VYPR

Nuclio

by Nuclio

Source repositories

CVEs (2)

  • CVE-2026-45730higJun 4, 2026
    risk 0.39cvss epss 0.00

    This vulnerability exists in Nuclio Dashboard's project management API, allowing any authenticated user (without membership in the target project) to bypass OPA authorization checks on write paths (`PUT /api/projects/{id}`, `DELETE /api/projects`) and modify or delete any…

  • CVE-2026-29042Mar 6, 2026
    risk 0.00cvss epss 0.02

    Nuclio is a "Serverless" framework for Real-Time Events and Data Processing. Prior to version 1.15.20, the Nuclio Shell Runtime component contains a command injection vulnerability in how it processes user-supplied arguments. When a function is invoked via HTTP, the runtime…