Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: container-tech Clear
ID Title
CVE-2026-57231 Information Disclosure in podman-project (CVE-2026-57231)
vulnerability in podman-project (CVE-2026-57231). Confidential information can be exposed externally. Mitigation: upgrade to `5.8.4` or later.
CVE-2026-53488 Vulnerability in github.com/containerd/containerd (CVE-2026-53488)
vulnerability in github.com/containerd/containerd (CVE-2026-53488). Successful exploitation can lead to full system takeover. Exploitable via ``LABEL``. Mitigation: upgrade to `1.7.33` or later.
CVE-2026-5817 Vulnerability in docker (CVE-2026-5817)
vulnerability in docker (CVE-2026-5817). Successful exploitation can lead to full system takeover.
CVE-2026-5843 Vulnerability in docker (CVE-2026-5843)
vulnerability in docker (CVE-2026-5843). Successful exploitation can lead to full system takeover.
CVE-2026-6406 Authorization Flaw in docker (CVE-2026-6406)
vulnerability in docker (CVE-2026-6406). Successful exploitation can lead to full system takeover.
CVE-2026-46680 Privilege Escalation in github.com/containerd/containerd (CVE-2026-46680)
vulnerability in github.com/containerd/containerd (CVE-2026-46680). Successful exploitation can lead to full system takeover. Exploitable via ``User``. Mitigation: upgrade to `1.7.32` or later.
CVE-2026-42306 Vulnerability in github.com/docker/docker (CVE-2026-42306)
vulnerability in github.com/docker/docker (CVE-2026-42306). Data can be tampered with by attackers. Exploitable via `PUT /containers/{id}/archive`. Mitigation: upgrade to `2.0.0-beta.14` or later.
CVE-2026-34282 Vulnerability in java (CVE-2026-34282)
vulnerability in java (CVE-2026-34282). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
CVE-2026-21945 Vulnerability in java (CVE-2026-21945)
vulnerability in java (CVE-2026-21945). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
CVE-2026-21932 Vulnerability in java (CVE-2026-21932)
vulnerability in java (CVE-2026-21932). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
CVE-2026-20652 Vulnerability in java (CVE-2026-20652)
vulnerability in java (CVE-2026-20652). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2025-7425 Use-After-Free in java (CVE-2025-7425)
vulnerability in java (CVE-2025-7425). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2025-7424 Vulnerability in java (CVE-2025-7424)
vulnerability in java (CVE-2025-7424). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2025-53066 Information Disclosure in java (CVE-2025-53066)
vulnerability in java (CVE-2025-53066). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.0, 8.0.471, 11.0.29, 17.0.17, 21.0.9, 25.0.1` or later.
CVE-2025-47219 Out-of-Bounds Read in java (CVE-2025-47219)
vulnerability in java (CVE-2025-47219). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2022-21476 Vulnerability in java (CVE-2022-21476)
vulnerability in java (CVE-2022-21476). Confidential information can be exposed externally. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.341, 8.0.331, 11.0.15, 17.0.3, 18.0.1` or later.
CVE-2026-33414 OS Command Injection in podman-project (CVE-2026-33414)
OS command injection in podman-project (CVE-2026-33414). Successful exploitation can lead to full system takeover.
CVE-2026-35204 Path Traversal in helm (CVE-2026-35204)
path traversal in helm (CVE-2026-35204). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.1.4` or later.
CVE-2026-35205 Vulnerability in helm (CVE-2026-35205)
vulnerability in helm (CVE-2026-35205). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.1.4` or later.
CVE-2026-34040 Vulnerability in github.com/moby/moby (CVE-2026-34040)
vulnerability in github.com/moby/moby (CVE-2026-34040). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `29.3.1` or later.
CVE-2026-33634 KEV [KEV] Vulnerability in Aquasecurity trivy (CVE-2026-33634)
vulnerability in Aquasecurity trivy (CVE-2026-33634). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-4342 Vulnerability in nginx (CVE-2026-4342)
vulnerability in nginx (CVE-2026-4342). Successful exploitation can lead to full system takeover.
CVE-2025-15558 Vulnerability in c (CVE-2025-15558)
vulnerability in c (CVE-2025-15558). Successful exploitation can lead to full system takeover.
CVE-2026-28406 Path Traversal in chainguard (CVE-2026-28406)
path traversal in chainguard (CVE-2026-28406). Data can be tampered with by attackers. Exploitable via ``dest``.
CVE-2023-42917 KEV [KEV] Out-of-Bounds Write in Apple java (CVE-2023-42917)
out-of-bounds write in Apple java (CVE-2023-42917). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
CVE-2023-41993 KEV [KEV] Vulnerability in Apple java (CVE-2023-41993)
vulnerability in Apple java (CVE-2023-41993). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
CVE-2019-15752 KEV [KEV] Vulnerability in Docker desktop-community-edition (CVE-2019-15752)
vulnerability in Docker desktop-community-edition (CVE-2019-15752). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2014-0047 Vulnerability in docker (CVE-2014-0047)
vulnerability in docker (CVE-2014-0047). Successful exploitation can lead to full system takeover.
CVE-2017-11468 Vulnerability in dos (CVE-2017-11468)
vulnerability in dos (CVE-2017-11468). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →