Search:
| Image | Mirrored | Release | Binary/Package | Dependency | Vulnerability ID (CVE) | Severity | Status | Justification (for status not affected) | Type (language or OS) |
|---|---|---|---|---|---|---|---|---|---|
| rancher/hardened-calico:v3.32.1-build20260709 | false | RKE2 v1.33 prerelease | krb5 | krb5@1.20.1-150600.11.14.1 | SUSE-SU-2026:2848-1 | HIGH | affected | sles | |
| rancher/harvester-cloud-provider:v0.2.7 | false | RKE2 v1.33 prerelease | usr/bin/harvester-cloud-provider | kubevirt.io/kubevirt@v1.7.0 | CVE-2026-7374 | CRITICAL | affected | gobinary | |
| rancher/harvester-cloud-provider:v0.2.7 | false | RKE2 v1.33 prerelease | usr/bin/harvester-cloud-provider | kubevirt.io/kubevirt@v1.7.0 | CVE-2026-9804 | HIGH | affected | gobinary | |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | libopenssl-3-fips-provider | libopenssl-3-fips-provider@3.5.0-160000.7.1 | SUSE-SU-2026:22315-1 | HIGH | affected | sles | |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | libsolv-tools-base | libsolv-tools-base@0.7.36-160000.1.1 | SUSE-SU-2026:22172-1 | HIGH | affected | sles | |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | libsqlite3-0 | libsqlite3-0@3.51.3-160000.1.1 | SUSE-SU-2026:22166-1 | HIGH | affected | sles | |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | openssl-3 | openssl-3@3.5.0-160000.7.1 | SUSE-SU-2026:22315-1 | HIGH | affected | sles | |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | zypper | zypper@1.14.95-160000.1.1 | SUSE-SU-2026:22172-1 | HIGH | affected | sles | |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/net@v0.49.0 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/net@v0.49.0 | CVE-2026-39821 | HIGH | affected | gobinary | |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | kubevirt.io/kubevirt@v1.7.0 | CVE-2026-7374 | CRITICAL | affected | gobinary | |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | kubevirt.io/kubevirt@v1.7.0 | CVE-2026-9804 | HIGH | affected | gobinary | |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-39833 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-39834 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-46598 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-39833 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-39834 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-46598 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-calico-csi:v3.32.1 | true | RKE2 v1.33 prerelease | usr/bin/csi-driver | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-calico-ctl:v3.32.1 | true | RKE2 v1.33 prerelease | usr/bin/calicoctl | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-calico-node-driver-registrar:v3.32.1 | true | RKE2 v1.33 prerelease | usr/bin/node-driver-registrar | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-calico-node:v3.32.1 | true | RKE2 v1.33 prerelease | libacl | libacl@2.3.1-4.el9 | CVE-2026-54369 | HIGH | affected | redhat | |
| rancher/mirrored-calico-node:v3.32.1 | true | RKE2 v1.33 prerelease | usr/bin/calico-node | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-calico-operator:v1.42.3 | true | RKE2 v1.33 prerelease | usr/bin/operator | oras.land/oras-go/v2@v2.6.0 | CVE-2026-50151 | HIGH | affected | gobinary | |
| rancher/mirrored-calico-operator:v1.42.3 | true | RKE2 v1.33 prerelease | usr/bin/operator | oras.land/oras-go/v2@v2.6.0 | CVE-2026-50163 | HIGH | affected | gobinary | |
| rancher/mirrored-calico-operator:v1.42.3 | true | RKE2 v1.33 prerelease | usr/bin/operator | stdlib@v1.26.4 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-calico-pod2daemon-flexvol:v3.32.1 | true | RKE2 v1.33 prerelease | usr/local/bin/flexvol | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-39833 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-39834 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-46598 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | opt/cni/bin/cilium-cni | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-agent | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-bugtool | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-dbg | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-health | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-health-responder | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-mount | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-sysctlfix | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/hubble | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/clustermesh-apiserver | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-hubble-relay:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/hubble-relay | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | github.com/cilium/cilium@v1.19.2 | CVE-2026-41520 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | golang.org/x/net@v0.53.0 | CVE-2026-39821 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | golang.org/x/net@v0.53.0 | CVE-2026-25680 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | stdlib@v1.26.2 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-hubble-ui:v0.13.5 | true | RKE2 v1.33 prerelease | libcrypto3 | libcrypto3@3.5.6-r0 | CVE-2026-45447 | HIGH | affected | alpine | |
| rancher/mirrored-cilium-hubble-ui:v0.13.5 | true | RKE2 v1.33 prerelease | libssl3 | libssl3@3.5.6-r0 | CVE-2026-45447 | HIGH | affected | alpine | |
| rancher/mirrored-cilium-operator-aws:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-operator-aws | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-operator-azure:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-operator-azure | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-cilium-operator-generic:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-operator-generic | stdlib@v1.25.11 | CVE-2026-39822 | HIGH | affected | gobinary | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libcrypto3 | libcrypto3@3.5.5-r0 | CVE-2026-31789 | CRITICAL | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libcrypto3 | libcrypto3@3.5.5-r0 | CVE-2026-28387 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libcrypto3 | libcrypto3@3.5.5-r0 | CVE-2026-28388 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libcrypto3 | libcrypto3@3.5.5-r0 | CVE-2026-28389 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libcrypto3 | libcrypto3@3.5.5-r0 | CVE-2026-28390 