VYPR

Go modules package

github.com/controlplaneio-fluxcd/flux-operator

pkg:golang/github.com/controlplaneio-fluxcd/flux-operator

Vulnerabilities (1)

  • CVE-2026-23990Jan 21, 2026
    affected >= 0.36.0, < 0.40.0fixed 0.40.0

    The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication