Skip to main content

Suse

9338 CVEs vendor

Monthly

CVE-2025-71200 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode When operating in HS200 or HS400 timing modes, reducing the clock frequency below 52MHz will lead to link broken as the Rockchip DWC MSHC controller requires maintaining a minimum clock of 52MHz in these modes.

Linux Debian Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-26269 MEDIUM PATCH This Month

Stack buffer overflow in Vim's NetBeans integration allows a malicious NetBeans server to corrupt memory and potentially crash the editor or execute arbitrary code through a specially crafted specialKeys command. The vulnerability affects Vim builds with NetBeans support enabled and requires user interaction to connect to a compromised server. A patch is available in Vim version 9.1.2148 and later.

Buffer Overflow Vim Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2441 HIGH POC KEV PATCH THREAT Act Now

Google Chrome's CSS engine contains a use-after-free vulnerability (CVE-2026-2441, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox through crafted HTML pages. KEV-listed with public PoC, this vulnerability enables drive-by exploitation when users visit malicious or compromised websites.

Google Use After Free Chrome Red Hat Suse
NVD GitHub VulDB Exploit-DB
CVSS 3.1
8.8
EPSS
0.1%
Threat
4.8
CVE-2026-26190 Go CRITICAL POC PATCH GHSA Act Now

Unauthenticated API access in Milvus vector database before 2.5.27/2.6.10. TCP port 9091 exposed by default without authentication. EPSS 0.32% with PoC and patch available.

Authentication Bypass AI / ML Milvus Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-26187 Go HIGH PATCH This Week

Authenticated users in lakeFS prior to version 1.77.0 can exploit path traversal vulnerabilities in the local block adapter to read and write files outside their intended storage boundaries by bypassing insufficient prefix validation checks. An attacker with valid credentials can manipulate object identifiers and path sequences to access sibling directories and storage namespaces they should not have access to. A patch is available in version 1.77.0 and later.

Path Traversal Lakefs Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-2443 MEDIUM PATCH This Month

libsoup's improper validation of HTTP Range headers enables remote attackers to read sensitive server memory when processing specially crafted requests against vulnerable SoupServer instances. The flaw affects GNOME-based systems using certain build configurations and requires no authentication or user interaction. No patch is currently available, and exploitation likelihood remains low at 0.1% EPSS.

Buffer Overflow Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-22892 Go MEDIUM PATCH This Month

Mattermost versions 11.1.2, 10.11.9, and 11.2.1 and earlier fail to properly enforce access controls in the Jira plugin's /create-issue API endpoint, allowing authenticated users to read restricted post content and attachments from channels they cannot access by referencing post IDs. An attacker with Jira plugin access can exploit this to enumerate and exfiltrate sensitive information from private or restricted channels. No patch is currently available for affected versions.

Jira Mattermost Server Suse
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2020-37167 HIGH POC PATCH This Week

ClamAV versions up to 0.103.0 contains a vulnerability that allows attackers to manipulate bytecode function names (CVSS 8.4).

Information Disclosure Suse
NVD GitHub Exploit-DB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-26076 HIGH PATCH This Week

ntpd-rs versions prior to 1.7.1 are vulnerable to remote denial of service through crafted NTS (Network Time Protocol Security) packets that force excessive CPU consumption on affected servers. An unauthenticated attacker can exploit this by sending malformed NTS cookie requests that require significantly more processing resources to handle, degrading server performance and availability. The vulnerability affects ntpd-rs deployments with NTS enabled and is resolved in version 1.7.1.

Denial Of Service Ntpd Rs Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-26056 Go HIGH PATCH This Week

Arbitrary code execution in Yoke's Air Traffic Controller component allows authenticated users with CustomResource create/update permissions to execute malicious WebAssembly modules by injecting crafted URLs into the overrides.yoke.cd/flight annotation, potentially enabling cluster-admin privilege escalation. The vulnerability affects Yoke 0.19.0 and earlier, with no patch currently available and an 8.8 CVSS severity rating.

Kubernetes RCE Code Injection Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-26055 Go HIGH PATCH This Week

Unauthenticated webhook endpoints in Yoke's Air Traffic Controller component allow any pod within a Kubernetes cluster to submit AdmissionReview requests and execute WASM modules in the controller's context without authorization. This affects Yoke versions 0.19.0 and earlier, enabling attackers with cluster access to bypass API Server authentication and potentially compromise the infrastructure-as-code deployment pipeline. No patch is currently available.

Kubernetes Authentication Bypass Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25996 Go CRITICAL POC PATCH GHSA Act Now

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter injection. PoC and patch available.

Kubernetes Code Injection Inspektor Gadget Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-24895 Go CRITICAL POC PATCH Act Now

CGI path splitting vulnerability in FrankenPHP before 1.11.2 — Unicode characters bypass path validation during CGI processing. PoC and patch available.

PHP Golang Frankenphp Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-24894 Go HIGH POC PATCH This Week

FrankenPHP versions prior to 1.11.2 fail to properly isolate session data between worker requests, enabling cross-user session fixation where an attacker can read sensitive $_SESSION information intended for other users. This high-severity flaw affects multi-request worker mode deployments and has public exploit code available. A patched version 1.11.2 is available and should be deployed immediately.

Privilege Escalation Frankenphp Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21438 Go MEDIUM PATCH This Month

Webtransport-go versions prior to 0.10.0 fail to properly clean up closed WebTransport streams from internal session maps, allowing remote attackers to exhaust server memory through repeated stream creation and closure. This denial-of-service condition requires no authentication or user interaction and affects all deployments using the vulnerable library. A patch is available in version 0.10.0.

Golang Webtransport Go Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-21435 Go MEDIUM PATCH This Month

Webtransport-go versions prior to 0.10.0 are vulnerable to denial of service attacks where a malicious peer can withhold QUIC flow control credits to indefinitely block WebTransport session closure. An attacker can exploit this to hang close operations and prevent proper session termination, leaving connections in a suspended state. Affected applications using webtransport-go for protocol communication should upgrade to version 0.10.0 or later to mitigate this vulnerability.

Golang Denial Of Service Webtransport Go Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-21434 Go MEDIUM PATCH This Month

Webtransport-go versions 0.3.0 through 0.9.0 fail to enforce the 1024-byte limit on Application Error Messages in WT_CLOSE_SESSION capsules, allowing remote attackers to trigger unbounded memory consumption by sending oversized payloads. An unauthenticated attacker can exhaust server memory and cause denial of service, requiring only sufficient bandwidth to transmit the malicious payload. The vulnerability is resolved in version 0.10.0, though no patch is currently available for affected versions.

Golang Webtransport Go Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-2003 MEDIUM PATCH This Month

Improper validation of the "oidvector" type in PostgreSQL allows authenticated database users to read small amounts of server memory, potentially exposing sensitive data. This vulnerability affects PostgreSQL versions prior to 18.2, 17.8, 16.12, 15.16, and 14.21, with no patch currently available for impacted systems.

PostgreSQL Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-21722 MEDIUM PATCH This Month

Grafana public dashboards with annotations enabled fail to enforce the dashboard's locked timerange restriction on annotation queries, allowing unauthenticated attackers to retrieve the complete annotation history beyond the intended viewing window. This information disclosure affects any organization exposing public dashboards with annotations, though only annotations already visible on the dashboard are accessible. No patch is currently available for this vulnerability.

Information Disclosure Grafana Red Hat Suse
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-41117 Go MEDIUM PATCH This Month

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. [CVSS 6.8 MEDIUM]

Grafana Red Hat Suse
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-2327 npm MEDIUM PATCH This Month

Markdown-It versions up to 14.1.1 is affected by inefficient regular expression complexity (redos) (CVSS 5.3).

Denial Of Service Markdown It Red Hat Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20676 MEDIUM PATCH This Month

Safari web extensions on Apple platforms can leak user tracking information due to inadequate state management controls, allowing websites to identify and monitor individual users across browsing sessions. This vulnerability affects iOS, iPadOS, macOS, and visionOS, and is resolved in version 26.3 of each platform. The low CVSS score reflects limited direct user impact, though it represents a privacy concern for Safari users.

Apple Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-26014 Go MEDIUM PATCH This Month

Pion DTLS is a Go implementation of Datagram Transport Layer Security. [CVSS 5.9 MEDIUM]

Golang Dtls Red Hat Suse
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-25935 Go MEDIUM PATCH This Month

Cross-site scripting (XSS) in Vikunja prior to version 1.1.0 allows authenticated attackers to execute arbitrary JavaScript in other users' browsers by injecting malicious code into task descriptions that are rendered without sanitization in hover tooltips. An attacker can exploit this by sharing a project and creating a specially crafted task that triggers the vulnerability when other users hover over it. A patch is available in version 1.1.0 and later.

XSS Vikunja Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2323 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 4.3).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-2322 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 5.4).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2321 HIGH PATCH This Week

Heap corruption in Google Chrome's Ozone component (versions prior to 145.0.7632.45) stems from a use-after-free vulnerability that can be triggered when users interact with malicious HTML pages through specific UI gestures. An unauthenticated remote attacker can exploit this to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available, leaving affected Chrome users vulnerable to exploitation.

Google Use After Free Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2320 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2319 HIGH PATCH This Week

Google Chrome versions prior to 145.0.7632.45 contain a race condition in DevTools that allows remote attackers to corrupt objects by convincing users to perform specific UI interactions and install a malicious extension. An attacker exploiting this vulnerability could achieve high-impact outcomes including information disclosure, data modification, or denial of service. The vulnerability currently has no available patch.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-2318 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2317 MEDIUM PATCH This Month

Google Chrome versions before 145.0.7632.45 contain an animation implementation flaw that allows remote attackers to exfiltrate cross-origin data through specially crafted HTML pages. The vulnerability requires user interaction to trigger and affects all Chrome users, potentially exposing sensitive information from other websites. No patch is currently available.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2316 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2315 HIGH PATCH This Week

Out of bounds memory access in Google Chrome's WebGPU implementation prior to version 145.0.7632.45 allows unauthenticated attackers to trigger memory corruption through a malicious HTML page. This vulnerability requires user interaction but carries high risk due to potential for arbitrary code execution or information disclosure. No patch is currently available.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2314 HIGH PATCH This Week

Heap buffer overflow in Google Chrome's codec implementation prior to version 145.0.7632.45 enables remote attackers to corrupt heap memory and potentially achieve arbitrary code execution through a malicious HTML page. The vulnerability requires user interaction to visit a crafted webpage but does not require special privileges, affecting all Chrome users. No patch is currently available.

Google Buffer Overflow Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2313 HIGH PATCH This Week

Heap corruption in Google Chrome's CSS engine prior to version 145.0.7632.45 can be triggered through crafted HTML pages, enabling remote attackers to achieve arbitrary code execution without user interaction beyond viewing a malicious webpage. The vulnerability stems from a use-after-free memory flaw that affects all Chrome users, and currently no patch is available. With a CVSS score of 8.8 and low exploit difficulty, this represents a critical risk to active Chrome installations.

Google Use After Free Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-26079 MEDIUM PATCH This Month

Roundcube Webmail versions up to 1.5.13 is affected by inclusion of functionality from untrusted control sphere (CVSS 4.7).

RCE Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.1%
CVE-2026-2303 Go MEDIUM PATCH This Month

The mongo-go-driver's GSSAPI authentication wrapper on Linux and macOS contains a heap buffer over-read vulnerability stemming from improper handling of non-null-terminated GSSAPI buffers, allowing authenticated attackers to read sensitive memory content. This vulnerability affects applications using Go-based MongoDB drivers with Kerberos authentication enabled and could lead to information disclosure of heap memory. No patch is currently available.

Linux macOS Golang Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2024-54192 MEDIUM This Month

An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c. [CVSS 5.5 MEDIUM]

Denial Of Service Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25934 Go MEDIUM PATCH This Month

Corrupted Git pack and index files are not properly validated in go-git versions before 5.16.5, allowing an attacker to supply malicious packfiles that bypass integrity checks and cause go-git to consume corrupted data. This can result in unexpected application errors and denial of service conditions for any system using the vulnerable go-git library to fetch or process Git repositories. The vulnerability requires user interaction to fetch from a malicious or compromised Git source.

Information Disclosure Go Git Red Hat Suse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-25892 PHP HIGH POC PATCH This Week

Adminer versions 5.4.1 and earlier suffer from a post-message validation bypass that allows remote attackers to trigger denial of service affecting all users. By sending a crafted POST request with array parameters to the version endpoint, an attacker can cause openssl_verify() to receive malformed input, resulting in a TypeError that crashes the application and returns HTTP 500 errors. Public exploit code exists for this vulnerability; administrators should upgrade to version 5.4.2 immediately.

PHP OpenSSL Adminer Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2026-25890 Go HIGH POC PATCH This Week

Path normalization bypass in Filebrowser prior to 2.57.1 allows authenticated users to circumvent file access restrictions by injecting multiple slashes into request URLs, enabling unauthorized access to files designated as restricted. The vulnerability exploits a mismatch between the authorization validation logic and filesystem path resolution, affecting users running vulnerable versions. Public exploit code exists for this high-severity issue.

Authentication Bypass Filebrowser Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-25889 Go MEDIUM POC PATCH This Month

Filebrowser versions prior to 2.57.1 allow authenticated users to reset passwords without verifying the current password due to case-sensitive validation logic that can be bypassed using mixed-case field names in API requests. An attacker with a valid JWT token obtained through XSS, session hijacking, or similar means could exploit this to perform account takeover. Public exploit code exists for this vulnerability, and a patch is available.

XSS Filebrowser Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-25791 Go HIGH POC PATCH This Week

Memory exhaustion in Sliver C2 framework prior to version 1.7.0 allows unauthenticated remote attackers to bypass OTP validation in the DNS listener and create unbounded server-side sessions without expiry mechanisms. Public exploit code exists for this vulnerability, enabling attackers to repeatedly allocate sessions and exhaust server memory resources. The DNS C2 listener accepts bootstrap messages without proper authentication even when OTP enforcement is enabled.

