/

Security Advisories

View the status of known vulnerabilities in a Chainguard Container along with daily updates on security patches. Learn more.

CGA ID	CVE ID	Severity	Affected package	Status
CGA-f9gv-qv7c-cjrv	CVE-2026-28388	Unknown	openssl-provider-fips-3.6.0-dbg	Under investigation
CGA-v757-pwgv-mffx	CVE-2026-28387	Unknown	openssl-provider-fips-3.6.0-dbg	Under investigation
CGA-2qvf-5383-j6f6	CVE-2026-39883	Unknown	zarf-fips	Under investigation
CGA-56f2-cm54-hfhv	CVE-2026-28386	Unknown	openssl-provider-fips-3.6.0-dbg	Under investigation
CGA-qxfr-vfch-hxcw	CVE-2026-39883	Unknown	crossplane-provider-gcp-container-fips	Fixed
CGA-83v5-j3c5-ghvm	CVE-2026-39883	Unknown	kubevela-vela-core-fips	Under investigation
CGA-q56r-q7cv-5p2p	CVE-2026-39883	Unknown	harbor-fips-2.14-registryctl	Under investigation
CGA-v76r-rqm5-mm3g	CVE-2026-39882	Unknown	harbor-fips-2.14-registryctl	Under investigation
CGA-5jv2-p99r-9rh2	CVE-2026-39883	Unknown	gitaly-18.7	Fix not planned
CGA-j9pq-h26p-432q	CVE-2026-39882	Unknown	gitaly-18.7	Fix not planned
CGA-97vm-m2gc-rq82	CVE-2026-39883	Unknown	gitaly-18.7	Fix not planned
CGA-q6rv-6m2q-35c4	CVE-2026-39882	Unknown	gitaly-18.7	Fix not planned
CGA-jmjj-c7p6-53jg	CVE-2026-39883	Unknown	gitaly-18.7	Fix not planned
CGA-453m-v2jw-5fgc	CVE-2026-39882	Unknown	gitaly-18.7	Fix not planned
CGA-wm8f-m2q5-r4gw	CVE-2026-39883	Unknown	gitaly-18.7	Fix not planned
CGA-2v58-xqhf-h438	CVE-2026-39882	Unknown	gitaly-18.7	Fix not planned

503,618 advisories

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.

Security Advisories

The trusted source for open source

Product

Solutions

Customers

Resources

Company