Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
CLEANSTART-2026-IS05941
  • CleanStart/thingsboard
 CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native 23 Apr
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-CK64127
  • CleanStart/thingsboard
 Security fixes for ghsa-6rw7-vpxm-498p, ghsa-73rr-hh4g-fpgx, ghsa-8qq5-rm4j-mr97, ghsa-wqch-xfxh-vrr4 applied in versions: 4.2.1.1-r1 01 Apr
  • Fix available
CLEANSTART-2026-JK47870
  • CleanStart/thingsboard
 Security fixes for CVE-2025-66614, CVE-2026-1225, CVE-2026-24281, CVE-2026-24308, CVE-2026-24733, ghsa-6rw7-vpxm-498p, ghsa-73rr-hh4g-fpgx, ghsa-8qq5-rm4j-mr97, ghsa-wqch-xfxh-vrr4 applied in versions: 4.2.1.1-r1, 4.3.1-r0 01 Apr
  • Fix available
MINI-rpgf-xhrq-jcc8
  • MinimOS/kibana-9.2
  • MinimOS/kibana-9.2-advanced
  • MinimOS/kibana-9.2-config
  • MinimOS/kibana-9.2-oci-entrypoint
 See record for full details 02 Dec 2025
  • Fix available
GHSA-wqch-xfxh-vrr4
  • npm/body-parser
 body-parser is vulnerable to denial of service when url encoding is used 25 Nov 2025
  • Fix available
  • Severity - 5.5 (Medium)
CVE-2025-13466
  • Not specified
 See record for full details 24 Nov 2025
  • No fix available
  • Severity - 5.5 (Medium)