NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2026-48044 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.23.0 until 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulne... 2026-06-26 7.5 NETWORK HIGH NVD
CVE-2026-48042 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSO... 2026-06-26 7.5 NETWORK HIGH NVD
CVE-2026-47778 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw... 2026-06-26 4.4 NETWORK MEDIUM NVD
CVE-2026-47775 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP f... 2026-06-26 6.8 NETWORK MEDIUM NVD
CVE-2026-47692 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, PROXY Pr... 2026-06-26 4.8 ADJACENT_NETWORK MEDIUM NVD
CVE-2026-47221 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the rout... 2026-06-26 5.9 NETWORK MEDIUM NVD
CVE-2026-47207 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy cr... 2026-06-26 6.5 NETWORK MEDIUM NVD
CVE-2026-47204 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the envo... 2026-06-26 6.5 NETWORK MEDIUM NVD
CVE-2026-57231 Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key ... 2026-06-26 7.5 NETWORK HIGH NVD
CVE-2026-55686 Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a s... 2026-06-26 5.3 NETWORK MEDIUM NVD
CVE-2026-54636 Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku use... 2026-06-26 9.0 NETWORK CRITICAL NVD
CVE-2026-45408 Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authentica... 2026-06-26 9.0 NETWORK CRITICAL NVD
CVE-2026-45407 Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKU_ROOT/.netrc using bash's touch command, which applies the default... 2026-06-26 5.0 LOCAL MEDIUM NVD
CVE-2026-45406 Dokku is a docker-powered PaaS. Prior to 0.38.2, the openresty-vhosts plugin copies files from an app's openresty/http-includes/ git repository direct... 2026-06-26 9.0 NETWORK CRITICAL NVD
CVE-2026-45405 Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary dir... 2026-06-26 9.0 NETWORK CRITICAL NVD