{
  "title": "Aqua Security Trivy CI/CD Pipeline & Tag Poisoning",
  "summary": "On March 19, 2026, the widely adopted container vulnerability scanner Trivy was compromised in a major supply chain attack. Cybercrime group TeamPCP poisoned version tags to harvest and exfiltrate runner credentials.",
  "date": "2026-03-19",
  "severity": "critical",
  "tags": [
    "ci-cd",
    "github-actions",
    "supply-chain",
    "tag-poisoning",
    "credential-theft"
  ],
  "sources_count": 7,
  "indicators": {
    "slug": "trivy-pipeline-compromise",
    "since": "2026-02-28T00:00:00Z",
    "until": "2026-03-20T09:00:00Z",
    "ecosystem": "github-actions, container-images, go github releases, docker hub",
    "cves": [
      "CVE-2026-33634"
    ],
    "cwes": [],
    "advisoryIds": [],
    "products": [],
    "packages": [
      "aquasecurity/trivy-action",
      "aquasecurity/setup-trivy",
      "aquasec/trivy"
    ],
    "versions": [
      "aquasecurity/trivy-action@v0.0.1..v0.34.2",
      "aquasecurity/setup-trivy@v0.2.0..v0.2.6",
      "trivy-binary@v0.69.4",
      "aquasec/trivy:0.69.5",
      "aquasec/trivy:0.69.6",
      "aquasecurity/trivy-action@v0.0.1-v0.34.2",
      "aquasecurity/setup-trivy@v0.2.0-v0.2.6",
      "aquasecurity/trivy@v0.69.4"
    ],
    "affectedVersions": [],
    "fixedVersions": [
      "aquasecurity/trivy-action@v0.35.0",
      "aquasecurity/setup-trivy@v0.2.6",
      "trivy-binary@v0.69.7",
      "aquasec/trivy:0.69.7"
    ],
    "files": [],
    "paths": [],
    "services": [],
    "domains": [
      "scan.aquasecurtiy.org",
      "www.legitsecurity.com"
    ],
    "urls": [
      "https://scan.aquasecurtiy.org/exfil",
      "https://www.legitsecurity.com",
      "https://github.com/advisories/GHSA-69fq-xp46-6x23"
    ],
    "ips": [],
    "hashes": [],
    "processPatterns": [],
    "networkPatterns": [],
    "telemetrySelectors": []
  }
}