2.0 Security Update: helm (CVE-2025-53547)

The version of helm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-53547 advisory. - Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file alon...

OPENSUSE-SU-2025:15331-1 helm-3.18.4-1.1 on GA media

These are all security issues fixed in the helm-3.18.4-1.1 package on the GA media of openSUSE Tumbleweed...

AZL-64877 CVE-2025-53547 affecting package helm for versions less than 3.14.2-7

Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when...

PT-2025-28768

Name of the Vulnerable Software and Affected Versions: Helm versions prior to 3.18.4 Description: A specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file can be crafted to cause...