68 Total CVEs
52 AI Analyzed
0 CISA KEV
25 Critical
All Vendors
Showing 1-68 of 68 CVEs
CVE-2026-9165
Analyzed
7.7
Kubernetes Red Hat Advanced Cluster Security (RHACS)

A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS)

2026-07-07
CVE-2026-53492
Analyzed
8.4
Kubernetes containerd

containerd is an open-source container runtime

2026-07-02
CVE-2026-50570
Analyzed
8.5
Kubernetes Fission

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes

2026-06-12
CVE-2026-50566
Analyzed
9.9
Kubernetes Fission Framework

An RBAC flaw in Fission allows tenants to run privileged containers under high-privilege service accounts, enabling container-sandbox escape and clust...

2026-06-11
CVE-2026-50564
Analyzed
9.9
Kubernetes Fission (Kubernetes Framework)

Fission prior to 1.24.0 contains a vulnerability in its Environment CRD that allows for privilege escalation by propagating insecure podspec fields wi...

2026-06-11
CVE-2026-50563
Analyzed
9.9
Kubernetes Fission Framework

A privilege management flaw in Fission’s Container Executor allows tenants to supply arbitrary pod specifications, creating potential for unauthorized...

2026-06-11
CVE-2026-50545
Analyzed
9.9
Kubernetes Fission Framework

A validation flaw in Fission’s pod specification handling allows for the propagation of dangerous fields, leading to unauthorized control over generat...

2026-06-11
CVE-2026-49824
Analyzed
8.5
Kubernetes Fission

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes

2026-06-12
CVE-2026-49298
Analyzed
8.8
Kubernetes Airflow

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worke...

2026-06-03
CVE-2026-46614
Analyzed
9.8
Kubernetes Fission Router

A route authorization bypass in the Fission router allows unauthorized callers to invoke functions by guessing their metadata, bypassing defined HTTPT...

2026-06-11
CVE-2026-46612
Analyzed
8.8
Kubernetes Fission

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes

2026-06-11
CVE-2026-46519
Analyzed
8.8
Kubernetes mcp-server-kubernetes

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management

2026-06-12
CVE-2026-46389
Analyzed
10
Kubernetes UDS Identity Config

A logic error in the Kubernetes UDS Identity Config component allows attackers to bypass client secret authentication and obtain unauthorized OAuth2 t...

2026-06-06
CVE-2026-44935
Analyzed
9.9
Kubernetes Rancher

A missing validation vulnerability in the SUSE Rancher Fleet Helm Deployer allows authenticated tenants to access the fleet credentials of other tenan...

2026-07-03
CVE-2026-44543
Analyzed
8.7
Kubernetes capabilities can

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node

2026-05-29
CVE-2026-43824
7.7
Kubernetes Secret data

In Argo CD 3

2026-05-02
CVE-2026-42880
Analyzed
9.6
Kubernetes Secret data

A missing authorization gap in Argo CD allows read-only users to extract plaintext Kubernetes Secret data via the ServerSideDiff endpoint.

2026-05-08
CVE-2026-42457
Analyzed
9
Kubernetes platform for

A stored Cross-Site Scripting (XSS) vulnerability in the vCluster Platform allows attackers to execute arbitrary scripts and potentially escalate priv...

2026-05-15
CVE-2026-42296
Analyzed
8.1
Kubernetes Multiple Products

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes

2026-05-09
CVE-2026-42283
7.7
Kubernetes Multiple Products

DevSpace is a client-only developer tool for cloud-native development with Kubernetes

2026-05-16
CVE-2026-41246
8.1
Kubernetes ingress controller

Contour is a Kubernetes ingress controller using Envoy proxy

2026-04-24
CVE-2026-41052
Analyzed
9.4
Kubernetes Rancher

Improper privilege handling in SUSE Rancher allows authenticated users with the Project Owner role to escalate their privileges within the cluster.

2026-06-30
CVE-2026-41050
Analyzed
9.9
Kubernetes Fleet

The Fleet Helm deployer improperly handles ServiceAccount impersonation, allowing unauthorized access to secrets across Kubernetes namespaces.

2026-05-14
CVE-2026-40886
7.7
Kubernetes Multiple Products

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes

2026-04-24
CVE-2026-40324
Analyzed
9.1
Kubernetes Multiple Products

Hot Chocolate is an open-source GraphQL server. Prior to versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14, Hot Chocolate's recursive descent parser `Utf...

2026-04-18
CVE-2026-39884
8.3
Kubernetes is

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management

2026-04-16
CVE-2026-39429
8.2
Kubernetes and container

kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads

2026-04-09
CVE-2026-34487
Analyzed
7.5
Kubernetes Tomcat exposed

Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernete...