DNS Wireguard Sliver Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-25765 Ruby MEDIUM PATCH This Month

Faraday HTTP client library versions before 2.14.1 fail to properly validate protocol-relative URLs when merging user-supplied paths with base URLs, allowing attackers to redirect requests to arbitrary hosts via SSRF attacks. Applications that pass untrusted input to Faraday request methods like get() or post() are vulnerable to request hijacking. A patch is available in version 2.14.1 and later.

Ruby SSRF Faraday Red Hat Suse
NVD GitHub
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-24684 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the audio playback subsystem where the RDPSND async thread processes queued audio packets after the channel has been closed and its internal state freed, causing a denial of service. The vulnerability affects systems running vulnerable FreeRDP versions and can be exploited remotely without authentication or user interaction. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24683 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the input event handling mechanism where unsynchronized access to cached channel callbacks can be freed or reinitialized by concurrent channel closure operations. An attacker with network access can trigger a denial of service condition by exploiting this race condition. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24682 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a buffer management error in audio format parsing that causes out-of-bounds memory access when processing malformed audio data. An attacker can exploit this vulnerability over the network without authentication to trigger a denial of service condition. A patch is available in FreeRDP 3.22.0 and later.

Buffer Overflow Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24681 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the URBDRC channel handler where asynchronous bulk transfer completions reference freed memory after channel closure, enabling denial of service attacks. An unauthenticated remote attacker can trigger this condition through malformed RDP protocol messages to crash the FreeRDP service. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24680 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in pointer handling where sdl_Pointer_New and sdl_Pointer_Free both attempt to free the same memory, causing a denial of service condition. An attacker with network access can trigger this memory corruption to crash RDP client instances without authentication. The vulnerability affects all users of vulnerable FreeRDP versions and is resolved in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24679 CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a heap buffer overflow in the URBDRC USB redirection client enabling RCE through malicious RDP servers.

Buffer Overflow Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-24677 CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a use-after-free in ecam_encoder_compress allowing malicious RDP servers to crash or execute code on clients.

Use After Free Buffer Overflow Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-24676 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in audio format renegotiation that allows unauthenticated attackers to cause denial of service by triggering a crash through audio processing. The vulnerability occurs when the AUDIN format list is freed during renegotiation while the capture thread continues accessing the freed memory, affecting any system running vulnerable FreeRDP instances. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24675 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the libusb device interface selection code where error handling prematurely frees configuration data that subsequent code attempts to access, causing denial of service. This vulnerability affects systems using FreeRDP for remote desktop protocol operations and can be triggered remotely without authentication or user interaction. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24491 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 are vulnerable to a use-after-free condition where the video_timer component sends notifications after the control channel closes, dereferencing freed memory and causing denial of service. An unauthenticated remote attacker can trigger this crash by manipulating RDP session timing, making the vulnerability exploitable with no user interaction required. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-23948 HIGH PATCH This Week

FreeRDP proxy versions prior to 3.22.0 are vulnerable to denial of service when processing specially crafted RDP server responses that trigger a null pointer dereference in the logon information handler. An unauthenticated attacker controlling a malicious RDP server can crash the FreeRDP proxy by sending a LogonInfoV2 PDU with empty domain or username fields. This vulnerability has been patched in version 3.22.0 and later.

Null Pointer Dereference Denial Of Service Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-66630 Go CRITICAL PATCH Act Now

Go Fiber web framework before 2.52.11 has a weak PRNG vulnerability (on Go < 1.24) that makes session tokens predictable, enabling session hijacking.

Golang CSRF Fiber Red Hat Suse
NVD GitHub
CVSS 3.1
9.4
EPSS
0.0%
CVE-2026-25916 MEDIUM PATCH This Month

Roundcube Webmail versions before 1.5.13 and 1.6.x before 1.6.13 fail to block SVG feImage elements when the "Block remote images" security feature is enabled, allowing attackers to bypass the protection and load remote content. This remote image bypass could enable tracking, information disclosure, or facilitate phishing attacks against users who rely on this feature to prevent remote content loading. No patch is currently available for this medium-severity vulnerability.

Information Disclosure Suse
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-25804 Go CRITICAL PATCH Act Now

Antrea Kubernetes networking has an authentication bypass enabling unauthorized access to the Kubernetes network policy infrastructure.

Kubernetes Antrea Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-25793 Go HIGH PATCH This Week

Nebula is a scalable overlay networking tool. [CVSS 8.1 HIGH]

Information Disclosure Nebula Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-25760 Go MEDIUM POC PATCH This Month

Authenticated operators in Sliver C2 framework versions prior to 1.6.11 can read arbitrary files on the server through a path traversal vulnerability in the website content subsystem, potentially exposing sensitive credentials, configurations, and cryptographic keys. Public exploit code exists for this vulnerability. The issue is resolved in version 1.6.11 and later.

Wireguard Path Traversal Sliver Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25731 HIGH POC PATCH This Week

calibre is an e-book manager. [CVSS 7.8 HIGH]

RCE Calibre Red Hat Suse
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25636 HIGH POC PATCH This Week

Calibre 9.1.0 and earlier contains a path traversal vulnerability in EPUB conversion that allows malicious EPUB files to corrupt or modify arbitrary files writable by the Calibre process. The vulnerability exploits improper handling of CipherReference URIs in encryption metadata, enabling attackers to write outside the intended extraction directory. Public exploit code exists for this high-severity issue, which is patched in version 9.2.0.

Path Traversal Calibre Red Hat Suse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-25635 HIGH POC PATCH This Week

Remote code execution in Calibre prior to version 9.2.0 through a path traversal flaw in the CHM reader allows local attackers to write arbitrary files with user permissions, enabling payload execution via the Windows Startup folder. Public exploit code exists for this vulnerability. Windows users should upgrade to Calibre 9.2.0 or later to remediate the risk.

Windows RCE Path Traversal Calibre Red Hat +1
NVD GitHub
CVSS 3.1
8.6
EPSS
0.2%
CVE-2026-25727 Cargo MEDIUM PATCH This Month

The Rust time library versions 0.3.6 through 0.3.46 are vulnerable to denial of service through stack exhaustion when processing maliciously crafted RFC 2822 formatted input. An unauthenticated attacker can trigger recursive parsing of deprecated RFC 2822 features to exhaust stack memory and crash applications using affected versions. A patch implementing recursion depth limits is available in version 0.3.47 and later.

Denial Of Service Time Red Hat Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23989 Go HIGH PATCH This Week

Unauthenticated attackers can bypass public link scope verification in OpenCloud Reva versions prior to 2.42.3 and 2.40.3 through a flaw in GRPC authorization middleware. By exploiting the archiver service, an attacker can create archives containing all resources accessible to the public link creator, resulting in unauthorized information disclosure. A patch is available in versions 2.42.3 and 2.40.3.

