Wizarr Container Image Exposed to High-Severity DoS Vulnerability (CVE-2026-30922)

A high-severity denial-of-service vulnerability has been flagged in the latest container image for Wizarr, a popular self-hosted application. The automated security scan, conducted on March 18, 2026, identified a single high-risk flaw within the `pyasn1` library (version 0.6.2), which could allow an attacker to trigger unbounded recursion and crash the service. This vulnerability, tracked as CVE-2026-30922, poses a direct risk to the availability of any Wizarr instance running the affected container tag (`ghcr.io/wizarrrr/wizarr:latest`).

The finding originates from an automated scan by RedFlag, a tool designed to audit homelab container images using Trivy. The vulnerability is not critical but is rated as 'High,' indicating a significant threat that requires prompt attention. The flaw resides in a dependency, not in Wizarr's core code, and a fixed version of the `pyasn1` package (0.6.3) is already available. This highlights the persistent security challenge in the container ecosystem, where upstream library vulnerabilities can silently propagate into deployed applications.

For administrators and homelab enthusiasts, this alert underscores the necessity of continuous vulnerability monitoring for containerized services, even those considered for personal or internal use. The availability of a patch means the immediate risk is manageable, but it requires action to update the underlying image or the dependency itself. Failure to apply the fix leaves instances open to disruption, emphasizing that security in self-hosted environments demands the same vigilance as production systems.