Security Alert: High-Severity CVE-2026-30931 Persists in Alpine 3.23 PHP Images

A critical security vulnerability, CVE-2026-30931, remains unresolved in widely used PHP container images, posing a persistent high-severity risk. An automated Trivy scan has confirmed the flaw is still present even after rebuild attempts, indicating a systemic issue within the underlying Alpine Linux 3.23.3 base layer. The vulnerability specifically affects the `imagemagick` suite of packages, leaving containerized PHP applications exposed.

The flaw is confirmed in images hosted on GitHub Container Registry (`ghcr.io`) under the `rafalmasiarek/php` repository. It impacts both the `8.5-cli` and `8.5-fpm` variants. The root cause is outdated `imagemagick` libraries (version `7.1.2.15-r0`), which require an update to the fixed version `7.1.2.17-r0`. The remediation status is alarming: zero hotfix scripts have been matched, and a rebuild of the images failed to remove the CVE, confirming the vulnerability is baked into the base image dependency chain.

This situation creates significant operational pressure for developers and security teams relying on these container images. The persistence of the flaw after a rebuild suggests the fix must be applied upstream in the Alpine package repositories before new secure images can be generated. Until then, any deployment using the affected `ghcr.io/rafalmasiarek/php:8.5` tags carries the unresolved high-severity risk, necessitating immediate manual intervention or a switch to alternative, patched base images.