CVE-2026-53489 vulnerabilities

Vulnerabilities for packages: docker-cli-buildx-fips, trivy, kube-mgmt-fips, trivy-fips, syft, zot, wolfictl, grype-fips, zarf-fips, zarf, cloudbeat, trivy-operator-fips, docker-cli-buildx, kube-mgmt, docker-compose-fips, grype, neuvector-scanner-fips, fuse-overlayfs-snapshotter, kaniko-fips,...

GHSA-XHF5-7WJV-PQXP vulnerabilities

Vulnerabilities for packages: wolfictl, chaos-mesh-fips, steampipe, kube-arangodb-fips, chartmuseum, kgateway-fips, kube-mgmt, docker-compose-fips, neuvector-scanner-fips, helm, gatekeeper, helmfile, kubescape-operator, jfrog-cli, spegel-fips, tw, grype-db, buildkitd, skaffold-fips, xeol-fips,...

Astra Linux – Vulnerability in docker.io

Docker CLI is the command-line interface for the Docker container runtime. A bug was discovered in Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json, which lists a credsStore or credhelpers that cannot be...

ROOT-APP-GOBINARY-CVE-2025-15558 CVE-2025-15558 in rootio-github.com/docker/cli - Patched by Root

Root has patched CVE-2025-15558 in the rootio-github.com/docker/cli package for Root:Go. Multiple fixed versions available...

CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3

CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3. A patched version of the package is available...

CVE-2026-6406

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

[SECURITY] Fedora 42 Update: podman-5.8.2-1.fc42

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: cilium-cli, rancher, skaffold, cilium, eksctl, kubescape, falcoctl, cri-tools, k8ssandra-client, kube-arangodb, kubeflow-pipelines, redis-operator, kots, kpt, trivy-operator, velero, kubernetes, linkerd2, consul-k8s, teleport, k8sgpt, argocd-image-updater, k9s, k3s,...

[SECURITY] Fedora 43 Update: podman-5.8.2-1.fc43

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Docker CLI (CVE-2025-15558)

Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Docker CLI Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: dgraph, x509-certificate-exporter, opentelemetry-operator, cilium, crossplane-provider-azure-authorization, goreleaser, tailscale, cloud-sql-proxy, falcoctl, delve, scorecard, go-discover, slsa-verifier, terraform-provider-sendgrid, nuclei, k8s-device-plugin, tetrago...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: argo-cd, pulumi-language-java, cert-manager-cmctl, gitlab-kas-fips, atlantis-fips, cluster-autoscaler-fips, gitleaks, kube-arangodb-fips, cerbos, nats-server-fips, juicefs, nuclei, sriov-network-device-plugin-fips, vault-csi-provider, keda-fips, filebrowser,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: argo-cd, pulumi-language-java, cert-manager-cmctl, gitlab-kas-fips, atlantis-fips, cluster-autoscaler-fips, gitleaks, kube-arangodb-fips, cerbos, nats-server-fips, juicefs, nuclei, sriov-network-device-plugin-fips, vault-csi-provider, keda-fips, filebrowser,...

GHSA-JRG3-GFJW-HM96 vulnerabilities

Vulnerabilities for packages: argo-cd, grpc-health-probe-fips, chart-testing-fips, pulumi-language-java, kubernetes-dashboard-web, terraform-provider-pagerduty, cert-manager-cmctl, apache-exporter, gitlab-kas-fips, nri-f5-fips, atlantis-fips, cluster-autoscaler-fips, amass, dataplaneapi-fips,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: argo-cd, grpc-health-probe-fips, chart-testing-fips, pulumi-language-java, kubernetes-dashboard-web, terraform-provider-pagerduty, cert-manager-cmctl, apache-exporter, gitlab-kas-fips, nri-f5-fips, atlantis-fips, cluster-autoscaler-fips, amass, dataplaneapi-fips,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: argo-cd, grpc-health-probe-fips, chart-testing-fips, pulumi-language-java, kubernetes-dashboard-web, terraform-provider-pagerduty, cert-manager-cmctl, apache-exporter, gitlab-kas-fips, nri-f5-fips, atlantis-fips, cluster-autoscaler-fips, amass, dataplaneapi-fips,...

GHSA-HFVC-G4FC-PQHX vulnerabilities

Vulnerabilities for packages: secrets-store-csi-driver-provider-gcp, fluent-operator, cluster-api-gcp-controller, dgraph, kyverno-policy-reporter, cilium, crossplane-provider-azure-authorization, goreleaser, opentelemetry-operator, falcoctl, scorecard, go-discover, slsa-verifier, trivy-operator,...

CLEANSTART-2026-CO68219 Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ProgramData\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Docker\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\cli-plugins, a directory that does not exist by default

Multiple security vulnerabilities affect the istio-fips package. Docker CLI for Windows searches for plugin binaries in...

GHSA-4C29-8RGM-JVJJ vulnerabilities

Vulnerabilities for packages: conftest, skaffold, zot, kubescape, scorecard, guac, docker-cli-buildx, trivy-operator, osv-scanner, kaniko, podman, trivy, buildah, docker-compose...

GHSA-4VRQ-3VRQ-G6GG vulnerabilities

Vulnerabilities for packages: conftest, skaffold, zot, kubescape, scorecard, guac, docker-cli-buildx, trivy-operator, osv-scanner, kaniko, podman, trivy, buildah, docker-compose...