Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Tenable Nessus
Tenable Nessusadded 2026/04/28 12:0 a.m.0 views

Fedora 44 : trivy (2026-6fc2f11089)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6fc2f11089 advisory. Update to 0.69.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

5CVSS8AI score0.00005EPSS
Exploits0References3
OSV
OSVadded 2026/03/26 4:0 a.m.2 views

MAL-2026-2230 Malicious code in aquasecurityofficial.trivy-vulnerability-scanner (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security b6cab1dae06f51e2aaa57704d8374b6882440070d0796e7b719a85e6f803888b This extension is a compromised version of the offical Trivy VSCode extension available on the Microsoft Marketplace. Versions 1.8.11 and...

5.9AI score
Exploits0References1
VulnCheck KEV
VulnCheck KEVadded 2026/03/23 12:0 a.m.12 views

VulnCheck KEV: CVE-2026-33634

Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in aquasecurity/trivy-action to credential-stealing malware, and replace all 7 tags in aquasecurity/setup-trivy with malicious...

9.4CVSS5.9AI score0.23896EPSS
In wildExploits2References5
Positive Technologies
Positive Technologiesadded 2026/03/23 12:0 a.m.2 views

PT-2026-28966

Уязвимость сканера уязвимостей Trivy связана с наличием опасных недекларированных возможностей. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации...

9CVSS5.8AI score
Exploits0References3
Cvelist
Cvelistadded 2026/03/05 8:2 p.m.25 views

CVE-2026-28353 Trivy Vulnerability Scanner: Unauthorized AI Agent Execution Code Included in OpenVSX Extension Release

Trivy Vulnerability Scanner is a VS Code extension that helps find vulnerabilities. In Trivy VSCode Extension version 1.8.12, which was distributed via OpenVSX marketplace was compromised and contained malicious code designed to leverage local AI coding agent to collect and exfiltrate sensitive...

10CVSS0.00021EPSS
Exploits0References1
OSV
OSVadded 2026/03/05 8:2 p.m.1 views

CVE-2026-28353 Trivy Vulnerability Scanner: Unauthorized AI Agent Execution Code Included in OpenVSX Extension Release

Trivy Vulnerability Scanner is a VS Code extension that helps find vulnerabilities. In Trivy VSCode Extension version 1.8.12, which was distributed via OpenVSX marketplace was compromised and contained malicious code designed to leverage local AI coding agent to collect and exfiltrate sensitive...

10CVSS5.9AI score0.00021EPSS
Exploits0References3
Rows per page
Query Builder