Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how kubernetes compares to other vendors in security performance

View Risk Score →

Esri Portal for ArcGISIncorrect privilege assignment in Portal for ArcGIS

Risk 86
Severity
9.8
First published (updated )
CVE-2026-33519

Red Hat OpenShiftSummary: Possible DOS in SPDY streaming code, used for attach, exec and port forwarding. Requiremen…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2457729

oss-sec[kubernetes] CVE-2026-3865: CSI Driver for SMB path traversal via subDir may delete unintended dictories on the SMB server

First published (updated )
CVE-2026-3865

oss-sec[kubernetes] CVE-2026-3865: CSI Driver for SMB path traversal via subDir may delete unintended dictories on the SMB server

First published (updated )
https://seclists.org/oss-sec/2026/q2/97

Kubernetes Nginx Ingress Controlleringress-nginx comment-based nginx configuration injection

Risk 59
Severity
8.8
EPSS
0.04%
First published (updated )
CVE-2026-4342
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

oss-sec[kubernetes] CVE-2026-4342: ingss-nginx comment-based nginx configuration injection

First published (updated )
https://seclists.org/oss-sec/2026/q1/353

Kubernetes CSI Driver for NFSCSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS server

Risk 38
Severity
6.5
EPSS
0.10%
First published (updated )
CVE-2026-3864

oss-sec[kubernetes] CVE-2026-3864: CSI Driver for NFS path traversal via subDir may delete unintended dictories on the NFS server

First published (updated )
https://seclists.org/oss-sec/2026/q1/322

Kubernetes ingress-nginxingress-nginx rewrite-target nginx configuration injection

Risk 58
Severity
8.8
EPSS
0.04%
First published (updated )
CVE-2026-3288

F5 BIG-IP Container Ingress ServicesBIG-IP Container Ingress Services vulnerability

Risk 27
Severity
6.9
EPSS
0.04%
First published (updated )
CVE-2026-22549
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

[kubernetes] CVE-2025-13281: Portworx Half-Blind SSRF in kube-controller-manager

First published (updated )
https://seclists.org/oss-sec/2025/q4/221

Esri ArcGIS ServerBUG-000179884 - There is a security vulnerability in ArcGIS Server Feature Services.

Risk 87
Severity
10
First published (updated )
CVE-2025-57870

Kubernetes C# ClientKubernetes C# Client: improper certificate validation in custom CA mode may lead to man-in-the-middle attacks

Risk 39
Severity
6.8
EPSS
0.01%
First published (updated )
CVE-2025-9708

[kubernetes] CVE-2025-9708: Kubernetes C# Client: improper certificate validation in custom CA mode may lead to man-in-the-middle attacks

First published (updated )
https://seclists.org/oss-sec/2025/q3/169

Kubernetes secrets-store-sync-controllerKubernetes secrets-store-sync-controller discloses service account tokens in logs

Risk 36
Severity
6.5
First published (updated )
CVE-2025-7445
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

go/k8s.io/kubernetesNodes can delete themselves by adding an OwnerReference

Risk 57
Severity
6.7
First published (updated )
CVE-2025-5187

Kubernetes Image BuilderVM images built with Kubernetes Image Builder Nutanix or OVA providers use default credentials for Windows images if user did not override

Risk 72
Severity
7.5
First published (updated )
CVE-2025-7342

[kubernetes] CVE-2025-7342: VM images built with Kubernetes Image Builder Nutanix or OVA providers use default cdentials for Windows images if user did not override

First published (updated )
https://seclists.org/oss-sec/2025/q3/56

Kubernetes HeadlampKubernetes Headlamp Allows Arbitrary Command Injection in macOS Process headlamp@codeSign

Risk 64
Severity
7.8
First published (updated )
CVE-2025-53542

go/k8s.io/kubernetesNodes can bypass dynamic resource allocation authorization checks

Risk 17
Severity
2.7
First published (updated )
CVE-2025-4563
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

[kubernetes] CVE-2025-4563: Nodes can bypass dynamic source allocation authorization checks

First published (updated )
https://seclists.org/oss-sec/2025/q2/267

[kubernetes] Race Condition in Go allows Volume Deletion in older Kubernetes versions

First published (updated )
https://seclists.org/oss-sec/2025/q2/259

BleepingComputerMicrosoft finds default Kubernetes Helm charts can expose data

First published (updated )
News
BleepingComputer

[kubernetes] Multiple vulnerabilities in ingss-nginx

First published (updated )
https://seclists.org/oss-sec/2025/q1/244

Kubernetes kubernetesNetwork restriction bypass via race condition during namespace termination

Risk 19
Severity
3.1
First published (updated )
CVE-2024-7598
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

[kubernetes] CVE-2024-7598: Network striction bypass via race condition during namespace termination

First published (updated )
https://seclists.org/oss-sec/2025/q1/234

Kubernetes gitRepo volume[kubernetes] CVE-2025-1767: Gitpo Volume Inadvertent Local pository Access

Risk 53
Severity
6.5
First published (updated )
CVE-2025-1767

[kubernetes] CVE-2025-1767: Gitpo Volume Inadvertent Local pository Access

First published (updated )
https://seclists.org/oss-sec/2025/q1/213

Kubernetes kubernetesA security issue was discovered in Kubernetes where a large number of container checkpoint requests …

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2345617

[kubernetes] CVE-2025-0426: Node Denial of Service via kubelet Checkpoint API

First published (updated )
https://seclists.org/oss-sec/2025/q1/126
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203