OSV - Open Source Vulnerabilities

MINI-w9rh-h6x7-h6qr

MinimOS/nginx-proxy-manager-2
MinimOS/nginx-proxy-manager-2-rootfs

See record for full details

1 hour ago

Fix available

MGASA-2026-0026

Mageia:9/xen

Updated xen packages fix security vulnerabilities

2 hours ago

Fix available

MGASA-2026-0027

Mageia:9/libxml2

Updated libxml2 packages fix security vulnerabilities

2 hours ago

Fix available

MGASA-2026-0028

Mageia:9/gpsd

Updated gpsd packages fix security vulnerabilities

2 hours ago

Fix available

MGASA-2026-0029

Mageia:9/openssl

Updated openssl packages fix security vulnerabilities

2 hours ago

Fix available

GHSA-2733-6c58-pf27

npm/deephas

deepHas vulnerable to Prototype Pollution via constructor.prototype

4 hours ago

Fix available
Severity - 9.4 (Critical)

GHSA-923j-vrcg-hxwh

Go/github.com/chainguard-dev/malcontent

malcontent vulnerable to symlink Path Traversal via handleSymlink argument confusion in archive extraction

4 hours ago

Fix available
Severity - 5.5 (Medium)

GHSA-9m43-p3cx-w8j5

Go/github.com/chainguard-dev/malcontent

malcontent OCI image pull credential exfiltration via malicious registry token realm

4 hours ago

Fix available
Severity - 6.5 (Medium)

CVE-2026-25116

github.com/runtipi/runtipi

Runtipi vulnerable to unauthenticated docker-compose.yml Overwrite via Path Traversal

5 hours ago

Fix available
Severity - 7.6 (High)

CVE-2026-25063

github.com/gradle/gradle-completion

gradle-completion has a Bash command injection issue

5 hours ago

Fix available
Severity - 8.3 (High)

CGA-9f7m-cgx3-xx9v

Chainguard/tensorflow-cpu-jupyter
Chainguard/tensorflow-gpu-jupyter
Wolfi/tensorflow-cpu-jupyter

See record for full details

5 hours ago

Fix available

CVE-2026-24904

github.com/trusttunnel/trusttunnel

TrustTunnel has `client_random_prefix` rule bypass via fragmented or partial TLS ClientHello

5 hours ago

Fix available
Severity - 5.3 (Medium)

CVE-2026-24846

github.com/chainguard-dev/malcontent

malcontent's archive extraction could write outside extraction directory

5 hours ago

Fix available
Severity - 5.5 (Medium)

BIT-rum-2022-50806

Bitnami/rum

4images 1.9 - Remote Command Execution (RCE)

6 hours ago

No fix available
Severity - 8.6 (High)

BIT-ghost-2025-9862

Bitnami/ghost

Ghost 6.0.6 - SSRF via oEmbed Bookmark

6 hours ago

Fix available
Severity - 6.1 (Medium)

CVE-2026-22806

github.com/loft-sh/loft

vCluster Platform's Access Keys Allows Access Beyond Scope

7 hours ago

Fix available
Severity - 9.1 (Critical)