Known Vulnerabilities for products from Linuxfoundation
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Linuxfoundation".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41491 json | Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. From versions 1.3.0 to... | Not Provided | 2026-05-08 | 2026-05-12 |
| CVE-2026-40938 json | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to before 1.11.0, the g... | Not Provided | 2026-04-21 | 2026-04-28 |
| CVE-2026-40924 json | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, the HTTP resolver... | Not Provided | 2026-04-21 | 2026-04-27 |
| CVE-2026-40923 json | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, a validation bypa... | Not Provided | 2026-04-21 | 2026-04-27 |
| CVE-2026-40161 json | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton P... | Not Provided | 2026-04-21 | 2026-04-24 |
| CVE-2026-39984 json | Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization ... | Not Provided | 2026-04-15 | 2026-04-23 |
| CVE-2026-35171 json | Kedro is a toolbox for production-ready data science. Prior to 1.3.0, Kedro allows the logging configuration file path to be ... | Not Provided | 2026-04-06 | 2026-04-14 |
| CVE-2026-35167 json | Kedro is a toolbox for production-ready data science. Prior to 1.3.0, the _get_versioned_path() method in kedro/io/core.py co... | Not Provided | 2026-04-06 | 2026-04-14 |
| CVE-2026-34992 json | Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to 2.4.5 and 2.5.2, a missing encryption v... | Not Provided | 2026-04-06 | 2026-04-27 |
| CVE-2026-34045 json | Podman Desktop is a graphical tool for developing on containers and Kubernetes. Prior to 1.26.2, an unauthenticated HTTP serv... | Not Provided | 2026-04-07 | 2026-04-15 |
| CVE-2026-33701 json | OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In ver... | Not Provided | 2026-03-27 | 2026-04-01 |
| CVE-2026-33015 json | EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop (Stop... | Not Provided | 2026-03-26 | 2026-03-31 |
| CVE-2026-33014 json | EVerest is an EV charging software stack. Prior to version 2026.02.0, during RemoteStop processing, a delayed authorization r... | Not Provided | 2026-03-26 | 2026-03-31 |
| CVE-2026-33009 json | EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to C++ UB (potential memory co... | Not Provided | 2026-03-26 | 2026-03-31 |
| CVE-2026-32613 json | Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL (Spring Expre... | Not Provided | 2026-04-20 | 2026-04-23 |
| CVE-2026-32604 json | Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and... | Not Provided | 2026-04-20 | 2026-04-23 |
| CVE-2026-32237 json | Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute... | Not Provided | 2026-03-12 | 2026-04-30 |
| CVE-2026-32236 json | Backstage is an open framework for building developer portals. Prior to 0.27.1, a Server-Side Request Forgery (SSRF) vulnerab... | Not Provided | 2026-03-12 | 2026-04-15 |
| CVE-2026-31890 json | Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux h... | Not Provided | 2026-03-12 | 2026-04-06 |
| CVE-2026-29185 json | Backstage is an open framework for building developer portals. Prior to version 1.20.1, a vulnerability in the SCM URL parsin... | Not Provided | 2026-03-07 | 2026-04-25 |
Known software with vulnerabilities from Linuxfoundation
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Linuxfoundation | Acrn | 0.1 |
| Application | Linuxfoundation | Argo-cd | 0.10.0 |
| Application | Linuxfoundation | Argo Continuous Delivery | - |
| Application | Linuxfoundation | Besu | - |
| Application | Linuxfoundation | Ceph | - |
| Application | Linuxfoundation | Containerd | 0.0.2 |
| Application | Linuxfoundation | Cups-filters | 1.0 |
| Application | Linuxfoundation | Dex | - |
| Application | Linuxfoundation | Dojo | 0.9.0 |
| Application | Linuxfoundation | Dojox | 0.9.0 |
| Application | Linuxfoundation | Foomatic | 4.0.12 |
| Application | Linuxfoundation | Foomatic-filters | 4.0.0 |
| Application | Linuxfoundation | Free Range Routing | 2.0 |
| Application | Linuxfoundation | Harbor | 0.1.0 |
| Application | Linuxfoundation | Indy-node | 0.3.13 |
| Application | Linuxfoundation | Jaeger | 0.5.0 |
| Application | Linuxfoundation | Nats-server | - |
| Application | Linuxfoundation | Nats.deno | 0.1.0-0 |
| Application | Linuxfoundation | Nats.js | 0.3.0 |
| Application | Linuxfoundation | Nats.ws | - |