Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 97 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-39961 Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource aivenaiven-operator Medium 6.8 2026-04-09 17:14:07 Deep Dive
CVE-2026-2437 WP Travel Engine - Travel and Tour Booking Plugin <= 6.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via wte_trip_tax Shortcode wptravelengineWP Travel Engine – Tour Booking Plugin – Tour Operator Software Medium 6.4 2026-04-04 08:25:19 Deep Dive
CVE-2026-1806 Tour & Activity Operator Plugin for TourCMS <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes tourcmsTour & Activity Operator Plugin for TourCMS Medium 6.4 2026-03-21 03:26:47 Deep Dive
CVE-2025-13490 IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that report metrics are vulnerable to loss of confidentiality IBMApp Connect Operator Medium 5.9 2026-03-03 19:58:18 Deep Dive
CVE-2026-27134 Strimzi: All CAs from a custom CA chain consisting of multiple CAs are trusted for mTLS user autentication strimzistrimzi-kafka-operator High 8.1 2026-02-20 23:05:04 Deep Dive
CVE-2026-27133 Strimzi All CAs from CA chain will be trusted in Kafka Connect and Kafka MirrorMaker 2 target clusters strimzistrimzi-kafka-operator Medium 5.9 2026-02-20 22:38:28 Deep Dive
CVE-2025-12755 Multiple vulnerabilities in IBM MQ Operator and Queue manager container images IBMMQ Operator Medium 4.0 2026-02-17 18:49:39 Deep Dive
CVE-2026-23990 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims controlplaneio-fluxcdflux-operator Medium 5.3 2026-01-21 22:25:57 Deep Dive
CVE-2025-12985 License Service: Privilege escalation vulnerability IBMIBM Licensing Operator High 8.4 2026-01-20 14:50:52 Deep Dive
CVE-2025-11393 Insights-runtimes-tech-preview/runtimes-inventory-rhel8-operator: improper proxy configuration allows unauthorized administrative commands Red HatRed Hat Lightspeed (formerly Insights) for Runtimes 1 High 8.7 2025-12-15 17:03:45 Deep Dive
CVE-2025-13888 Openshift-gitops-operator: openshift gitops: namespace admin cluster takeover via privileged jobs redhat-developergitops-operator Critical 9.1 2025-12-15 15:36:49 Deep Dive
CVE-2025-66623 Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands strimzistrimzi-kafka-operator High 7.4 2025-12-05 18:31:31 Deep Dive
CVE-2025-2843 Observability-operator: observability operator privilege escalation rhobsobservability-operator High 8.8 2025-11-12 16:36:05 Deep Dive
CVE-2025-26861 RSUPPORT RemoteCall Remote Support Program 代码问题漏洞 RSUPPORT CO., LTD.RemoteCall Remote Support Program (for Operator)--2025-10-15 06:07:01 Deep Dive
CVE-2025-26860 RSUPPORT RemoteCall Remote Support Program 代码问题漏洞 RSUPPORT CO., LTD.RemoteCall Remote Support Program (for Operator)--2025-10-15 06:06:42 Deep Dive
CVE-2025-7634 WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Unauthenticated Local File Inclusion wptravelengineWP Travel Engine – Tour Booking Plugin – Tour Operator Software Critical 9.8 2025-10-09 05:23:53 Deep Dive
CVE-2025-7526 WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Authenticated (Subscriber+) Arbitrary File Deletion via File Renaming wptravelengineWP Travel Engine – Tour Booking Plugin – Tour Operator Software Critical 9.8 2025-10-09 05:23:52 Deep Dive
CVE-2025-10725 Openshift-ai: overly permissive clusterrole allows authenticated users to escalate privileges to cluster admin opendatahub-ioopendatahub-operator Critical 9.9 2025-09-30 17:47:09 Deep Dive
CVE-2025-8941 Linux-pam: incomplete fix for cve-2025-6020 -- High 7.8 2025-08-13 14:42:38 Deep Dive
CVE-2025-7195 Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd operator-frameworkoperator-sdk Medium 6.4 2025-08-07 19:05:09 Deep Dive