A vulnerability was found in aquasecurity trivy up to 0.71.0 . It has been rated as critical . Impacted is an unknown function of the component Annotation Handler . The manipulation leads to path traversal. This vulnerability is documented as CVE-2026-55092 . The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.