Authentication Bypass Opencloud Reva Suse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-24851 Go HIGH PATCH This Week

Improper policy enforcement in OpenFGA versions 1.8.5 through 1.11.2 (and corresponding Helm Chart and Docker releases) allows authenticated users to bypass authorization checks through specially crafted tuple configurations that mix type-bound public and non-public access policies. An attacker with valid credentials can exploit mismatched tuple assignments to gain unauthorized access to protected resources by leveraging lexicographic object ID ordering in the authorization engine. No patch is currently available.

Docker Openfga Helm Charts Red Hat Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-24135 Go HIGH PATCH This Week

Arbitrary file deletion in Gogs 0.13.3 and earlier allows authenticated repository contributors to exploit a path traversal flaw in the wiki page update function, enabling deletion of arbitrary files on the affected server. An attacker with wiki write access can manipulate the old_title parameter to traverse the filesystem and remove critical files. No patch is currently available for this high-severity vulnerability (CVSS 8.1).

Path Traversal Gogs Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-23633 Go MEDIUM POC PATCH This Month

Gogs versions 0.13.3 and earlier are vulnerable to arbitrary file read and write operations through path traversal in the Git hook editing functionality, affecting self-hosted installations. An authenticated attacker with high privileges can exploit this vulnerability to access or modify files outside the intended directory. Public exploit code exists for this vulnerability, and no patch is currently available.

Path Traversal Gogs Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-23632 Go MEDIUM PATCH This Month

Gogs versions 0.13.3 and earlier fail to enforce write permissions on the repository contents endpoint, allowing attackers with read-only access to modify files, create commits, and execute git push operations. An authenticated user possessing only read permissions can bypass authorization checks and gain unauthorized write access to repository contents. This affects self-hosted Gogs instances and has no patch currently available for affected versions.

Authentication Bypass Gogs Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-22592 Go MEDIUM POC PATCH This Month

Denial of service in Gogs 0.13.3 and earlier allows authenticated users to crash the application by deleting repository files before synchronization. Public exploit code exists for this vulnerability, affecting self-hosted Git service deployments. A patch is available in versions 0.13.4 and 0.14.0+dev.

Denial Of Service Gogs Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-70963 Go HIGH POC PATCH This Week

Gophish <=0.12.1 is vulnerable to Incorrect Access Control. The administrative dashboard exposes each user’s long-lived API key directly inside the rendered HTML/JavaScript of the page on every login. [CVSS 7.6 HIGH]

Authentication Bypass Information Disclosure Gophish Suse
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2025-64175 Go HIGH PATCH This Week

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, Gogs’ 2FA recovery code validation does not scope codes by user, enabling cross-account bypass. [CVSS 8.8 HIGH]

Authentication Bypass Gogs Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-64111 Go CRITICAL POC PATCH Act Now

Gogs self-hosted Git service v0.13.3 has a command injection vulnerability enabling remote code execution through crafted repository operations.

Command Injection Gogs Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-13523 Go HIGH PATCH This Week

Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connection link that, when visited, renders the attacker's display name without proper sanitization. [CVSS 7.7 HIGH]

Confluence Suse
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-1707 PyPI HIGH PATCH This Week

Command execution in pgAdmin 4 server mode allows authenticated attackers to bypass restore operation restrictions by extracting the restrict key during PLAIN-format dump file operations and injecting malicious payloads to re-enable meta-commands. An attacker with web interface access can race the restore process in real time to achieve reliable code execution on the pgAdmin host. No patch is currently available for this vulnerability.

Authentication Bypass Pgadmin 4 Suse
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-58190 Go MEDIUM POC PATCH This Month

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content. [CVSS 5.3 MEDIUM]

Golang Denial Of Service Html Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-47911 Go MEDIUM PATCH This Month

Html contains a vulnerability that allows attackers to denial of service (DoS) if an attacker provides specially crafted HTML content (CVSS 5.3).

Golang Denial Of Service Html Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2020-37127 MEDIUM POC PATCH This Month

Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. [CVSS 5.5 MEDIUM]

Buffer Overflow Denial Of Service Red Hat Suse
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25579 Go MEDIUM POC PATCH This Month

Navidrome versions prior to 0.60.0 allow authenticated users to trigger denial of service by requesting image resizing with extremely large parameters, causing uncontrolled memory allocation and potential disk exhaustion. Public exploit code exists for this vulnerability, which can crash the server process via the OOM killer or fill the cache directory with massive files. An attacker with valid credentials can achieve complete service outage without administrative privileges.

Linux Denial Of Service Navidrome Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-25578 Go MEDIUM POC PATCH This Month

Navidrome versions before 0.60.0 contain a stored cross-site scripting vulnerability in song comment metadata that allows attackers to inject malicious scripts and steal user credentials when victims view affected music files. Public exploit code exists for this vulnerability. Administrators should upgrade to version 0.60.0 or later to remediate the risk.

XSS Navidrome Suse
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-25538 Go HIGH POC PATCH This Week

Devtron is an open source tool integration platform for Kubernetes. [CVSS 8.8 HIGH]

Kubernetes Devtron Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25518 Go MEDIUM PATCH This Month

Denial-of-service in cert-manager versions 1.18.0-1.18.4 and 1.19.0-1.19.2 allows network-adjacent attackers to crash the controller by poisoning DNS cache entries during ACME DNS-01 validation through unencrypted DNS traffic interception. An attacker positioned to intercept DNS queries from the cert-manager pod can inject malicious DNS responses that trigger a panic in the controller, disrupting certificate management operations in affected Kubernetes clusters. A patch is available for immediate deployment.

Kubernetes DNS Cert Manager Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-25499 Go HIGH POC PATCH This Week

The Terraform/OpenTofu Proxmox Provider prior to version 0.93.1 contains a path traversal vulnerability in its SSH sudoer configuration documentation that permits attackers to escape directory restrictions using ../ sequences and modify arbitrary files on the system. Public exploit code exists for this vulnerability, affecting users who implement the documented SSH configuration. The vulnerability has been patched in version 0.93.1 and a fix is available.

SSH Proxmox Terraform Provider Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-25161 Go HIGH POC PATCH GHSA This Week

Path traversal in Alist prior to version 3.57.0 allows authenticated users to manipulate filename parameters and bypass directory restrictions within the same storage mount. Attackers can exploit this vulnerability to perform unauthorized file operations including deletion, movement, and copying across user boundaries. Public exploit code exists for this vulnerability.

Path Traversal Alist Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25160 Go CRITICAL POC PATCH GHSA Act Now

Alist file manager has an improper certificate validation vulnerability allowing MITM attacks that could compromise file operations and stored credentials.

TLS Alist Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-25145 Go MEDIUM PATCH This Month

Melange versions 0.14.0 through 0.40.2 allow local attackers with configuration file control to read arbitrary files from the host system through path traversal in license file path validation, potentially exfiltrating sensitive data embedded in generated SBOMs. This vulnerability affects build pipeline scenarios where configuration is user-controlled, such as pull request-driven CI or build-as-a-service environments. A patch is available in version 0.40.3.

