Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-23884	HIGH	7.7	Wolfi	freerdp-libs	No	Yes	Jan 19, 2026
CVE-2026-23883	HIGH	7.7	Wolfi	freerdp	No	Yes	Jan 19, 2026
CVE-2026-23732	MEDIUM	5.5	Wolfi	freerdp	No	Yes	Jan 19, 2026
CVE-2026-23849	MEDIUM	5.3	Wolfi	github.com/filebrowser/filebrowser/v2	No	Yes	Jan 19, 2026
CVE-2025-15281	N/A	N/A	Wolfi	glibc-langpack-anp	No	Yes	Jan 20, 2026

CVE-2025-15281:
Wolfi vulnerability analysis and mitigation

Related Wolfi vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-15281: Wolfi vulnerability analysis and mitigation