CVE-2026-33634 represents a supply chain compromise where malicious code was embedded in security tools (Trivy, LiteLLM) and GitHub Actions. While technically network-exploitable, this is not a direct internet-facing application vulnerability but rather requires victims to download and execute compromised packages.
Data Source: CIRCL
Confidence: HIGH
Exploitation Method: OTHER
CVE Published: 2026-03-23
Added to CISA KEV: 2026-03-26 3 DAYS BETWEEN CVE AND KEV
Tracked as CVE-2026-33634, this security weakness involves embedded malicious code that targets continuous integration and continuous deployment (CI/CD) environments. ... Because Trivy is a widely adopted open-source vulnerability scanner used natively within DevOps pipelines, this active exploitation presents a severe supply chain risk for organizations worldwide. ... With the addition of CVE-2026-33634 on March 26, 2026, CISA has issued a strict compliance deadline.
A highly critical supply chain compromise affecting the Aqua Security Trivy ecosystem, including the core scanner and its associated GitHub Actions. The attack, attributed to the threat actor TeamPCP, leveraged compromised CI/CD credentials and non-atomic secret rotation to embed malicious code within official releases. This embedded infostealer targets ephemeral runner environments to extract ...
CVE-2026-33634 tracks the Trivy supply chain compromise that turned a trusted security scanner and its GitHub Actions into a path for credential theft. This article breaks down the attack chain, affected versions, payload behavior, detection steps, recovery actions, and the GitHub Actions hardening lessons security teams should carry forward. (NVD)
CVE-2026-33634 Aqua Security Trivy Embedded Malicious Code Vulnerability. This type of vulnerability is a frequent attack vector for ...
CVE-2026-33634 : Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 7