Vendor
Kubernetes Sigs
Products
2
CVEs
2
Across products
2
Status
Private
Products
2- 1 CVE
- 1 CVE
Recent CVEs
2| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-7445 | Med | 0.42 | 6.5 | 0.00 | Sep 5, 2025 | Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs. | |
| CVE-2026-6437 | Med | 0.35 | 6.5 | 0.00 | Apr 17, 2026 | Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver (aws-efs-csi-driver) before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via comma injection. To remediate this issue, users should upgrade to version v3.0.1 |