Golang Path Traversal Melange Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25143 Go HIGH PATCH This Week

Melange versions 0.10.0 through 0.40.2 allow unauthenticated command injection through the patch pipeline, enabling attackers to execute arbitrary shell commands on build hosts by injecting shell metacharacters into patch-related inputs such as series paths and filenames. This vulnerability affects users who build APK packages using melange build or melange license-check operations, particularly in CI/CD environments where build inputs may be controlled by untrusted sources. A patch is available in version 0.40.3 and later.

Command Injection RCE Melange Suse
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24844 Go HIGH PATCH This Week

melange allows users to build apk packages using declarative pipelines. [CVSS 7.9 HIGH]

Command Injection RCE Melange Suse
NVD GitHub
CVSS 3.1
7.9
EPSS
0.0%
CVE-2026-24843 Go HIGH PATCH This Week

Melange versions 0.11.3 through 0.40.2 suffer from a path traversal vulnerability in the retrieveWorkspace function that fails to validate tar entry paths, allowing an attacker with control over a QEMU guest VM's tar stream to write arbitrary files outside the intended workspace directory on the host system. An attacker exploiting this vulnerability could achieve arbitrary file write capabilities on the host machine, potentially leading to system compromise. A patch is available in version 0.40.3 and later.

Path Traversal Melange Suse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-25140 Go HIGH PATCH This Week

Apko versions 0.14.8 through 1.1.0 are vulnerable to denial of service when processing APK packages from untrusted repositories due to missing decompression limits in the ExpandApk function. An attacker controlling a compromised APK repository can provide a malicious small, highly-compressed package that expands into a massive tar stream, exhausting disk space and CPU resources on the build host. The vulnerability affects Golang and Apko products and has been patched in version 1.1.1.

Golang Denial Of Service Apko Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode When operating in HS200 or HS400 timing modes, reducing the clock frequency below 52MHz will lead to link broken as the Rockchip DWC MSHC controller requires maintaining a minimum clock of 52MHz in these modes.

Linux Debian Information Disclosure +3
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Stack buffer overflow in Vim's NetBeans integration allows a malicious NetBeans server to corrupt memory and potentially crash the editor or execute arbitrary code through a specially crafted specialKeys command. The vulnerability affects Vim builds with NetBeans support enabled and requires user interaction to connect to a compromised server. A patch is available in Vim version 9.1.2148 and later.

Buffer Overflow Vim Red Hat +1
NVD GitHub VulDB
EPSS 0% 4.8 CVSS 8.8
HIGH POC KEV PATCH THREAT Act Now

Google Chrome's CSS engine contains a use-after-free vulnerability (CVE-2026-2441, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox through crafted HTML pages. KEV-listed with public PoC, this vulnerability enables drive-by exploitation when users visit malicious or compromised websites.

Google Use After Free Chrome +2
NVD GitHub VulDB Exploit-DB
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Unauthenticated API access in Milvus vector database before 2.5.27/2.6.10. TCP port 9091 exposed by default without authentication. EPSS 0.32% with PoC and patch available.

Authentication Bypass AI / ML Milvus +1
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Authenticated users in lakeFS prior to version 1.77.0 can exploit path traversal vulnerabilities in the local block adapter to read and write files outside their intended storage boundaries by bypassing insufficient prefix validation checks. An attacker with valid credentials can manipulate object identifiers and path sequences to access sibling directories and storage namespaces they should not have access to. A patch is available in version 1.77.0 and later.

Path Traversal Lakefs Suse
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

libsoup's improper validation of HTTP Range headers enables remote attackers to read sensitive server memory when processing specially crafted requests against vulnerable SoupServer instances. The flaw affects GNOME-based systems using certain build configurations and requires no authentication or user interaction. No patch is currently available, and exploitation likelihood remains low at 0.1% EPSS.

Buffer Overflow Information Disclosure Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Mattermost versions 11.1.2, 10.11.9, and 11.2.1 and earlier fail to properly enforce access controls in the Jira plugin's /create-issue API endpoint, allowing authenticated users to read restricted post content and attachments from channels they cannot access by referencing post IDs. An attacker with Jira plugin access can exploit this to enumerate and exfiltrate sensitive information from private or restricted channels. No patch is currently available for affected versions.

Jira Mattermost Server Suse
NVD
EPSS 0% CVSS 8.4
HIGH POC PATCH This Week

ClamAV versions up to 0.103.0 contains a vulnerability that allows attackers to manipulate bytecode function names (CVSS 8.4).

Information Disclosure Suse
NVD GitHub Exploit-DB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

ntpd-rs versions prior to 1.7.1 are vulnerable to remote denial of service through crafted NTS (Network Time Protocol Security) packets that force excessive CPU consumption on affected servers. An unauthenticated attacker can exploit this by sending malformed NTS cookie requests that require significantly more processing resources to handle, degrading server performance and availability. The vulnerability affects ntpd-rs deployments with NTS enabled and is resolved in version 1.7.1.

Denial Of Service Ntpd Rs Suse
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Arbitrary code execution in Yoke's Air Traffic Controller component allows authenticated users with CustomResource create/update permissions to execute malicious WebAssembly modules by injecting crafted URLs into the overrides.yoke.cd/flight annotation, potentially enabling cluster-admin privilege escalation. The vulnerability affects Yoke 0.19.0 and earlier, with no patch currently available and an 8.8 CVSS severity rating.

Kubernetes RCE Code Injection +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Unauthenticated webhook endpoints in Yoke's Air Traffic Controller component allow any pod within a Kubernetes cluster to submit AdmissionReview requests and execute WASM modules in the controller's context without authorization. This affects Yoke versions 0.19.0 and earlier, enabling attackers with cluster access to bypass API Server authentication and potentially compromise the infrastructure-as-code deployment pipeline. No patch is currently available.

Kubernetes Authentication Bypass Suse
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter injection. PoC and patch available.

Kubernetes Code Injection Inspektor Gadget +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

CGI path splitting vulnerability in FrankenPHP before 1.11.2 — Unicode characters bypass path validation during CGI processing. PoC and patch available.

PHP Golang Frankenphp +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

FrankenPHP versions prior to 1.11.2 fail to properly isolate session data between worker requests, enabling cross-user session fixation where an attacker can read sensitive $_SESSION information intended for other users. This high-severity flaw affects multi-request worker mode deployments and has public exploit code available. A patched version 1.11.2 is available and should be deployed immediately.

Privilege Escalation Frankenphp Suse
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Webtransport-go versions prior to 0.10.0 fail to properly clean up closed WebTransport streams from internal session maps, allowing remote attackers to exhaust server memory through repeated stream creation and closure. This denial-of-service condition requires no authentication or user interaction and affects all deployments using the vulnerable library. A patch is available in version 0.10.0.

Golang Webtransport Go Suse
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Webtransport-go versions prior to 0.10.0 are vulnerable to denial of service attacks where a malicious peer can withhold QUIC flow control credits to indefinitely block WebTransport session closure. An attacker can exploit this to hang close operations and prevent proper session termination, leaving connections in a suspended state. Affected applications using webtransport-go for protocol communication should upgrade to version 0.10.0 or later to mitigate this vulnerability.