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libcrypto3 | libcrypto3@3.5.5-r0 | CVE-2026-45447 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libssl3 | libssl3@3.5.5-r0 | CVE-2026-31789 | CRITICAL | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libssl3 | libssl3@3.5.5-r0 | CVE-2026-28387 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libssl3 | libssl3@3.5.5-r0 | CVE-2026-28388 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libssl3 | libssl3@3.5.5-r0 | CVE-2026-28389 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libssl3 | libssl3@3.5.5-r0 | CVE-2026-28390 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | libssl3 | libssl3@3.5.5-r0 | CVE-2026-45447 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | musl | musl@1.2.5-r21 | CVE-2026-40200 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | musl-utils | musl-utils@1.2.5-r21 | CVE-2026-40200 | HIGH | affected | alpine | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/net@v0.52.0 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/net@v0.52.0 | CVE-2026-39821 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/net@v0.48.0 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/net@v0.48.0 | CVE-2026-39821 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | stdlib@v1.25.9 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | stdlib@v1.25.9 | CVE-2026-42499 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | go.opentelemetry.io/otel@v1.40.0 | CVE-2026-29181 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | stdlib@v1.25.9 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | stdlib@v1.25.9 | CVE-2026-39836 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | go.opentelemetry.io/otel@v1.39.0 | CVE-2026-29181 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | golang.org/x/net@v0.48.0 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | golang.org/x/net@v0.48.0 | CVE-2026-39821 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | stdlib@v1.25.9 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/net@v0.48.0 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/net@v0.48.0 | CVE-2026-39821 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | stdlib@v1.25.9 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | stdlib@v1.25.9 | CVE-2026-42499 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/net@v0.49.0 | CVE-2026-33814 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/net@v0.49.0 | CVE-2026-39821 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | stdlib@v1.25.9 | CVE-2026-39820 | HIGH | affected | gobinary | |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | stdlib@v1.25.9 | CVE-2026-42499 | HIGH | affected | gobinary | |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-39833 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-39834 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-46598 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2025-47913 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-39828 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-39829 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-39831 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-39832 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-39835 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-42508 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-46595 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-46597 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-39833 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-39834 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/crypto@v0.37.0 | CVE-2026-46598 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/net@v0.39.0 | CVE-2026-33814 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/net@v0.39.0 | CVE-2026-39821 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | golang.org/x/net@v0.39.0 | CVE-2026-25680 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | google.golang.org/grpc@v1.68.1 | CVE-2026-33186 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/net@v0.54.0 | CVE-2026-39821 | HIGH | affected | gobinary | |
| registry.rancher.com/rancher/hardened-csi-resizer:v2.2.1-build20260710 | false | RKE2 v1.33 prerelease | csi-resizer | go.opentelemetry.io/otel/sdk@v1.40.0 | CVE-2026-39883 | HIGH | affected | gobinary | |
| rancher/hardened-addon-resizer:1.8.23-build20260708 | false | RKE2 v1.33 prerelease | pod_nanny | golang.org/x/oauth2@v0.24.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.32.1-build20260709 | false | RKE2 v1.33 prerelease | opt/cni/bin/dhcp | golang.org/x/net@v0.43.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.32.1-build20260709 | false | RKE2 v1.33 prerelease | opt/cni/bin/dhcp | golang.org/x/net@v0.43.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.32.1-build20260709 | false | RKE2 v1.33 prerelease | opt/cni/bin/dhcp | golang.org/x/net@v0.43.0 | CVE-2026-33814 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-calico:v3.32.1-build20260709 | false | RKE2 v1.33 prerelease | opt/cni/bin/dhcp | golang.org/x/net@v0.43.0 | CVE-2026-39821 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-cni-plugins:v1.9.1-build20260709 | false | RKE2 v1.33 prerelease | opt/cni/bin/dhcp | golang.org/x/net@v0.43.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-cni-plugins:v1.9.1-build20260709 | false | RKE2 v1.33 prerelease | opt/cni/bin/dhcp | golang.org/x/net@v0.43.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-cni-plugins:v1.9.1-build20260709 | false | RKE2 v1.33 prerelease | opt/cni/bin/dhcp | golang.org/x/net@v0.43.0 | CVE-2026-33814 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-cni-plugins:v1.9.1-build20260709 | false | RKE2 v1.33 prerelease | opt/cni/bin/dhcp | golang.org/x/net@v0.43.0 | CVE-2026-39821 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | go.opentelemetry.io/otel@v1.40.0 | CVE-2026-29181 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | go.opentelemetry.io/otel/sdk@v1.40.0 | CVE-2026-39883 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/net@v0.52.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/net@v0.52.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/net@v0.52.0 | CVE-2026-33814 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcd | golang.org/x/net@v0.52.0 | CVE-2026-39821 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcdctl | golang.org/x/net@v0.52.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcdctl | golang.org/x/net@v0.52.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcdctl | golang.org/x/net@v0.52.0 | CVE-2026-33814 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/hardened-etcd:v3.6.12-k3s1-build20260708 | false | RKE2 v1.33 prerelease | usr/local/bin/etcdctl | golang.org/x/net@v0.52.0 | CVE-2026-39821 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-cloud-provider:v0.2.7 | false | RKE2 v1.33 prerelease | usr/bin/harvester-cloud-provider | stdlib@v1.26.4 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | libopenssl3 | libopenssl3@3.5.0-160000.7.1 | SUSE-SU-2026:22315-1 | none | not affected | vulnerable code not in execute path | sles |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | libzypp | libzypp@17.38.5-160000.1.1 | SUSE-SU-2026:22172-1 | none | not affected | vulnerable code not in execute path | sles |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | tar | tar@1.35-160000.3.1 | SUSE-SU-2026:22377-1 | none | not affected | vulnerable code not in execute path | sles |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/crypto@v0.47.0 | CVE-2026-39828 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/crypto@v0.47.0 | CVE-2026-39829 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/crypto@v0.47.0 | CVE-2026-39830 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/crypto@v0.47.0 | CVE-2026-39831 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/crypto@v0.47.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/crypto@v0.47.0 | CVE-2026-39835 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/crypto@v0.47.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/crypto@v0.47.0 | CVE-2026-46595 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/crypto@v0.47.0 | CVE-2026-46597 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/net@v0.49.0 | CVE-2026-25681 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | golang.org/x/net@v0.49.0 | CVE-2026-27136 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | stdlib@v1.26.3 | CVE-2026-27145 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | stdlib@v1.26.3 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/harvester-csi-driver:v0.2.9 | false | RKE2 v1.33 prerelease | usr/bin/harvester-csi-driver | stdlib@v1.26.3 | CVE-2026-42504 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.51.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.51.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.51.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.51.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.51.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.51.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.51.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.51.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | golang.org/x/crypto@v0.51.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | oras.land/oras-go/v2@v2.6.0 | CVE-2026-50151 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-mapkubeapis/bin/mapkubeapis | oras.land/oras-go/v2@v2.6.0 | CVE-2026-50163 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | golang.org/x/crypto@v0.51.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | oras.land/oras-go/v2@v2.6.0 | CVE-2026-50151 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | home/klipper-helm/.local/share/helm/plugins/helm-set-status/helm-set-status | oras.land/oras-go/v2@v2.6.0 | CVE-2026-50163 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | golang.org/x/crypto@v0.51.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | oras.land/oras-go/v2@v2.6.0 | CVE-2026-50151 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/klipper-helm:v0.12.1-build20260709 | false | RKE2 v1.33 prerelease | usr/bin/helm | oras.land/oras-go/v2@v2.6.0 | CVE-2026-50163 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-apiserver:v3.32.1 | true | RKE2 v1.33 prerelease | code/apiserver | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-cni:v3.32.1 | true | RKE2 v1.33 prerelease | opt/cni/bin/calico | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-cni:v3.32.1 | true | RKE2 v1.33 prerelease | opt/cni/bin/flannel | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-cni:v3.32.1 | true | RKE2 v1.33 prerelease | opt/cni/bin/host-local | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-cni:v3.32.1 | true | RKE2 v1.33 prerelease | opt/cni/bin/install | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-cni:v3.32.1 | true | RKE2 v1.33 prerelease | opt/cni/bin/loopback | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-cni:v3.32.1 | true | RKE2 v1.33 prerelease | opt/cni/bin/portmap | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-cni:v3.32.1 | true | RKE2 v1.33 prerelease | opt/cni/bin/tuning | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-envoy-gateway:v3.32.1 | true | RKE2 v1.33 prerelease | usr/local/bin/envoy-gateway | stdlib@v1.26.4 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-envoy-ratelimit:v3.32.1 | true | RKE2 v1.33 prerelease | bin/ratelimit | stdlib@v1.26.4 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-goldmane:v3.32.1 | true | RKE2 v1.33 prerelease | goldmane | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-goldmane:v3.32.1 | true | RKE2 v1.33 prerelease | health | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-kube-controllers:v3.32.1 | true | RKE2 v1.33 prerelease | usr/bin/check-status | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-kube-controllers:v3.32.1 | true | RKE2 v1.33 prerelease | usr/bin/kube-controllers | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-kube-controllers:v3.32.1 | true | RKE2 v1.33 prerelease | usr/bin/wrapper | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-node:v3.32.1 | true | RKE2 v1.33 prerelease | usr/bin/mountns | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-typha:v3.32.1 | true | RKE2 v1.33 prerelease | usr/bin/calico-typha | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-calico-whisker-backend:v3.32.1 | true | RKE2 v1.33 prerelease | whisker-backend | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | golang.org/x/crypto@v0.51.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | stdlib@v1.26.3 | CVE-2026-27145 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | stdlib@v1.26.3 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-certgen:v0.4.5 | true | RKE2 v1.33 prerelease | usr/bin/cilium-certgen | stdlib@v1.26.3 | CVE-2026-42504 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-25679 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-27145 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-32280 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-32281 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-32283 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-33811 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-33814 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-39820 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-39836 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-42499 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | cni/loopback | stdlib@v1.25.7 | CVE-2026-42504 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-cilium:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/gops | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | go.opentelemetry.io/otel@v1.40.0 | CVE-2026-29181 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | go.opentelemetry.io/otel/sdk@v1.40.0 | CVE-2026-39883 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/crypto@v0.49.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/net@v0.52.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/net@v0.52.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/net@v0.52.0 | CVE-2026-33814 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | golang.org/x/net@v0.52.0 | CVE-2026-39821 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | stdlib@v1.25.10 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/etcd | stdlib@v1.25.10 | CVE-2026-42504 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-clustermesh-apiserver:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/gops | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-hubble-relay:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/gops | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | golang.org/x/net@v0.53.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | golang.org/x/net@v0.53.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | stdlib@v1.26.2 | CVE-2026-27145 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | stdlib@v1.26.2 | CVE-2026-33811 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | stdlib@v1.26.2 | CVE-2026-33814 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | stdlib@v1.26.2 | CVE-2026-39820 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | stdlib@v1.26.2 | CVE-2026-39836 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | stdlib@v1.26.2 | CVE-2026-42499 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-cilium-hubble-ui-backend:v0.13.5 | true | RKE2 v1.33 prerelease | usr/bin/backend | stdlib@v1.26.2 | CVE-2026-42504 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-operator-aws:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/gops | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-operator-azure:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/gops | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-cilium-operator-generic:v1.19.5 | true | RKE2 v1.33 prerelease | usr/bin/gops | stdlib@v1.25.11 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/crypto@v0.49.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/crypto@v0.49.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/crypto@v0.49.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/crypto@v0.49.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/crypto@v0.49.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/crypto@v0.49.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/crypto@v0.49.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/crypto@v0.49.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/crypto@v0.49.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/net@v0.52.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | golang.org/x/net@v0.52.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-27145 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-32280 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-32281 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-32283 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-33810 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-33811 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-33814 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-39820 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-39836 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-42499 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-kube-vip-kube-vip-iptables:v1.1.2 | true | RKE2 v1.33 prerelease | kube-vip | stdlib@v1.26.1 | CVE-2026-42504 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.46.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.46.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.46.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.46.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.46.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.46.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.46.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.46.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.46.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/net@v0.48.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/net@v0.48.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | stdlib@v1.25.9 | CVE-2026-33811 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | stdlib@v1.25.9 | CVE-2026-39820 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | stdlib@v1.25.9 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | stdlib@v1.25.9 | CVE-2026-39836 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-attacher:v4.11.0-20260428 | true | RKE2 v1.33 prerelease | csi-attacher | stdlib@v1.25.9 | CVE-2026-42504 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | golang.org/x/net@v0.49.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | golang.org/x/net@v0.49.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | golang.org/x/net@v0.49.0 | CVE-2026-33814 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | golang.org/x/net@v0.49.0 | CVE-2026-39821 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | stdlib@v1.25.9 | CVE-2026-33811 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | stdlib@v1.25.9 | CVE-2026-39820 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | stdlib@v1.25.9 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | stdlib@v1.25.9 | CVE-2026-42499 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-node-driver-registrar:v2.16.0-20260428 | true | RKE2 v1.33 prerelease | csi-node-driver-registrar | stdlib@v1.25.9 | CVE-2026-42504 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | golang.org/x/net@v0.48.0 | CVE-2026-25681 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | golang.org/x/net@v0.48.0 | CVE-2026-27136 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | stdlib@v1.25.9 | CVE-2026-33811 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | stdlib@v1.25.9 | CVE-2026-39820 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | stdlib@v1.25.9 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | stdlib@v1.25.9 | CVE-2026-39836 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20260428 | true | RKE2 v1.33 prerelease | csi-provisioner | stdlib@v1.25.9 | CVE-2026-42499 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/crypto@v0.46.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/crypto@v0.46.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/crypto@v0.46.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/crypto@v0.46.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/crypto@v0.46.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/crypto@v0.46.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/crypto@v0.46.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/crypto@v0.46.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/crypto@v0.46.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/net@v0.48.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | golang.org/x/net@v0.48.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | stdlib@v1.25.9 | CVE-2026-33811 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | stdlib@v1.25.9 | CVE-2026-39820 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | stdlib@v1.25.9 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-resizer:v2.1.0-20260428 | true | RKE2 v1.33 prerelease | csi-resizer | stdlib@v1.25.9 | CVE-2026-39836 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/crypto@v0.47.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/crypto@v0.47.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/crypto@v0.47.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/crypto@v0.47.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/crypto@v0.47.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/crypto@v0.47.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/crypto@v0.47.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/crypto@v0.47.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/crypto@v0.47.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/net@v0.49.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | golang.org/x/net@v0.49.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | stdlib@v1.25.9 | CVE-2026-33811 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | stdlib@v1.25.9 | CVE-2026-33814 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | stdlib@v1.25.9 | CVE-2026-39822 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/mirrored-longhornio-csi-snapshotter:v8.5.0-20260428 | true | RKE2 v1.33 prerelease | csi-snapshotter | stdlib@v1.25.9 | CVE-2026-39836 | none | not affected | vulnerable code not in execute path | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | golang.org/x/crypto@v0.51.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| rancher/rke2-cloud-provider:v1.33.13-0.20260610231102-b1a9339db253-build20260710 | false | RKE2 v1.33 prerelease | usr/local/bin/rke2-cloud-provider | google.golang.org/grpc@v1.72.1 | CVE-2026-33186 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | go.opentelemetry.io/otel/sdk@v1.33.0 | CVE-2026-24051 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-cloud-provider-vsphere:v1.33.1-build20260710 | false | RKE2 v1.33 prerelease | vsphere-cloud-controller-manager | go.opentelemetry.io/otel/sdk@v1.33.0 | CVE-2026-39883 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.51.0 | CVE-2026-39828 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.51.0 | CVE-2026-39829 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.51.0 | CVE-2026-39830 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.51.0 | CVE-2026-39831 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.51.0 | CVE-2026-39832 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.51.0 | CVE-2026-39835 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.51.0 | CVE-2026-42508 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.51.0 | CVE-2026-46595 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/crypto@v0.51.0 | CVE-2026-46597 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/net@v0.54.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-attacher:v4.12.0-build20260710 | false | RKE2 v1.33 prerelease | csi-attacher | golang.org/x/net@v0.54.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-node-driver-registrar:v2.17.0-build20260710 | false | RKE2 v1.33 prerelease | csi-node-driver-registrar | golang.org/x/net@v0.54.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-node-driver-registrar:v2.17.0-build20260710 | false | RKE2 v1.33 prerelease | csi-node-driver-registrar | golang.org/x/net@v0.54.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-csi-node-driver-registrar:v2.17.0-build20260710 | false | RKE2 v1.33 prerelease | csi-node-driver-registrar | golang.org/x/net@v0.54.0 | CVE-2026-39821 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/rancher/hardened-livenessprobe:v2.19.0-build20260710 | false | RKE2 v1.33 prerelease | livenessprobe | golang.org/x/net@v0.54.0 | CVE-2026-25681 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-livenessprobe:v2.19.0-build20260710 | false | RKE2 v1.33 prerelease | livenessprobe | golang.org/x/net@v0.54.0 | CVE-2026-27136 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/rancher/hardened-livenessprobe:v2.19.0-build20260710 | false | RKE2 v1.33 prerelease | livenessprobe | golang.org/x/net@v0.54.0 | CVE-2026-39821 | none | not affected | vulnerable code not in execute path | gobinary |