CVE-2026-53489 vulnerabilities

Vulnerabilities for packages: livekit-cli, neuvector-scanner-fips, kube-mgmt, packer, trivy-operator-fips, docker-fips, packer-fips, trivy, grype-fips, buildkitd-fips, kubescape-server-fips, cloudbeat, k9s-fips, kaniko-fips, syft, wolfictl, neuvector, grype, buildkitd, zot, zarf-fips, k9s, kaniko...

GHSA-XHF5-7WJV-PQXP vulnerabilities

Vulnerabilities for packages: helm-exporter, trivy-operator-fips, helm-set-status, packer-fips, trivy, buildkitd-fips, headlamp, helm-exporter-fips, crossplane, k9s-fips, helm-push, kaniko-fips, helmfile, neuvector, zot, consul-k8s-fips, tigera-operator-fips, chartmuseum-fips,...

Astra Linux – Vulnerability in docker.io

Docker CLI is the command-line interface for the Docker container runtime. A bug was discovered in Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json, which lists a credsStore or credhelpers that cannot be...

ROOT-APP-GOBINARY-CVE-2025-15558 CVE-2025-15558 in rootio-github.com/docker/cli - Patched by Root

Root has patched CVE-2025-15558 in the rootio-github.com/docker/cli package for Root:Go. Multiple fixed versions available...

CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3

CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3. A patched version of the package is available...

CVE-2026-6406

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

[SECURITY] Fedora 42 Update: podman-5.8.2-1.fc42

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: verticadb-operator, trivy, dynamic-localpv-provisioner, eksctl, headlamp, linkerd2, tigera-operator, velero, rancher-agent, falcoctl, cilium-cli, terraform-provider-kubernetes, kots, kpt, kwok, cri-tools, emissary, zarf, aws-node-termination-handler, hubble, vcluster...

[SECURITY] Fedora 43 Update: podman-5.8.2-1.fc43

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Docker CLI (CVE-2025-15558)

Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Docker CLI Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: helm, filebrowser, kserve-rest-proxy, verticadb-operator, wal-g, tkn, litestream, secrets-store-csi-driver, mesosphere-vsphere-csi, terraform-docs, keda, flux, falcoctl, slsa-verifier, envoy-ratelimit, scorecard, kserve-modelmesh-serving, kube-state-metrics,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: beats-fips, localstack, helm-set-status, aws-flb-kinesis-fips, crane, crossplane, kubernetes-csi-driver-nfs-fips, kubernetes-dashboard, sriov-network-device-plugin-fips, aws-flb-firehose, cosign, docker-cli-buildx-fips, argo-workflows-fips, flux-fips,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: beats-fips, localstack, helm-set-status, aws-flb-kinesis-fips, crane, crossplane, kubernetes-csi-driver-nfs-fips, kubernetes-dashboard, sriov-network-device-plugin-fips, aws-flb-firehose, cosign, docker-cli-buildx-fips, argo-workflows-fips, flux-fips,...

GHSA-JRG3-GFJW-HM96 vulnerabilities

Vulnerabilities for packages: prometheus-postgres-exporter, beats-fips, crossplane-aws-provider, grpcurl-fips, kustomize-fips, prometheus-process-exporter-fips, localstack, litmus-chaos-operator-fips, helm-set-status, terraform-provider-aws, flagger, prometheus-nats-exporter-fips,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: prometheus-postgres-exporter, beats-fips, crossplane-aws-provider, grpcurl-fips, kustomize-fips, prometheus-process-exporter-fips, localstack, litmus-chaos-operator-fips, helm-set-status, terraform-provider-aws, flagger, prometheus-nats-exporter-fips,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: prometheus-postgres-exporter, beats-fips, crossplane-aws-provider, grpcurl-fips, kustomize-fips, prometheus-process-exporter-fips, localstack, litmus-chaos-operator-fips, helm-set-status, terraform-provider-aws, apache-beam-java-sdk, flagger,...

GHSA-HFVC-G4FC-PQHX vulnerabilities

Vulnerabilities for packages: verticadb-operator, tekton-chains, tkn, secrets-store-csi-driver, keda, ratify, flux, falcoctl, slsa-verifier, aws-otel-collector, envoy-ratelimit, scorecard, kube-state-metrics, newrelic-infrastructure-agent, dagger, sftpgo-plugin-pubsub, splunk-otel-collector,...

CLEANSTART-2026-CO68219 Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ProgramData\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Docker\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\cli-plugins, a directory that does not exist by default

Multiple security vulnerabilities affect the istio-fips package. Docker CLI for Windows searches for plugin binaries in...

GHSA-4C29-8RGM-JVJJ vulnerabilities

Vulnerabilities for packages: skaffold, trivy, trivy-operator, guac, conftest, kubescape, kaniko, zot, docker-cli-buildx, buildah, podman, osv-scanner, docker-compose, scorecard...

GHSA-4VRQ-3VRQ-G6GG vulnerabilities

Vulnerabilities for packages: skaffold, trivy, trivy-operator, guac, conftest, kubescape, kaniko, zot, docker-cli-buildx, buildah, podman, osv-scanner, docker-compose, scorecard...