Security Advisories

View the status of known vulnerabilities in a Chainguard Container along with daily updates on security patches. Learn more.

CGA ID	CVE ID	Severity	Affected package	Status
CGA-mr5c-rfr4-m778	CVE-2026-48525	Medium	superset-6.0	Under investigation
CGA-q5vh-92v8-cvg3	CVE-2026-48523	Medium	superset-6.0	Under investigation
CGA-57v2-v3vx-883h	CVE-2026-48524	Low	superset-6.0	Under investigation
CGA-m639-qv8j-wrxr	CVE-2026-48522	Medium	superset-6.0	Under investigation
CGA-g9gh-p6ff-hq5m	CGA-g9gh-p6ff-hq5m	High	superset-6.0	Under investigation
CGA-xmh9-pr7m-q74g	CVE-2026-39824	Unknown	cargobump	Not affected
CGA-4h4p-3v2h-6ffm	CVE-2025-14525	Medium	virt-launcher-1.7	Under investigation
CGA-w6rg-jpmf-6xhp	CVE-2024-33394	Medium	virt-launcher-1.7	Under investigation
CGA-w3x8-r882-wj3x	CVE-2024-31420	Medium	virt-launcher-1.7	Under investigation
CGA-c75x-53cw-67mh	CVE-2026-33022	Medium	tekton-pipelines-controller-fips-1.10	Under investigation
CGA-f33c-w4h3-pfgc	CVE-2023-37264	Low	tekton-pipelines-controller-fips-1.10	Under investigation
CGA-252q-3556-grwv	CVE-2020-8911	Medium	grept	Not affected
CGA-wgjw-m9c7-3r59	CVE-2020-8912	Low	grept	Not affected
CGA-gmpr-wrjh-9fpv	CVE-2023-37264	Low	tekton-pipelines-entrypoint-fips-1.0	Under investigation
CGA-r7fw-vmvw-32wr	CVE-2020-8911	Medium	external-secrets-operator-fips-2.0	Under investigation
CGA-4g96-hx3x-pgr6	CVE-2020-8912	Low	external-secrets-operator-fips-2.0	Under investigation

835,720 advisories

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.

Security Advisories

The trusted source for open source

Product

Solutions

Customers

Resources

Company