CVE-2026-33634 | aquasecurity setup-trivy/trivy-action/trivy up to 0.2.5 malicious code (GHSA-69fq-xp46-6x23)

VDB-352644 · CVE-2026-33634 · GHSA-69FQ-XP46-6X23 AQUASECURITY SETUP-TRIVY/TRIVY-ACTION/TRIVY UP TO 0.2.5 MALICIOUS CODE HISTORYDIFFRELATEJSONXMLCTI CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score 6.0 $0-$5k 1.16+ Summaryinfo A vulnerability described as critical has been identified in aquasecurity setup-trivy, trivy-action and trivy up to 0.2.5. The affected element is an unknown function. The manipulation results in malicious code. This vulnerability is cataloged as CVE-2026-33634. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended. Detailsinfo A vulnerability was found in aquasecurity setup-trivy, trivy-action and trivy up to 0.2.5. It has been classified as critical. Affected is an unknown code block. The manipulation with an unknown input leads to a malicious code vulnerability. CWE is classifying the issue as CWE-506. The product contains code that appears to be malicious in nature. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes: Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in `aquasecurity/trivy-action` to credential-stealing malware, and replace all 7 tags in `aquasecurity/setup-trivy` with malicious commits. This incident is a continuation of the supply chain attack that began in late February 2026. Following the initial disclosure on March 1, credential rotation was performed but was not atomic (not all credentials were revoked simultaneously). The attacker could have use a valid token to exfiltrate newly rotated secrets during the rotation window (which lasted a few days). This could have allowed the attacker to retain access and execute the March 19 attack. Affected components include the `aquasecurity/trivy` Go / Container image version 0.69.4, the `aquasecurity/trivy-action` GitHub Action versions 0.0.1 – 0.34.2 (76/77), and the`aquasecurity/setup-trivy` GitHub Action versions 0.2.0 – 0.2.6, prior to the recreation of 0.2.6 with a safe commit. Known safe versions include versions 0.69.2 and 0.69.3 of the Trivy binary, version 0.35.0 of trivy-action, and version 0.2.6 of setup-trivy. Additionally, take other mitigations to ensure the safety of secrets. If there is any possibility that a compromised version ran in one's environment, all secrets accessible to affected pipelines must be treated as exposed and rotated immediately. Check whether one's organization pulled or executed Trivy v0.69.4 from any source. Remove any affected artifacts immediately. Review all workflows using `aquasecurity/trivy-action` or `aquasecurity/setup-trivy`. Those who referenced a version tag rather than a full commit SHA should check workflow run logs from March 19–20, 2026 for signs of compromise. Look for repositories named `tpcp-docs` in one's GitHub organization. The presence of such a repository may indicate that the fallback exfiltration mechanism was triggered and secrets were successfully stolen. Pin GitHub Actions to full, immutable commit SHA hashes, don't use mutable version tags. The advisory is shared for download at github.com. This vulnerability is traded as CVE-2026-33634 since 03/23/2026. The exploitability is told to be easy. It is possible to launch the attack remotely. There are neither technical details nor an exploit publicly available. Upgrading to version 0.2.6 eliminates this vulnerability. Productinfo Vendor aquasecurity Name setup-trivy trivy trivy-action Version 0.2.0 0.2.1 0.2.2 0.2.3 0.2.4 0.2.5 CPE 2.3info 🔒 🔒 🔒 CPE 2.2info 🔒 🔒 🔒 CVSSv4info VulDB Vector: 🔒 VulDB Reliability: 🔍 CNA CVSS-B Score: 🔒 CNA CVSS-BT Score: 🔒 CNA Vector: 🔒 CVSSv3info VulDB Meta Base Score: 6.3 VulDB Meta Temp Score: 6.0 VulDB Base Score: 6.3 VulDB Temp Score: 6.0 VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv2info Vector Complexity Authentication Confidentiality Integrity Availability Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock VulDB Base Score: 🔒 VulDB Temp Score: 🔒 VulDB Reliability: 🔍 Exploitinginfo Class: Malicious code CWE: CWE-506 CAPEC: 🔒 ATT&CK: 🔒 Physical: No Local: No Remote: Yes Availability: 🔒 Status: Not defined Price Prediction: 🔍 Current Price Estimation: 🔒 0-Day Unlock Unlock Unlock Unlock Today Unlock Unlock Unlock Unlock Threat Intelligenceinfo Interest: 🔍 Active Actors: 🔍 Active APT Groups: 🔍 Countermeasuresinfo Recommended: Upgrade Status: 🔍 0-Day Time: 🔒 Upgrade: setup-trivy/trivy-action/trivy 0.2.6 Timelineinfo 03/23/2026 CVE reserved 03/24/2026 +1 days Advisory disclosed 03/24/2026 +0 days VulDB entry created 03/24/2026 +0 days VulDB entry last update Sourcesinfo Advisory: GHSA-69fq-xp46-6x23 Status: Confirmed CVE: CVE-2026-33634 (🔒) GCVE (CVE): GCVE-0-2026-33634 GCVE (VulDB): GCVE-100-352644 Entryinfo Created: 03/24/2026 02:54 Changes: 03/24/2026 02:54 (66) Complete: 🔍 Cache ID: 99:25C:101 Discussion No comments yet. Languages: en. Please log in to comment. ◂ PreviousOverviewNext ▸