linuxfoundation

550 tracked vulnerabilities.

CVE-2026-58211 MEDIUM
NATS Server: `no_auth_user` pre-CONNECT fast path bypasses user connection restrictions
Jul 08, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-58208 MEDIUM
NATS Server: MQTT-over-WebSocket Path Can Crash WebSocket-Only JetStream Servers Before MQTT Is Enabled
Jul 08, 2026
CVSS 6.8
EPSS 0.01
CVE-2026-58207 HIGH
NATS Server: Remote crash via integer overflow in Connz pagination
Jul 08, 2026
CVSS 7.7
EPSS 0.01
CVE-2026-58254 MEDIUM
NATS Server: Incomplete fix for CVE-2026-33249: Leaf node connections bypass Nats-Trace-Dest permission check
Jul 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58253 HIGH
NATS Server: Route API Auth Bypass
Jul 08, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-58252 MEDIUM
NATS Server: Subscribe Authz Bypass via Wildcard-Overlap
Jul 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58251 MEDIUM
NATS Server: Queue Subscribe Authz Bypass
Jul 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58250 HIGH
NATS Server: Pre-auth server crash via double INFO in leafnode handshake
Jul 08, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-58214 MEDIUM
NATS Server: MQTT subscribe ACL bypass via $MQTT.deliver.pubrel prefix (incomplete fix for CVE-2026-33217)
Jul 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-58213 HIGH
NATS Server MQTT Bridge - NATS Protocol Injection
Jul 08, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-58210 HIGH
NATS Server: MQTT partial CONNECT packets can exhaust pre-auth memory
Jul 08, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-58209 MEDIUM
NATS Server: MQTT retained and QoS replay bypass subscribe deny filters
Jul 08, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-44512 MEDIUM
ONNX: Null Pointer Dereference in Upsample Version Converter Adapter (Zero Inputs)
Jul 08, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-54712 MEDIUM
OpenTelemetry Javaagent RMI context propagation allows resource exhaustion
Jul 01, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-54704 MEDIUM
OpenTelemetry Java Instrumentation: JDBC Auto-Instrumentation Logging Clear-Text Passwords
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-53492 CRITICAL
containerd CRI checkpoint restore CDI annotation smuggling
Jul 01, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-53489 MEDIUM
containerd: Arbitrary host CRI log file read via symlink following in CRI checkpoint restore
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-50195 CRITICAL
containerd: CRI checkpoint import allows local image tag poisoning
Jul 01, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-47262 MEDIUM
containerd image-triggered runtime DoS via unbounded group parsing
Jul 01, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-46680 HIGH
containerd user ID handling bypass allows runAsNonRoot evasion
Jul 01, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-53488 HIGH
containerd CRI plugin: — image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pull
Jul 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-41579 LOW
runc: Malicious image with /dev symlink can trigger limited host filesystem integrity violations
Jul 01, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-3840 HIGH
Path Traversal in kedro-org/kedro
Jun 12, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-44477 CRITICAL
CloudNativePG Metrics Exporter - PostgreSQL Superuser Privilege Escalation
May 28, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-44247 MEDIUM
Volcano: Webhook server vulnerable to OOM due to unbounded HTTP request body size
May 27, 2026
CVSS 6.8
EPSS 0.00