Lucene search
+L

4 matches found

CISA
CISA
added 2026/03/26 12:0 p.m.12 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-33634link is external Aqua Security Trivy Embedded Malicious Code Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

9.4CVSS5.9AI score0.60368EPSS
In wildExploits2References6
Wiz blog
Wiz blog
added 2026/03/20 3:18 p.m.8 views

Trivy Compromised: Everything You Need to Know about the Latest Supply Chain Attack

On March 19, 2026, threat actors injected credential-stealing malware into Aqua Security’s Trivy scanner and related GitHub Actions. Learn how "TeamPCP" executed this breach and how to audit your environment...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/24 12:0 a.m.33 views

Aqua Security Trivy < 0.51.2 Credential Leak (GHSA-xcq4-m2r3-cmrj)

The version of Aqua Security Trivy installed on the remote host is prior to 0.51.2. It is, therefore, affected by a vulnerability as referenced in the GHSA-xcq4-m2r3-cmrj advisory. - If a malicious actor is able to trigger Trivy to scan container images from a crafted malicious registry, it could...

5.5CVSS5.7AI score0.0019EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/20 12:0 a.m.12 views

Aqua Security Trivy 安全漏洞

Aqua Security Trivy is a comprehensive and versatile security scanner from Aqua Security. A security vulnerability exists in Aqua Security Trivy versions prior to 0.51.2, which stems from a potential leak of registry credentials when scanning images from a malicious registry...

5.5CVSS5.4AI score0.0019EPSS
Exploits0References4
Rows per page
Query Builder