Vulnerabilities in aquasecurity
4 resultsCVE-2026-33634CRITICALTrivy ecosystem supply chain briefly compromisedEPSS 60.4%KEVCVE-2026-26189MEDIUMTrivy Action has a script injection via sourced env file in composite actionEPSS 1.3%CVE-2026-28353CRITICALTrivy Vulnerability Scanner: Unauthorized AI Agent Execution Code Included in OpenVSX Extension ReleaseEPSS 0.5%CVE-2024-35192MEDIUMTrivy possibly leaks registry credential when scanning images from malicious registriesEPSS 0.2%