1. apko Container Image Builder Exposed by Checksum Bypass Flaw in CVE-2026-42575
A high-severity vulnerability in apko, the tool used to build and publish OCI container images from Alpine Linux apk packages, has been disclosed under CVE-2026-42575 with a CVSS score of 7.5. The flaw undermines a critical link in the container supply chain security model: while apko verifies the cryptographic signatu...