This page collects WhisperX intelligence signals tagged #container-security. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical supply chain attack has compromised the official GitHub Actions for Aqua Security's Trivy vulnerability scanner. A threat actor, using stolen credentials, force-pushed malicious code to 76 out of 77 version tags in the `aquasecurity/trivy-action` repository, replacing legitimate releases with credential-stea...
A major security scan of the popular self-hosted dashboard application Dashy has uncovered 25 new vulnerabilities, including three rated as critical and 22 as high severity. The findings, dated March 13, 2026, expose significant risks within the `lissy93/dashy:latest` Docker image, which is widely deployed by individua...
A sophisticated supply chain attack has compromised the core security tools of Aqua Security's Trivy project, with a threat actor using stolen credentials to publish malicious software releases and overwrite nearly all version tags in the official GitHub repositories. The breach directly targeted the `aquasecurity/triv...
A critical vulnerability in a widely used OpenSSL library sits at the heart of a newly exposed security risk. The container image `ghcr.io/anthony-spruyt/firemerge:latest` was found to contain 26 total vulnerabilities, including one rated CRITICAL and nine rated HIGH, according to a Trivy vulnerability scan. The most s...
A standard installation of the SumoLogic OpenTelemetry Collector version 0.108.0-1649 in a Windows container introduces multiple, documented security vulnerabilities. A user report on GitHub, accompanied by a Trivy scan, reveals the collector package pulls in dependencies with at least four specific CVEs, including CVE...
A Trivy security scan has flagged five HIGH-severity vulnerabilities within a critical container image, exposing a potential attack surface for denial-of-service, arbitrary code execution, and information disclosure. The scan, conducted on April 2, 2026, found zero critical issues but a concentrated cluster of high-ris...
A Trivy security scan has flagged five HIGH-severity vulnerabilities within a critical container image, exposing a potential attack surface for denial-of-service, arbitrary code execution, and information disclosure. The scan, conducted on April 2, 2026, targeted the `7002370412/news-feed:latest` image built on Alpine ...
A Trivy security scan has flagged five HIGH-severity vulnerabilities within a critical container image, exposing a potential attack surface for denial-of-service, arbitrary code execution, and information disclosure. The scan, conducted on April 2, 2026, found zero critical issues but a concentrated cluster of high-ris...
A critical security oversight has been identified in a Dockerfile configuration, where the Node.js application process runs with full root privileges inside the container. The Dockerfile lacks a `USER` directive, defaulting the container's entrypoint to the root user. This violation of the principle of least privilege ...
A security scan of the latest Actual Budget server image has uncovered six new vulnerabilities, including two rated as critical. The scan, dated March 31, 2026, reveals that the `actualbudget/actual-server:latest` container is running outdated and vulnerable packages, exposing the popular open-source budgeting platform...
A critical security scan of the official Actual Budget server image has uncovered a dangerous cluster of 15 unpatched vulnerabilities, including one rated Critical and 14 rated High. The scan, dated March 13, 2026, reveals that the `actualbudget/actual-server:latest` container is currently shipping with exploitable fla...
A high-severity security vulnerability has been flagged in the latest container image for Posterizarr, a homelab media tool. The automated scan reveals an active exposure to CVE-2026-28390, a flaw in the OpenSSL library that can lead to a Denial of Service (DoS) attack. This vulnerability, present in the `libcrypto3` p...
A critical review of the existing Dagger CI/CD pipeline reveals multiple, unaddressed supply chain integrity risks that leave the software delivery process vulnerable to undetected compromise. The current workflow, while performing vulnerability scans, lacks fundamental cryptographic and attestation safeguards. This cr...
A security review has identified a critical configuration weakness in the CI/CD pipeline responsible for building and publishing the IoT-Wall API container images. The pipeline at `.github/workflows/api-build.yml` (lines 88–89) simultaneously pushes Docker images with two tagging strategies: an immutable SHA-based tag ...
A security review has surfaced multiple container and Kubernetes deployment posture deficiencies that lack fundamental hardening measures. The findings, flagged during a security audit, identify three distinct gaps: a Dockerfile configured to run as root, a Kubernetes deployment without container-level securityContext,...
A high-severity vulnerability in apko, the tool used to build and publish OCI container images from Alpine Linux apk packages, has been disclosed under CVE-2026-42575 with a CVSS score of 7.5. The flaw undermines a critical link in the container supply chain security model: while apko verifies the cryptographic signatu...
Security researchers have published proof-of-concept code for CVE-2026-31431, a page-cache vulnerability that enables code execution across containers sharing the same image layer. The exploit, distributed through the open-source tool page_inject, demonstrates how an attacker with access to one container can pivot late...
A security researcher operating under the alias sgkdev has published a proof-of-concept exploit on GitHub targeting CVE-2026-31431, a page-cache vulnerability that circumvents container isolation boundaries. The exploit enables code execution within containers that share the same image layer, raising concerns about mul...
A second critical Linux kernel vulnerability in as many weeks has surfaced, enabling low-privilege users—including those operating virtual machines—to escalate to root-level access on compromised servers. The flaw, designated Dirty Frag, follows closely on the heels of a previous severe disclosure, raising urgent quest...
An automated Trivy security scan has identified an unpatched high-severity vulnerability, CVE-2026-41254, present in Docker images running PHP versions 8.2 and 8.3 on an Alpine Linux 3.22 base. The flaw resides in the lcms2 package, with affected images running version 2.16-r0 while the patched version is 2.19-r0. Four...