Medium severity6.5NVD Advisory· Published Apr 30, 2026· Updated May 4, 2026
CVE-2026-28909
CVE-2026-28909
Description
Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- github.com/apple/container/security/advisories/GHSA-m5rp-xcpf-r8m7nvdVendor Advisory
News mentions
0No linked articles in our index yet.