Aikido Intel
Secure My Code
Intel

AIKIDO-2026-10897

github.com/aquasecurity/trivy is vulnerable to Malicious Code

Malicious CodeCVE-2026-33634 Published 6 days ago

100

Critical Risk

This Affects:

GOgithub.com/aquasecurity/trivy
0.69.4 - 0.69.6
Fixed in 0.70.0
Are you affected? Scan for Free

TL;DR

Affected versions of Trivy were compromised in a supply chain attack where attackers published malicious releases and force-pushed tags to credential-stealing malware. The malicious payloads were capable of extracting secrets, SSH keys, cloud credentials, tokens, and other sensitive data from CI/CD environments and exfiltrating them to attacker-controlled infrastructure. Downgrading Trivy to version 0.69.3 is considered a safe mitigation.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range.

Background info

github.com/aquasecurity/trivy is vulnerable to Malicious Code in versions 0.69.4 - 0.69.6.

How to fix this

Upgrade the github.com/aquasecurity/trivy library to the patch version or downgrade to version 0.69.3.

Links

Other

docs.litellm.ai/blog/security-update-march-2026
https://docs.litellm.ai/blog/security-update-march-2026
futuresearch.ai/blog/litellm-pypi-supply-chain-attack
https://futuresearch.ai/blog/litellm-pypi-supply-chain-attack
github.com/aquasecurity/trivy/discussions/10425
https://github.com/aquasecurity/trivy/discussions/10425
github.com/pypa/advisory-database/tree/main/vulns/litellm/PYSEC-2026-2.yaml
https://github.com/pypa/advisory-database/tree/main/vulns/litellm/PYSEC-2026-2.yaml
inspector.pypi.io/project/litellm/1.82.7/packages/79/5f/b6998d42c6ccd32d36e12661f2734602e72a576d52a51f4245aef0b20b4d/litellm-1.82.7-py3-none-any.whl/litellm/proxy/proxy_server.py#line.130
https://inspector.pypi.io/project/litellm/1.82.7/packages/79/5f/b6998d42c6ccd32d36e12661f2734602e72a576d52a51f4245aef0b20b4d/litellm-1.82.7-py3-none-any.whl/litellm/proxy/proxy_server.py#line.130
inspector.pypi.io/project/litellm/1.82.8/packages/f6/2c/731b614e6cee0bca1e010a36fd381fba69ee836fe3cb6753ba23ef2b9601/litellm-1.82.8.tar.gz/litellm-1.82.8/litellm_init.pth#line.1
https://inspector.pypi.io/project/litellm/1.82.8/packages/f6/2c/731b614e6cee0bca1e010a36fd381fba69ee836fe3cb6753ba23ef2b9601/litellm-1.82.8.tar.gz/litellm-1.82.8/litellm_init.pth#line.1
wiz.io/blog/teampcp-attack-kics-github-action
https://www.wiz.io/blog/teampcp-attack-kics-github-action
rosesecurity.dev/2026/03/20/typosquatting-trivy.html
https://rosesecurity.dev/2026/03/20/typosquatting-trivy.html
cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-33634
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-33634
microsoft.com/en-us/security/blog/2026/03/24/detecting-investigating-defending-against-trivy-supply-chain-compromise/
https://www.microsoft.com/en-us/security/blog/2026/03/24/detecting-investigating-defending-against-trivy-supply-chain-compromise/

Are You Affected?

Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.

Scan for Free
Book a Demo

Free. No credit card required.

Aikido Platform
Subscribe
Stay up to date with all updates
LinkedIn YouTube X
© 2026 Aikido Security BV | BE0792914919
Ghent, Belgium | San Francisco, US
SOC 2SOC 2Compliant
ISO 27001ISO 27001Compliant
Get Security Done