CVE-2026-10840
- EPSS 0.17%
- Veröffentlicht 04.06.2026 12:04:42
- Zuletzt bearbeitet 08.07.2026 13:16:27
A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Ku...
CVE-2025-11065
- EPSS 0.36%
- Veröffentlicht 26.01.2026 19:36:28
- Zuletzt bearbeitet 30.06.2026 00:16:51
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malfor...
CVE-2023-48795
- EPSS 93.31%
- Veröffentlicht 18.12.2023 16:15:10
- Zuletzt bearbeitet 12.05.2026 11:16:15
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client a...
CVE-2023-44487
- EPSS 100%
- Veröffentlicht 10.10.2023 14:15:10
- Zuletzt bearbeitet 12.05.2026 15:10:32
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.