2026-04-11
CVE-2026-34045
8.2
Kubernetes Multiple Products

Podman Desktop is a graphical tool for developing on containers and Kubernetes

2026-04-08
CVE-2026-33413
8.8
Kubernetes does not

etcd is a distributed key-value store for the data of a distributed system

2026-03-27
CVE-2026-33226
8.7
Kubernetes APIs

Budibase is a low code platform for creating internal tools, workflows, and admin panels

2026-03-21
CVE-2026-32254
7.1
Kubernetes networking

Kube-router is a turnkey solution for Kubernetes networking

2026-03-19
CVE-2026-32241
7.5
Kubernetes Node annotations

Flannel is a network fabric for containers, designed for Kubernetes

2026-03-29
CVE-2026-29064
Analyzed
8.2
Kubernetes Zarf

Zarf is an Airgap Native Packager Manager for Kubernetes

2026-03-07
CVE-2026-28229
Analyzed
9.8
Kubernetes Argo Workflows

Argo Workflows template endpoints allow unauthenticated clients to leak sensitive WorkflowTemplates and Secret manifests by providing a malformed "Bea...

2026-03-12
CVE-2026-27173
Analyzed
8.7
Kubernetes Executors have

JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods

2026-05-20
CVE-2026-27134
Analyzed
8.1
Kubernetes Kafka cluster

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations

2026-02-21
CVE-2026-26056
8.8
Kubernetes resources or

Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer

2026-02-13
CVE-2026-26055
7.5
Kubernetes API Server

Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer

2026-02-14
CVE-2026-23881
Analyzed
7.7
Kubernetes Multiple Products

Kyverno is a policy engine designed for cloud native platform engineering teams

2026-01-28
CVE-2026-22806
Analyzed
9.1
Kubernetes Multiple Products

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to versions 4.6.0, 4.5.4, 4....

2026-01-30
CVE-2026-22771
Analyzed
8.8
Kubernetes Multiple Products

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway

2026-01-13
CVE-2026-22039
Analyzed
9.9
Kubernetes Multiple Products

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization bou...

2026-01-28
CVE-2026-1531
Analyzed
8.1
Kubernetes Multiple Products

A flaw was found in foreman_kubevirt

2026-02-02
CVE-2026-1530
Analyzed
8.1
Kubernetes Multiple Products

A flaw was found in fog-kubevirt

2026-02-02
CVE-2025-9276
Analyzed
9.8
Kubernetes Multiple Products

Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to...

2025-09-02
CVE-2025-7342
Analyzed
7.5
Kubernetes Multiple Products

A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the image build process

2025-08-18
CVE-2025-66626
8.1
Kubernetes Multiple Products

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes

2025-12-10
CVE-2025-66623
Analyzed
7.4
Kubernetes Multiple Products

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations

2025-12-06
CVE-2025-64709
Analyzed
9.6
Kubernetes Multiple Products

Typebot is an open-source chatbot builder. In versions prior to 3.13.1, a Server-Side Request Forgery (SSRF) vulnerability in the Typebot webhook bloc...

2025-11-14
CVE-2025-62156
8.1
Kubernetes Multiple Products

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes

2025-10-14
CVE-2025-61688
Analyzed
8.6
Kubernetes Multiple Products

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud

2025-10-13
CVE-2025-59823
Analyzed
9.9
Kubernetes Multiple Products

Project Gardener implements the automated management and operation of Kubernetes clusters as a service. Code injection may be possible in Gardener Ext...

2025-09-25
CVE-2025-59538
Analyzed
7.5
Kubernetes Multiple Products

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes

2025-10-01
CVE-2025-59537
Analyzed
7.5
Kubernetes Multiple Products

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes

2025-10-01
CVE-2025-59531
Analyzed
7.5
Kubernetes Multiple Products

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes

2025-10-01
CVE-2025-59361
Analyzed
9.8
Kubernetes Multiple Products

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthen...

2025-09-15
CVE-2025-59360
Analyzed
9.8
Kubernetes Multiple Products

The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthen...

2025-09-15
CVE-2025-59359
Analyzed
9.8
Kubernetes Multiple Products

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthentica...

2025-09-15
CVE-2025-59358
Analyzed
7.5
Kubernetes Multiple Products

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides...

2025-09-15
CVE-2025-55205
Analyzed
9
Kubernetes Multiple Products

Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows...

2025-08-19
CVE-2025-55190
Analyzed
9.9
Kubernetes Multiple Products

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0...

2025-09-05
CVE-2025-54469
Analyzed
9.9
Kubernetes Multiple Products

A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to generate a command...

2025-10-30
CVE-2025-53547
8.5
Kubernetes Multiple Products

Helm is a package manager for Charts for Kubernetes

2025-07-08
CVE-2025-53542
Analyzed
7.7
Kubernetes Multiple Products

Headlamp is an extensible Kubernetes web UI

2025-07-11
CVE-2025-41240
Analyzed
10
Kubernetes Multiple Products

Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/opt/bitnami/*/secrets) that is located within the web server document ro...

2025-07-25
CVE-2025-14459
Analyzed
8.5
Kubernetes Multiple Products

A flaw was found in KubeVirt Containerized Data Importer (CDI)

2026-01-27
CVE-2024-58259
Analyzed
8.2
Kubernetes Multiple Products

A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public (unauthenticated)...

2025-09-02