| CVE-2026-47125 |
high |
8.8 |
8.8 |
|
|
|
7d ago |
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/{id}/templates/variables endpoint, which writes the system-wide .env.g… |
| CVE-2026-45627 |
high |
8.2 |
8.2 |
|
|
|
12d ago |
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, the unauthenticated GET /api/app-images/logo endpoint reflects a user-supplied color query param… |
| CVE-2026-47179 |
high |
7.7 |
7.7 |
|
|
|
1d ago |
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.4, ProjectService.GetProjectFileContent returns the contents of any Docker Compose include directiv… |
| CVE-2026-42461 |
high |
7.5 |
7.5 |
|
|
|
21d ago |
Arcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env` secrets) |