/

Security Advisories

View the status of known vulnerabilities in a Chainguard Container along with daily updates on security patches. Learn more.

CGA ID	CVE ID	Severity	Affected package	Status
CGA-9f67-jp6x-jm9j	CVE-2026-5598	Unknown	commercial-elasticsearch-9.2	Pending upstream fix
CGA-2jcj-23j5-mcqh	CVE-2026-5598	Unknown	commercial-elasticsearch-9.0	Pending upstream fix
CGA-59wm-44rc-683v	CVE-2026-41520	Unknown	cilium-fips-1.16-hubble-relay	Fix not planned
CGA-585j-3hv7-4m65	CVE-2026-5598	Unknown	jruby-9.4	Under investigation
CGA-g3mh-rmm9-qc9p	CVE-2026-5598	Unknown	keycloak-26.5	Fix not planned
CGA-6f2j-p3m5-6h42	CVE-2026-5598	Unknown	keycloak-26.5	Fix not planned
CGA-4f5f-6h23-p45p	CVE-2026-5598	Unknown	kayenta-fips-2025.0	Fix not planned
CGA-frvp-qx6c-8674	CVE-2026-5598	Unknown	elasticsearch-9.1	Fixed
CGA-g2m7-h9pp-vx74	CVE-2026-5598	Unknown	logstash-9.0	Under investigation
CGA-4c5m-g872-72xq	CVE-2026-5598	Unknown	logstash-9.0	Under investigation
CGA-x734-p4r5-r32h	CVE-2026-22751	Unknown	camunda-zeebe-8.7	Under investigation
CGA-r439-39cr-wc6c	CVE-2026-22751	Unknown	jenkins-2-openjdk-21	Under investigation
CGA-9pgh-9j28-6pv9	CVE-2026-5598	Unknown	jenkins-2-openjdk-21	Under investigation
CGA-rhg8-8846-rv25	CVE-2026-5598	Unknown	logstash-9.0-with-output-opensearch	Under investigation
CGA-7gc9-wwh6-hwv7	CVE-2026-5598	Unknown	logstash-9.0-with-output-opensearch	Under investigation
CGA-3vvx-6p54-c4f7	CVE-2026-5598	Unknown	logstash-fips-9.3-iamguarded-compat	Under investigation

582,693 advisories

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.

Security Advisories

The trusted source for open source

Product

Solutions

Customers

Resources

Company