Golang Denial Of Service Webtransport Go +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Webtransport-go versions 0.3.0 through 0.9.0 fail to enforce the 1024-byte limit on Application Error Messages in WT_CLOSE_SESSION capsules, allowing remote attackers to trigger unbounded memory consumption by sending oversized payloads. An unauthenticated attacker can exhaust server memory and cause denial of service, requiring only sufficient bandwidth to transmit the malicious payload. The vulnerability is resolved in version 0.10.0, though no patch is currently available for affected versions.

Golang Webtransport Go Suse
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Improper validation of the "oidvector" type in PostgreSQL allows authenticated database users to read small amounts of server memory, potentially exposing sensitive data. This vulnerability affects PostgreSQL versions prior to 18.2, 17.8, 16.12, 15.16, and 14.21, with no patch currently available for impacted systems.

PostgreSQL Red Hat Suse
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Grafana public dashboards with annotations enabled fail to enforce the dashboard's locked timerange restriction on annotation queries, allowing unauthenticated attackers to retrieve the complete annotation history beyond the intended viewing window. This information disclosure affects any organization exposing public dashboards with annotations, though only annotations already visible on the dashboard are accessible. No patch is currently available for this vulnerability.

Information Disclosure Grafana Red Hat +1
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. [CVSS 6.8 MEDIUM]

Grafana Red Hat Suse
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Markdown-It versions up to 14.1.1 is affected by inefficient regular expression complexity (redos) (CVSS 5.3).

Denial Of Service Markdown It Red Hat +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Safari web extensions on Apple platforms can leak user tracking information due to inadequate state management controls, allowing websites to identify and monitor individual users across browsing sessions. This vulnerability affects iOS, iPadOS, macOS, and visionOS, and is resolved in version 26.3 of each platform. The low CVSS score reflects limited direct user impact, though it represents a privacy concern for Safari users.

Apple Denial Of Service Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Pion DTLS is a Go implementation of Datagram Transport Layer Security. [CVSS 5.9 MEDIUM]

Golang Dtls Red Hat +1
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Cross-site scripting (XSS) in Vikunja prior to version 1.1.0 allows authenticated attackers to execute arbitrary JavaScript in other users' browsers by injecting malicious code into task descriptions that are rendered without sanitization in hover tooltips. An attacker can exploit this by sharing a project and creating a specially crafted task that triggers the vulnerability when other users hover over it. A patch is available in version 1.1.0 and later.

XSS Vikunja Suse
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 4.3).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 5.4).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's Ozone component (versions prior to 145.0.7632.45) stems from a use-after-free vulnerability that can be triggered when users interact with malicious HTML pages through specific UI gestures. An unauthenticated remote attacker can exploit this to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available, leaving affected Chrome users vulnerable to exploitation.

Google Use After Free Chrome +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Google Chrome versions prior to 145.0.7632.45 contain a race condition in DevTools that allows remote attackers to corrupt objects by convincing users to perform specific UI interactions and install a malicious extension. An attacker exploiting this vulnerability could achieve high-impact outcomes including information disclosure, data modification, or denial of service. The vulnerability currently has no available patch.

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Google Chrome versions before 145.0.7632.45 contain an animation implementation flaw that allows remote attackers to exfiltrate cross-origin data through specially crafted HTML pages. The vulnerability requires user interaction to trigger and affects all Chrome users, potentially exposing sensitive information from other websites. No patch is currently available.

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out of bounds memory access in Google Chrome's WebGPU implementation prior to version 145.0.7632.45 allows unauthenticated attackers to trigger memory corruption through a malicious HTML page. This vulnerability requires user interaction but carries high risk due to potential for arbitrary code execution or information disclosure. No patch is currently available.

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in Google Chrome's codec implementation prior to version 145.0.7632.45 enables remote attackers to corrupt heap memory and potentially achieve arbitrary code execution through a malicious HTML page. The vulnerability requires user interaction to visit a crafted webpage but does not require special privileges, affecting all Chrome users. No patch is currently available.

Google Buffer Overflow Chrome +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's CSS engine prior to version 145.0.7632.45 can be triggered through crafted HTML pages, enabling remote attackers to achieve arbitrary code execution without user interaction beyond viewing a malicious webpage. The vulnerability stems from a use-after-free memory flaw that affects all Chrome users, and currently no patch is available. With a CVSS score of 8.8 and low exploit difficulty, this represents a critical risk to active Chrome installations.

Google Use After Free Chrome +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Roundcube Webmail versions up to 1.5.13 is affected by inclusion of functionality from untrusted control sphere (CVSS 4.7).

RCE Red Hat Suse
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The mongo-go-driver's GSSAPI authentication wrapper on Linux and macOS contains a heap buffer over-read vulnerability stemming from improper handling of non-null-terminated GSSAPI buffers, allowing authenticated attackers to read sensitive memory content. This vulnerability affects applications using Go-based MongoDB drivers with Kerberos authentication enabled and could lead to information disclosure of heap memory. No patch is currently available.

Linux macOS Golang +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c. [CVSS 5.5 MEDIUM]

Denial Of Service Suse
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Corrupted Git pack and index files are not properly validated in go-git versions before 5.16.5, allowing an attacker to supply malicious packfiles that bypass integrity checks and cause go-git to consume corrupted data. This can result in unexpected application errors and denial of service conditions for any system using the vulnerable go-git library to fetch or process Git repositories. The vulnerability requires user interaction to fetch from a malicious or compromised Git source.

Information Disclosure Go Git Red Hat +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

Adminer versions 5.4.1 and earlier suffer from a post-message validation bypass that allows remote attackers to trigger denial of service affecting all users. By sending a crafted POST request with array parameters to the version endpoint, an attacker can cause openssl_verify() to receive malformed input, resulting in a TypeError that crashes the application and returns HTTP 500 errors. Public exploit code exists for this vulnerability; administrators should upgrade to version 5.4.2 immediately.

PHP OpenSSL Adminer +1
NVD GitHub
EPSS 0% CVSS 8.1
HIGH POC PATCH This Week

Path normalization bypass in Filebrowser prior to 2.57.1 allows authenticated users to circumvent file access restrictions by injecting multiple slashes into request URLs, enabling unauthorized access to files designated as restricted. The vulnerability exploits a mismatch between the authorization validation logic and filesystem path resolution, affecting users running vulnerable versions. Public exploit code exists for this high-severity issue.

Authentication Bypass Filebrowser Suse
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Filebrowser versions prior to 2.57.1 allow authenticated users to reset passwords without verifying the current password due to case-sensitive validation logic that can be bypassed using mixed-case field names in API requests. An attacker with a valid JWT token obtained through XSS, session hijacking, or similar means could exploit this to perform account takeover. Public exploit code exists for this vulnerability, and a patch is available.

XSS Filebrowser Suse
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Memory exhaustion in Sliver C2 framework prior to version 1.7.0 allows unauthenticated remote attackers to bypass OTP validation in the DNS listener and create unbounded server-side sessions without expiry mechanisms. Public exploit code exists for this vulnerability, enabling attackers to repeatedly allocate sessions and exhaust server memory resources. The DNS C2 listener accepts bootstrap messages without proper authentication even when OTP enforcement is enabled.

