Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
MINI-w9rh-h6x7-h6qr
  • MinimOS/nginx-proxy-manager-2
  • MinimOS/nginx-proxy-manager-2-rootfs
See record for full details 1 hour ago
  • Fix available
MGASA-2026-0026
  • Mageia:9/xen
Updated xen packages fix security vulnerabilities 2 hours ago
  • Fix available
MGASA-2026-0027
  • Mageia:9/libxml2
Updated libxml2 packages fix security vulnerabilities 2 hours ago
  • Fix available
MGASA-2026-0028
  • Mageia:9/gpsd
Updated gpsd packages fix security vulnerabilities 2 hours ago
  • Fix available
MGASA-2026-0029
  • Mageia:9/openssl
Updated openssl packages fix security vulnerabilities 2 hours ago
  • Fix available
GHSA-2733-6c58-pf27
  • npm/deephas
deepHas vulnerable to Prototype Pollution via constructor.prototype 4 hours ago
  • Fix available
  • Severity - 9.4 (Critical)
GHSA-923j-vrcg-hxwh
  • Go/github.com/chainguard-dev/malcontent
malcontent vulnerable to symlink Path Traversal via handleSymlink argument confusion in archive extraction 4 hours ago
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-9m43-p3cx-w8j5
  • Go/github.com/chainguard-dev/malcontent
malcontent OCI image pull credential exfiltration via malicious registry token realm 4 hours ago
  • Fix available
  • Severity - 6.5 (Medium)
CVE-2026-25116
  • github.com/runtipi/runtipi
Runtipi vulnerable to unauthenticated docker-compose.yml Overwrite via Path Traversal 5 hours ago
  • Fix available
  • Severity - 7.6 (High)
CVE-2026-25063
  • github.com/gradle/gradle-completion
gradle-completion has a Bash command injection issue 5 hours ago
  • Fix available
  • Severity - 8.3 (High)
CGA-9f7m-cgx3-xx9v
  • Chainguard/tensorflow-cpu-jupyter
  • Chainguard/tensorflow-gpu-jupyter
  • Wolfi/tensorflow-cpu-jupyter
See record for full details 5 hours ago
  • Fix available
CVE-2026-24904
  • github.com/trusttunnel/trusttunnel
TrustTunnel has `client_random_prefix` rule bypass via fragmented or partial TLS ClientHello 5 hours ago
  • Fix available
  • Severity - 5.3 (Medium)
CVE-2026-24846
  • github.com/chainguard-dev/malcontent
malcontent's archive extraction could write outside extraction directory 5 hours ago
  • Fix available
  • Severity - 5.5 (Medium)
BIT-rum-2022-50806
  • Bitnami/rum
4images 1.9 - Remote Command Execution (RCE) 6 hours ago
  • No fix available
  • Severity - 8.6 (High)
BIT-ghost-2025-9862
  • Bitnami/ghost
Ghost 6.0.6 - SSRF via oEmbed Bookmark 6 hours ago
  • Fix available
  • Severity - 6.1 (Medium)
CVE-2026-22806
  • github.com/loft-sh/loft
vCluster Platform's Access Keys Allows Access Beyond Scope 7 hours ago
  • Fix available
  • Severity - 9.1 (Critical)