Security Advisories

View the status of known vulnerabilities in a Chainguard Container along with daily updates on security patches. Learn more.

CGA ID	CVE ID	Severity	Affected package	Status
CGA-22cm-p32v-7jv5	CVE-2026-22754	Unknown	apache-nifi	Under investigation
CGA-6hg9-hq33-q6hp	CVE-2026-40542	Unknown	apache-nifi	Under investigation
CGA-g2x6-9c57-jjm2	CVE-2026-40542	Unknown	opensearch-fips-3-cross-cluster-replication	Under investigation
CGA-4x49-m3fq-rh5g	CVE-2026-40542	Unknown	opensearch-3-notifications	Under investigation
CGA-h7g2-rfwm-qvcg	CVE-2026-40542	Unknown	opensearch-3-notifications	Under investigation
CGA-2w3p-jcm8-483p	CGA-2w3p-jcm8-483p	Unknown	harbor-fips-2.15	Under investigation
CGA-24mw-v6jc-82wj	CVE-2026-32286	Unknown	harbor-fips-2.15	Pending upstream fix
CGA-8836-qgx7-pfr3	CVE-2026-35172	Unknown	harbor-fips-2.15	Pending upstream fix
CGA-pfxj-7pf6-32w4	CVE-2026-33540	Unknown	harbor-fips-2.15	Pending upstream fix
CGA-f396-7x43-9w77	CVE-2026-40542	Unknown	trino-plugin-hudi	Under investigation
CGA-jf7v-88w2-j785	CVE-2026-33186	Critical	amazon-k8s-cni-fips	Fixed
CGA-qw6v-c8fm-xfhx	CVE-2026-32289	Unknown	amazon-k8s-cni-fips	Fixed
CGA-hgw7-qq84-vq46	CVE-2026-32283	Unknown	amazon-k8s-cni-fips	Fixed
CGA-wjw8-2mx5-xwhc	CVE-2026-32281	Unknown	amazon-k8s-cni-fips	Fixed
CGA-f39c-f2cx-pxff	CVE-2026-32280	Unknown	amazon-k8s-cni-fips	Fixed
CGA-5pwc-jmh5-wmqv	CVE-2026-27142	Unknown	amazon-k8s-cni-fips	Fixed

584,587 advisories

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.

Security Advisories

The trusted source for open source

Product

Solutions

Customers

Resources

Company