Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-57231 |
|
Information Disclosure in podman-project (CVE-2026-57231)
vulnerability in podman-project (CVE-2026-57231). Confidential information can be exposed externally. Mitigation: upgrade to `5.8.4` or later.
|
| CVE-2026-53492 |
|
Vulnerability in github.com/containerd/containerd/v2 (CVE-2026-53492)
vulnerability in github.com/containerd/containerd/v2 (CVE-2026-53492). Confidential information can be exposed externally. Mitigation: upgrade to `2.3.2` or later.
|
| CVE-2026-53489 |
|
Vulnerability in github.com/containerd/containerd/v2 (CVE-2026-53489)
vulnerability in github.com/containerd/containerd/v2 (CVE-2026-53489). Confidential information can be exposed externally. Exploitable via ``container.log``. Mitigation: upgrade to `2.3.2` or later.
|
| CVE-2026-53488 |
|
Vulnerability in github.com/containerd/containerd (CVE-2026-53488)
vulnerability in github.com/containerd/containerd (CVE-2026-53488). Successful exploitation can lead to full system takeover. Exploitable via ``LABEL``. Mitigation: upgrade to `1.7.33` or later.
|
| CVE-2026-47262 |
|
Vulnerability in github.com/containerd/containerd/v2 (CVE-2026-47262)
vulnerability in github.com/containerd/containerd/v2 (CVE-2026-47262). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.2` or later.
|
| CVE-2026-50195 |
|
Vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195)
vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195). Successful exploitation can lead to full system takeover. Exploitable via ``IfNotPresent``. Mitigation: upgrade to `2.3.2` or later.
|
| CVE-2026-55686 |
|
Vulnerability in github.com/containers/podman/v5 (CVE-2026-55686)
vulnerability in github.com/containers/podman/v5 (CVE-2026-55686). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.7.1` or later.
|
| CVE-2026-5817 |
|
Vulnerability in docker (CVE-2026-5817)
vulnerability in docker (CVE-2026-5817). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5843 |
|
Vulnerability in docker (CVE-2026-5843)
vulnerability in docker (CVE-2026-5843). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6406 |
|
Authorization Flaw in docker (CVE-2026-6406)
vulnerability in docker (CVE-2026-6406). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46680 |
|
Privilege Escalation in github.com/containerd/containerd (CVE-2026-46680)
vulnerability in github.com/containerd/containerd (CVE-2026-46680). Successful exploitation can lead to full system takeover. Exploitable via ``User``. Mitigation: upgrade to `1.7.32` or later.
|
| CVE-2026-42306 |
|
Vulnerability in github.com/docker/docker (CVE-2026-42306)
vulnerability in github.com/docker/docker (CVE-2026-42306). Data can be tampered with by attackers. Exploitable via `PUT /containers/{id}/archive`. Mitigation: upgrade to `2.0.0-beta.14` or later.
|
| CVE-2026-41568 |
|
Vulnerability in github.com/docker/docker (CVE-2026-41568)
vulnerability in github.com/docker/docker (CVE-2026-41568). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /containers/{id}/archive`. Mitigation: upgrade to `2.0.0-beta.14` or later.
|
| CVE-2026-42454 |
|
OS Command Injection in docker (CVE-2026-42454)
OS command injection in docker (CVE-2026-42454). Successful exploitation can lead to full system takeover. Exploitable via `GET /docker/containers/`.
|
| CVE-2026-42298 |
|
Code Injection in docker (CVE-2026-42298)
code injection in docker (CVE-2026-42298). Successful exploitation can lead to full system takeover. Exploitable via ``GITHUB_TOKEN``. Mitigation: upgrade to `>= 0` or later.
|
| CVE-2026-42302 |
|
Vulnerability in openai-sdk (CVE-2026-42302)
vulnerability in openai-sdk (CVE-2026-42302). Successful exploitation can lead to full system takeover. Exploitable via ``entrypoint.sh``.
|
| CVE-2026-41512 |
|
Code Injection in gem (CVE-2026-41512)
code injection in gem (CVE-2026-41512). Successful exploitation can lead to full system takeover. Exploitable via `POST /targets/auto_detect_selectors`.
|
| CVE-2026-42880 |
|
Information Disclosure in argo-cd (CVE-2026-42880)
vulnerability in argo-cd (CVE-2026-42880). Confidential information can be exposed externally.
