CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2026/03/26 3:1 p.m.•5 views

CVE-2026-33634

Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in aquasecurity/trivy-action to credential-stealing malware, and replace all 7 tags in aquasecurity/setup-trivy with malicious...

9.4CVSS6.2AI score0.60368EPSS

Exploits2References1

SUSE CVE•added 2026/03/25 12:23 a.m.•2 views

SUSE CVE-2026-33634

9.4CVSS6.2AI score0.60368EPSS

Exploits2References4

EUVD•added 2026/03/24 5:53 p.m.•2 views

EUVD-2026-14601

Trivy ecosystem supply chain was briefly compromised...

9.4CVSS6AI score0.60368EPSS

Exploits2References3

OSV•added 2026/03/24 5:53 p.m.•2 views

GHSA-69FQ-XP46-6X23 Trivy ecosystem supply chain was briefly compromised

Summary On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in aquasecurity/trivy-action to credential-stealing malware, and replace all 7 tags in aquasecurity/setup-trivy with malicious commits. On March 22...

9.4CVSS6.2AI score0.60368EPSS

Exploits2References16

NVD•added 2026/03/23 10:16 p.m.•4 views

CVE-2026-33634

9.4CVSS0.60368EPSS

Exploits2References14

CVE•added 2026/03/23 9:47 p.m.•42 views

CVE-2026-33634

CVE-2026-33634 is tied to a supply-chain compromise involving Aqua Security Trivy. Concrete details show: (1) affected items include Trivy binary/image v0.69.4, and GitHub Actions components aquasecurity/trivy-action (versions 0.0.1–0.34.2, 76/77 forced-pushed) and aquasecurity/setup-trivy (0.2.0...

9.4CVSS5.9AI score0.60368EPSS

In wildExploits2References14Affected Software3

Vulnrichment•added 2026/03/23 9:47 p.m.•1 views

CVE-2026-33634 Trivy ecosystem supply chain briefly compromised

9.4CVSS5.9AI score0.60368EPSS

Exploits2References10

ATTACKERKB•added 2026/03/23 9:47 p.m.•3 views

CVE-2026-33634

9.4CVSS5.9AI score0.60368EPSS

In wildExploits2References11Affected Software5

Cvelist•added 2026/03/23 9:47 p.m.•38 views

CVE-2026-33634 Trivy ecosystem supply chain briefly compromised

9.4CVSS0.60368EPSS

Exploits2References10

OSV•added 2026/03/23 9:47 p.m.•4 views

CVE-2026-33634 Trivy ecosystem supply chain briefly compromised

9.4CVSS6.2AI score0.60368EPSS

Exploits2References16

VulnCheck KEV•added 2026/03/23 12:0 a.m.•15 views

VulnCheck KEV: CVE-2026-33634

9.4CVSS5.9AI score0.60368EPSS

In wildExploits2References5

Positive Technologies•added 2026/03/23 12:0 a.m.•3 views

PT-2026-27246

Name of the Vulnerable Software and Affected Versions aquasecurity/trivy version 0.69.4 aquasecurity/trivy versions 0.69.5 through 0.69.6 aquasecurity/trivy-action versions 0.0.1 through 0.34.2 aquasecurity/setup-trivy versions 0.2.0 through 0.2.6 Description A supply chain attack occurred where ...

9.4CVSS6.2AI score0.60368EPSS

Exploits2References114

CNNVD•added 2026/03/23 12:0 a.m.•7 views

Aqua Security多款产品安全漏洞

Aqua Security Trivy and Trivy Action are both products of Aqua Security. Trivy is a comprehensive and multifunctional security scanner. Trivy Action is a container vulnerability scanning software. Several products from Aqua Security have security vulnerabilities, which stem from supply chain...

9.4CVSS6.3AI score0.60368EPSS

Exploits2References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by