OSV - Open Source Vulnerabilities

MINI-hqwc-v47h-7xr5

MinimOS/bitwarden-sm-operator-1

See record for full details

2 days ago

No fix available

MINI-83wx-v82j-g36h

MinimOS/delve-fips-1.24

See record for full details

2 days ago

Fix available

MINI-6584-5cp7-9x9m

MinimOS/delve-1.24

See record for full details

2 days ago

No fix available

MINI-rc23-4jpp-qvmm

MinimOS/docker-scout-1.20

See record for full details

2 days ago

No fix available

MINI-rx6w-m49q-gch5

MinimOS/contour-1.32

See record for full details

2 days ago

No fix available

MINI-4wp4-72pj-hp65

MinimOS/contour-1.31

See record for full details

2 days ago

No fix available

MINI-pww3-75fp-gr5w

MinimOS/distribution-registry-2.8

See record for full details

6 days ago

No fix available

CLEANSTART-2026-EG39405

CleanStart/trino

Netty is an asynchronous, event-driven network application framework

11 Jun

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-BM78291

CleanStart/dex

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU

11 Jun

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-SQ76279

CleanStart/dex

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU

11 Jun

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-XC13942

CleanStart/mountpoint-s3-csi-driver

Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service

11 Jun

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-VN16911

CleanStart/wave

ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label

10 Jun

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-CP20786

CleanStart/nats-streaming

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU

10 Jun

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-GZ11549

CleanStart/certificate-transparency-trillian-ctserver

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations

10 Jun

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-EU52554

CleanStart/gostatsd

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files

10 Jun

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-RF77222

CleanStart/wave

ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label

10 Jun

Fix available
Severity - 9.8 (Critical)