|
| CVE-2026-34282 |
|
Vulnerability in java (CVE-2026-34282)
vulnerability in java (CVE-2026-34282). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
|
| CVE-2026-34268 |
|
Vulnerability in java (CVE-2026-34268)
vulnerability in java (CVE-2026-34268). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
|
| CVE-2026-23865 |
|
Vulnerability in java (CVE-2026-23865)
vulnerability in java (CVE-2026-23865). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
|
| CVE-2026-22021 |
|
Vulnerability in java (CVE-2026-22021)
vulnerability in java (CVE-2026-22021). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
|
| CVE-2026-22013 |
|
Vulnerability in java (CVE-2026-22013)
vulnerability in java (CVE-2026-22013). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
|
| CVE-2026-22008 |
|
Vulnerability in java (CVE-2026-22008)
vulnerability in java (CVE-2026-22008). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `25.0.2` or later.
|
| CVE-2026-22007 |
|
Vulnerability in java (CVE-2026-22007)
vulnerability in java (CVE-2026-22007). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
|
| CVE-2026-22003 |
|
Vulnerability in java (CVE-2026-22003)
vulnerability in java (CVE-2026-22003). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-21947 |
|
Cross-Site Scripting (XSS) in java (CVE-2026-21947)
cross-site scripting in java (CVE-2026-21947). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2026-21945 |
|
Vulnerability in java (CVE-2026-21945)
vulnerability in java (CVE-2026-21945). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
|
| CVE-2026-21933 |
|
Vulnerability in java (CVE-2026-21933)
vulnerability in java (CVE-2026-21933). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
|
| CVE-2026-21932 |
|
Vulnerability in java (CVE-2026-21932)
vulnerability in java (CVE-2026-21932). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
|
| CVE-2026-21925 |
|
Vulnerability in java (CVE-2026-21925)
vulnerability in java (CVE-2026-21925). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
|
| CVE-2026-20676 |
|
Vulnerability in java (CVE-2026-20676)
vulnerability in java (CVE-2026-20676). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-20652 |
|
Vulnerability in java (CVE-2026-20652)
vulnerability in java (CVE-2026-20652). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-20644 |
|
Buffer Overflow in java (CVE-2026-20644)
vulnerability in java (CVE-2026-20644). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-20636 |
|
Buffer Overflow in java (CVE-2026-20636)
vulnerability in java (CVE-2026-20636). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-20635 |
|
Buffer Overflow in java (CVE-2026-20635)
vulnerability in java (CVE-2026-20635). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-20608 |
|
Vulnerability in java (CVE-2026-20608)
vulnerability in java (CVE-2026-20608). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2025-7425 |
|
Use-After-Free in java (CVE-2025-7425)
vulnerability in java (CVE-2025-7425). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2025-7424 |
|
Vulnerability in java (CVE-2025-7424)
vulnerability in java (CVE-2025-7424). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2025-61748 |
|
Vulnerability in java (CVE-2025-61748)
vulnerability in java (CVE-2025-61748). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `21.0.9, 25.0.1` or later.
|
| CVE-2025-6052 |
|
Vulnerability in java (CVE-2025-6052)
vulnerability in java (CVE-2025-6052). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2025-53066 |
|
Information Disclosure in java (CVE-2025-53066)
vulnerability in java (CVE-2025-53066). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.0, 8.0.471, 11.0.29, 17.0.17, 21.0.9, 25.0.1` or later.
|
| CVE-2025-53057 |
|
Vulnerability in java (CVE-2025-53057)
vulnerability in java (CVE-2025-53057). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.471, 11.0.29, 17.0.17, 21.0.9, 25.0.1` or later.
|
| CVE-2025-50106 |
|
Vulnerability in java (CVE-2025-50106)
vulnerability in java (CVE-2025-50106). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.0, 8.0.461, 11.0.28, 17.0.16, 21.0.8, 24.0.2` or later.
|
| CVE-2025-50059 |
|
Vulnerability in java (CVE-2025-50059)
vulnerability in java (CVE-2025-50059). Confidential information can be exposed externally. Mitigation: upgrade to `11.0.28, 17.0.16, 21.0.8, 24.0.2` or later.
|
| CVE-2025-47219 |
|
Out-of-Bounds Read in java (CVE-2025-47219)
vulnerability in java (CVE-2025-47219). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2025-43457 |
|
Use-After-Free in java (CVE-2025-43457)
vulnerability in java (CVE-2025-43457). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2025-32415 |
|
Vulnerability in java (CVE-2025-32415)
vulnerability in java (CVE-2025-32415). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.461` or later.
|
| CVE-2025-32414 |
|
Vulnerability in java (CVE-2025-32414)
vulnerability in java (CVE-2025-32414). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.461` or later.
|
| CVE-2025-30761 |
|
Vulnerability in java (CVE-2025-30761)
vulnerability in java (CVE-2025-30761). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.461, 11.0.28` or later.
|