Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to everything in the CI/CD environment, including all tokens, SSH keys, cloud credentials, database passwords, and any sensitive configuration in memory.
PoC: docker-socket-risk-demos
Companion source for YouTube video "Stop Mounting docker.sock — Run Trivy Without Giving Away Root Access — (inspired by CVE-2026-33634)"
PoC: CVE-2026-33634-Scanner
**Scanner automatizado para la detección de indicadores de compromiso (IOCs) asociados al ataque a la cadena de suministro TeamPCP (CVE-2026-33634)**
PoC: teampcp-tools
Detection, eradication, and IOC tools for the TeamPCP/Cipherforce supply chain attack (CVE-2026-33634)
PoC: teampcp-supply-chain-attack
CVE-2026-33634 (CVSS 9.4) — The most impactful CI/CD supply chain attack of 2026 so far.
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free