Known Vulnerabilities for products from Linuxfoundation

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Linuxfoundation".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-58211 json NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12... Not Provided 2026-07-08 2026-07-09
CVE-2026-58208 json NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12... Not Provided 2026-07-08 2026-07-09
CVE-2026-58207 json NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12... Not Provided 2026-07-08 2026-07-09
CVE-2026-54712 json OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In ver... Not Provided 2026-07-01 2026-07-06
CVE-2026-54704 json OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In ver... Not Provided 2026-07-01 2026-07-06
CVE-2026-53492 json containerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperl... Not Provided 2026-07-01 2026-07-02
CVE-2026-53489 json containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin r... Not Provided 2026-07-01 2026-07-02
CVE-2026-53488 json containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin p... Not Provided 2026-07-01 2026-07-03
CVE-2026-50195 json containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI c... Not Provided 2026-07-01 2026-07-02
CVE-2026-47262 json containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerabi... Not Provided 2026-07-01 2026-07-02
CVE-2026-46680 json containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with... Not Provided 2026-07-01 2026-07-03
CVE-2026-45321 json On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published... Not Provided 2026-05-12 2026-05-29
CVE-2026-44477 json CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.... Not Provided 2026-05-28 2026-06-30
CVE-2026-44374 json Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @b... Not Provided 2026-05-14 2026-06-01
CVE-2026-44247 json Volcano is a Kubernetes-native batch scheduling system. Prior to v1.14.2, v1.13.3, and v1.12.4, the Volcano webhook server do... Not Provided 2026-05-27 2026-06-02
CVE-2026-41579 json runc is a CLI tool for spawning and running containers according to the OCI specification. In versions prior to 1.3.6, 1.4.0-... Not Provided 2026-07-01 2026-07-02
CVE-2026-41491 json Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. From versions 1.3.0 to... Not Provided 2026-05-08 2026-05-12
CVE-2026-40938 json Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prio... Not Provided 2026-04-21 2026-07-08
CVE-2026-40924 json Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prio... Not Provided 2026-04-21 2026-04-27
CVE-2026-40923 json Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prio... Not Provided 2026-04-21 2026-04-27

Known software with vulnerabilities from Linuxfoundation

Type Vendor Product Version
Operating
System
LinuxfoundationAcrn0.1
ApplicationLinuxfoundationArgo-cd0.10.0
ApplicationLinuxfoundationArgo Continuous Delivery-
ApplicationLinuxfoundationBesu-
ApplicationLinuxfoundationCeph-
ApplicationLinuxfoundationContainerd0.0.2
ApplicationLinuxfoundationCups-filters1.0
ApplicationLinuxfoundationDex-
ApplicationLinuxfoundationDojo0.9.0
ApplicationLinuxfoundationDojox0.9.0
ApplicationLinuxfoundationFoomatic4.0.12
ApplicationLinuxfoundationFoomatic-filters4.0.0
ApplicationLinuxfoundationFree Range Routing2.0
ApplicationLinuxfoundationHarbor0.1.0
ApplicationLinuxfoundationIndy-node0.3.13
ApplicationLinuxfoundationJaeger0.5.0
ApplicationLinuxfoundationNats-server-
ApplicationLinuxfoundationNats.deno0.1.0-0
ApplicationLinuxfoundationNats.js0.3.0
ApplicationLinuxfoundationNats.ws-
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report