Known Vulnerabilities for products from Linuxfoundation
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Linuxfoundation".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45321 json | On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published... | Not Provided | 2026-05-12 | 2026-05-29 |
| CVE-2026-44374 json | Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @b... | Not Provided | 2026-05-14 | 2026-06-01 |
| CVE-2026-41491 json | Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. From versions 1.3.0 to... | Not Provided | 2026-05-08 | 2026-05-12 |
| CVE-2026-40938 json | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prio... | Not Provided | 2026-04-21 | 2026-05-21 |
| CVE-2026-40924 json | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prio... | Not Provided | 2026-04-21 | 2026-04-27 |
| CVE-2026-40923 json | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prio... | Not Provided | 2026-04-21 | 2026-04-27 |
| CVE-2026-40161 json | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prio... | Not Provided | 2026-04-21 | 2026-05-21 |
| CVE-2026-39984 json | Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization ... | Not Provided | 2026-04-15 | 2026-04-23 |
| CVE-2026-37532 json | AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive... | Not Provided | 2026-05-01 | 2026-05-15 |
| CVE-2026-37531 json | AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race con... | Not Provided | 2026-05-01 | 2026-05-18 |
| CVE-2026-37530 json | AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The send_diagnostic_request... | Not Provided | 2026-05-01 | 2026-05-20 |
| CVE-2026-37526 json | AGL app-framework-binder (afb-daemon) through v19.90.0 allows any local process to execute privileged supervision commands (E... | Not Provided | 2026-05-01 | 2026-05-18 |
| CVE-2026-37525 json | AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the supervision Do co... | Not Provided | 2026-05-01 | 2026-05-18 |
| CVE-2026-35171 json | Kedro is a toolbox for production-ready data science. Prior to 1.3.0, Kedro allows the logging configuration file path to be ... | Not Provided | 2026-04-06 | 2026-04-14 |
| CVE-2026-35167 json | Kedro is a toolbox for production-ready data science. Prior to 1.3.0, the _get_versioned_path() method in kedro/io/core.py co... | Not Provided | 2026-04-06 | 2026-04-14 |
| CVE-2026-34992 json | Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to 2.4.5 and 2.5.2, a missing encryption v... | Not Provided | 2026-04-06 | 2026-04-27 |
| CVE-2026-34045 json | Podman Desktop is a graphical tool for developing on containers and Kubernetes. Prior to 1.26.2, an unauthenticated HTTP serv... | Not Provided | 2026-04-07 | 2026-04-15 |
| CVE-2026-33701 json | OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In ver... | Not Provided | 2026-03-27 | 2026-04-01 |
| CVE-2026-33015 json | EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop (Stop... | Not Provided | 2026-03-26 | 2026-03-31 |
| CVE-2026-33014 json | EVerest is an EV charging software stack. Prior to version 2026.02.0, during RemoteStop processing, a delayed authorization r... | Not Provided | 2026-03-26 | 2026-03-31 |
Known software with vulnerabilities from Linuxfoundation
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Linuxfoundation | Acrn | 0.1 |
| Application | Linuxfoundation | Argo-cd | 0.10.0 |
| Application | Linuxfoundation | Argo Continuous Delivery | - |
| Application | Linuxfoundation | Besu | - |
| Application | Linuxfoundation | Ceph | - |
| Application | Linuxfoundation | Containerd | 0.0.2 |
| Application | Linuxfoundation | Cups-filters | 1.0 |
| Application | Linuxfoundation | Dex | - |
| Application | Linuxfoundation | Dojo | 0.9.0 |
| Application | Linuxfoundation | Dojox | 0.9.0 |
| Application | Linuxfoundation | Foomatic | 4.0.12 |
| Application | Linuxfoundation | Foomatic-filters | 4.0.0 |
| Application | Linuxfoundation | Free Range Routing | 2.0 |
| Application | Linuxfoundation | Harbor | 0.1.0 |
| Application | Linuxfoundation | Indy-node | 0.3.13 |
| Application | Linuxfoundation | Jaeger | 0.5.0 |
| Application | Linuxfoundation | Nats-server | - |
| Application | Linuxfoundation | Nats.deno | 0.1.0-0 |
| Application | Linuxfoundation | Nats.js | 0.3.0 |
| Application | Linuxfoundation | Nats.ws | - |