/

Security Advisories

View the status of known vulnerabilities in a Chainguard Container along with daily updates on security patches. Learn more.

CGA ID	CVE ID	Severity	Affected package	Status
CGA-jh6p-qrjm-q75w	CGA-jh6p-qrjm-q75w	Unknown	gitlab-runner-18.8	Fix not planned
CGA-w7j7-vpfp-pv2f	CVE-2026-0636	Unknown	jruby-9.4	Under investigation
CGA-gjpv-gc2q-wcr7	CVE-2026-0636	Unknown	opensearch-2-identity-shiro	Under investigation
CGA-3vmg-hf4f-7788	CGA-3vmg-hf4f-7788	Unknown	pulumi-language-go	Fixed
CGA-2jx5-8855-jx33	CGA-2jx5-8855-jx33	Unknown	guacingest	Under investigation
CGA-fmr2-5725-c78r	CGA-fmr2-5725-c78r	Unknown	amazon-ssm-agent-ecs-exec	Under investigation
CGA-jjr5-whxx-rg9x	CGA-jjr5-whxx-rg9x	Unknown	amazon-ssm-agent-ecs-exec	Under investigation
CGA-r2hq-7jx3-rpmh	CVE-2026-0636	Unknown	commercial-elasticsearch-8.19	Pending upstream fix
CGA-f8w8-xwq8-mg9x	CGA-f8w8-xwq8-mg9x	Unknown	dapr-scheduler-fips-1.14	Under investigation
CGA-hmgh-247m-8vfw	CVE-2026-0636	Unknown	geoserver-2.27	Under investigation
CGA-pg9j-4rgj-hjph	CGA-pg9j-4rgj-hjph	Unknown	guacone	Under investigation
CGA-x48h-6f88-wp52	CGA-x48h-6f88-wp52	Unknown	amazon-ssm-agent-fips	Fixed
CGA-5cq3-7442-xjw8	CGA-5cq3-7442-xjw8	Unknown	amazon-ssm-agent-fips	Fixed
CGA-w5qf-gjq8-rjv5	CGA-w5qf-gjq8-rjv5	Unknown	amazon-ssm-agent-fips	Fixed
CGA-g373-45gg-w7r3	CGA-g373-45gg-w7r3	Unknown	grafana-alloy	Fixed
CGA-rcc3-cppj-vc6v	CGA-rcc3-cppj-vc6v	Unknown	gitaly-18.7	Fix not planned

572,222 advisories

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.

Security Advisories

The trusted source for open source

Product

Solutions

Customers

Resources

Company