DNS Wireguard Sliver +1
NVD GitHub
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

Faraday HTTP client library versions before 2.14.1 fail to properly validate protocol-relative URLs when merging user-supplied paths with base URLs, allowing attackers to redirect requests to arbitrary hosts via SSRF attacks. Applications that pass untrusted input to Faraday request methods like get() or post() are vulnerable to request hijacking. A patch is available in version 2.14.1 and later.

Ruby SSRF Faraday +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the audio playback subsystem where the RDPSND async thread processes queued audio packets after the channel has been closed and its internal state freed, causing a denial of service. The vulnerability affects systems running vulnerable FreeRDP versions and can be exploited remotely without authentication or user interaction. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the input event handling mechanism where unsynchronized access to cached channel callbacks can be freed or reinitialized by concurrent channel closure operations. An attacker with network access can trigger a denial of service condition by exploiting this race condition. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a buffer management error in audio format parsing that causes out-of-bounds memory access when processing malformed audio data. An attacker can exploit this vulnerability over the network without authentication to trigger a denial of service condition. A patch is available in FreeRDP 3.22.0 and later.

Buffer Overflow Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the URBDRC channel handler where asynchronous bulk transfer completions reference freed memory after channel closure, enabling denial of service attacks. An unauthenticated remote attacker can trigger this condition through malformed RDP protocol messages to crash the FreeRDP service. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in pointer handling where sdl_Pointer_New and sdl_Pointer_Free both attempt to free the same memory, causing a denial of service condition. An attacker with network access can trigger this memory corruption to crash RDP client instances without authentication. The vulnerability affects all users of vulnerable FreeRDP versions and is resolved in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a heap buffer overflow in the URBDRC USB redirection client enabling RCE through malicious RDP servers.

Buffer Overflow Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a use-after-free in ecam_encoder_compress allowing malicious RDP servers to crash or execute code on clients.

Use After Free Buffer Overflow Freerdp +2
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in audio format renegotiation that allows unauthenticated attackers to cause denial of service by triggering a crash through audio processing. The vulnerability occurs when the AUDIN format list is freed during renegotiation while the capture thread continues accessing the freed memory, affecting any system running vulnerable FreeRDP instances. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the libusb device interface selection code where error handling prematurely frees configuration data that subsequent code attempts to access, causing denial of service. This vulnerability affects systems using FreeRDP for remote desktop protocol operations and can be triggered remotely without authentication or user interaction. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 are vulnerable to a use-after-free condition where the video_timer component sends notifications after the control channel closes, dereferencing freed memory and causing denial of service. An unauthenticated remote attacker can trigger this crash by manipulating RDP session timing, making the vulnerability exploitable with no user interaction required. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP proxy versions prior to 3.22.0 are vulnerable to denial of service when processing specially crafted RDP server responses that trigger a null pointer dereference in the logon information handler. An unauthenticated attacker controlling a malicious RDP server can crash the FreeRDP proxy by sending a LogonInfoV2 PDU with empty domain or username fields. This vulnerability has been patched in version 3.22.0 and later.

Null Pointer Dereference Denial Of Service Freerdp +2
NVD GitHub VulDB
EPSS 0% CVSS 9.4
CRITICAL PATCH Act Now

Go Fiber web framework before 2.52.11 has a weak PRNG vulnerability (on Go < 1.24) that makes session tokens predictable, enabling session hijacking.

Golang CSRF Fiber +2
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Roundcube Webmail versions before 1.5.13 and 1.6.x before 1.6.13 fail to block SVG feImage elements when the "Block remote images" security feature is enabled, allowing attackers to bypass the protection and load remote content. This remote image bypass could enable tracking, information disclosure, or facilitate phishing attacks against users who rely on this feature to prevent remote content loading. No patch is currently available for this medium-severity vulnerability.

Information Disclosure Suse
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Antrea Kubernetes networking has an authentication bypass enabling unauthorized access to the Kubernetes network policy infrastructure.

Kubernetes Antrea Suse
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Nebula is a scalable overlay networking tool. [CVSS 8.1 HIGH]

Information Disclosure Nebula Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Authenticated operators in Sliver C2 framework versions prior to 1.6.11 can read arbitrary files on the server through a path traversal vulnerability in the website content subsystem, potentially exposing sensitive credentials, configurations, and cryptographic keys. Public exploit code exists for this vulnerability. The issue is resolved in version 1.6.11 and later.

Wireguard Path Traversal Sliver +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

calibre is an e-book manager. [CVSS 7.8 HIGH]

RCE Calibre Red Hat +1
NVD GitHub
EPSS 0% CVSS 8.2
HIGH POC PATCH This Week

Calibre 9.1.0 and earlier contains a path traversal vulnerability in EPUB conversion that allows malicious EPUB files to corrupt or modify arbitrary files writable by the Calibre process. The vulnerability exploits improper handling of CipherReference URIs in encryption metadata, enabling attackers to write outside the intended extraction directory. Public exploit code exists for this high-severity issue, which is patched in version 9.2.0.

Path Traversal Calibre Red Hat +1
NVD GitHub
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

Remote code execution in Calibre prior to version 9.2.0 through a path traversal flaw in the CHM reader allows local attackers to write arbitrary files with user permissions, enabling payload execution via the Windows Startup folder. Public exploit code exists for this vulnerability. Windows users should upgrade to Calibre 9.2.0 or later to remediate the risk.

Windows RCE Path Traversal +3
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The Rust time library versions 0.3.6 through 0.3.46 are vulnerable to denial of service through stack exhaustion when processing maliciously crafted RFC 2822 formatted input. An unauthenticated attacker can trigger recursive parsing of deprecated RFC 2822 features to exhaust stack memory and crash applications using affected versions. A patch implementing recursion depth limits is available in version 0.3.47 and later.

Denial Of Service Time Red Hat +1
NVD GitHub
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Unauthenticated attackers can bypass public link scope verification in OpenCloud Reva versions prior to 2.42.3 and 2.40.3 through a flaw in GRPC authorization middleware. By exploiting the archiver service, an attacker can create archives containing all resources accessible to the public link creator, resulting in unauthorized information disclosure. A patch is available in versions 2.42.3 and 2.40.3.

Authentication Bypass Opencloud Reva Suse
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Improper policy enforcement in OpenFGA versions 1.8.5 through 1.11.2 (and corresponding Helm Chart and Docker releases) allows authenticated users to bypass authorization checks through specially crafted tuple configurations that mix type-bound public and non-public access policies. An attacker with valid credentials can exploit mismatched tuple assignments to gain unauthorized access to protected resources by leveraging lexicographic object ID ordering in the authorization engine. No patch is currently available.

Docker Openfga Helm Charts +2
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Arbitrary file deletion in Gogs 0.13.3 and earlier allows authenticated repository contributors to exploit a path traversal flaw in the wiki page update function, enabling deletion of arbitrary files on the affected server. An attacker with wiki write access can manipulate the old_title parameter to traverse the filesystem and remove critical files. No patch is currently available for this high-severity vulnerability (CVSS 8.1).

Path Traversal Gogs Suse
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Gogs versions 0.13.3 and earlier are vulnerable to arbitrary file read and write operations through path traversal in the Git hook editing functionality, affecting self-hosted installations. An authenticated attacker with high privileges can exploit this vulnerability to access or modify files outside the intended directory. Public exploit code exists for this vulnerability, and no patch is currently available.

Path Traversal Gogs Suse
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Gogs versions 0.13.3 and earlier fail to enforce write permissions on the repository contents endpoint, allowing attackers with read-only access to modify files, create commits, and execute git push operations. An authenticated user possessing only read permissions can bypass authorization checks and gain unauthorized write access to repository contents. This affects self-hosted Gogs instances and has no patch currently available for affected versions.

Authentication Bypass Gogs Suse
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Denial of service in Gogs 0.13.3 and earlier allows authenticated users to crash the application by deleting repository files before synchronization. Public exploit code exists for this vulnerability, affecting self-hosted Git service deployments. A patch is available in versions 0.13.4 and 0.14.0+dev.

Denial Of Service Gogs Suse
NVD GitHub
EPSS 0% CVSS 7.6
HIGH POC PATCH This Week

Gophish <=0.12.1 is vulnerable to Incorrect Access Control. The administrative dashboard exposes each user’s long-lived API key directly inside the rendered HTML/JavaScript of the page on every login. [CVSS 7.6 HIGH]

Authentication Bypass Information Disclosure Gophish +1
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, Gogs’ 2FA recovery code validation does not scope codes by user, enabling cross-account bypass. [CVSS 8.8 HIGH]

Authentication Bypass Gogs Suse
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Gogs self-hosted Git service v0.13.3 has a command injection vulnerability enabling remote code execution through crafted repository operations.

Command Injection Gogs Suse
NVD GitHub
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connection link that, when visited, renders the attacker's display name without proper sanitization. [CVSS 7.7 HIGH]

Confluence Suse
NVD
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Command execution in pgAdmin 4 server mode allows authenticated attackers to bypass restore operation restrictions by extracting the restrict key during PLAIN-format dump file operations and injecting malicious payloads to re-enable meta-commands. An attacker with web interface access can race the restore process in real time to achieve reliable code execution on the pgAdmin host. No patch is currently available for this vulnerability.

Authentication Bypass Pgadmin 4 Suse
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content. [CVSS 5.3 MEDIUM]

Golang Denial Of Service Html +2
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Html contains a vulnerability that allows attackers to denial of service (DoS) if an attacker provides specially crafted HTML content (CVSS 5.3).

Golang Denial Of Service Html +2
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. [CVSS 5.5 MEDIUM]

Buffer Overflow Denial Of Service Red Hat +1
NVD Exploit-DB
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Navidrome versions prior to 0.60.0 allow authenticated users to trigger denial of service by requesting image resizing with extremely large parameters, causing uncontrolled memory allocation and potential disk exhaustion. Public exploit code exists for this vulnerability, which can crash the server process via the OOM killer or fill the cache directory with massive files. An attacker with valid credentials can achieve complete service outage without administrative privileges.

Linux Denial Of Service Navidrome +1
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

Navidrome versions before 0.60.0 contain a stored cross-site scripting vulnerability in song comment metadata that allows attackers to inject malicious scripts and steal user credentials when victims view affected music files. Public exploit code exists for this vulnerability. Administrators should upgrade to version 0.60.0 or later to remediate the risk.

XSS Navidrome Suse
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Devtron is an open source tool integration platform for Kubernetes. [CVSS 8.8 HIGH]

Kubernetes Devtron Suse
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Denial-of-service in cert-manager versions 1.18.0-1.18.4 and 1.19.0-1.19.2 allows network-adjacent attackers to crash the controller by poisoning DNS cache entries during ACME DNS-01 validation through unencrypted DNS traffic interception. An attacker positioned to intercept DNS queries from the cert-manager pod can inject malicious DNS responses that trigger a panic in the controller, disrupting certificate management operations in affected Kubernetes clusters. A patch is available for immediate deployment.

Kubernetes DNS Cert Manager +2
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

The Terraform/OpenTofu Proxmox Provider prior to version 0.93.1 contains a path traversal vulnerability in its SSH sudoer configuration documentation that permits attackers to escape directory restrictions using ../ sequences and modify arbitrary files on the system. Public exploit code exists for this vulnerability, affecting users who implement the documented SSH configuration. The vulnerability has been patched in version 0.93.1 and a fix is available.

SSH Proxmox Terraform Provider +1
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Path traversal in Alist prior to version 3.57.0 allows authenticated users to manipulate filename parameters and bypass directory restrictions within the same storage mount. Attackers can exploit this vulnerability to perform unauthorized file operations including deletion, movement, and copying across user boundaries. Public exploit code exists for this vulnerability.

Path Traversal Alist Suse
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL POC PATCH Act Now

Alist file manager has an improper certificate validation vulnerability allowing MITM attacks that could compromise file operations and stored credentials.

TLS Alist Suse
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Melange versions 0.14.0 through 0.40.2 allow local attackers with configuration file control to read arbitrary files from the host system through path traversal in license file path validation, potentially exfiltrating sensitive data embedded in generated SBOMs. This vulnerability affects build pipeline scenarios where configuration is user-controlled, such as pull request-driven CI or build-as-a-service environments. A patch is available in version 0.40.3.

Golang Path Traversal Melange +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Melange versions 0.10.0 through 0.40.2 allow unauthenticated command injection through the patch pipeline, enabling attackers to execute arbitrary shell commands on build hosts by injecting shell metacharacters into patch-related inputs such as series paths and filenames. This vulnerability affects users who build APK packages using melange build or melange license-check operations, particularly in CI/CD environments where build inputs may be controlled by untrusted sources. A patch is available in version 0.40.3 and later.

Command Injection RCE Melange +1
NVD GitHub
EPSS 0% CVSS 7.9
HIGH PATCH This Week

melange allows users to build apk packages using declarative pipelines. [CVSS 7.9 HIGH]

Command Injection RCE Melange +1
NVD GitHub
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Melange versions 0.11.3 through 0.40.2 suffer from a path traversal vulnerability in the retrieveWorkspace function that fails to validate tar entry paths, allowing an attacker with control over a QEMU guest VM's tar stream to write arbitrary files outside the intended workspace directory on the host system. An attacker exploiting this vulnerability could achieve arbitrary file write capabilities on the host machine, potentially leading to system compromise. A patch is available in version 0.40.3 and later.

Path Traversal Melange Suse
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Apko versions 0.14.8 through 1.1.0 are vulnerable to denial of service when processing APK packages from untrusted repositories due to missing decompression limits in the ExpandApk function. An attacker controlling a compromised APK repository can provide a malicious small, highly-compressed package that expands into a massive tar stream, exhausting disk space and CPU resources on the build host. The vulnerability affects Golang and Apko products and has been patched in version 1.1.1.

Golang Denial Of Service Apko +1
NVD GitHub
Prev Page 41 of 104 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy