Package impact
Go / github.com/external-secrets/external-secrets
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-34984 | high | — | 8.0 | 2mo ago | External Secrets Operator has DNS-based secret exfiltration via getHostByName in External Secrets v2 template engine | |||
| CVE-2026-42875 | medium | — | 5.5 | 18d ago | External Secrets Operator has Namespace Isolation Bypass in CAProvider ConfigMap Resolution for SecretStore |