Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

Homebrew is a free and open-source software package management system that simplifies the installation of software on Apple's macOS operating system and Linux. The name is intended to suggest the idea of building software on the Mac depending on the user's taste. Originally written by Max Howell, the package manager has gained popularity in the Ruby on Rails community and earned praise for its extensibility.

Homebrew

Weaviate is an open-source, RESTful, graph-based knowledge extraction, storage, and retrieval solution. It leverages machine learning algorithms to create vector representations of data, facilitating semantic search and classification. Additionally, it assists in creating a knowledge graph that provides context about and relationships between different data elements.

Weaviate

MinimOS is a minimalist operating system designed for simplicity and efficiency. It aims to provide only essential functionalities, making it lightweight and suitable for resource-constrained environments. MinimOS is often used in embedded systems or as a base for custom operating system development.

MinimOS

An issue was discovered in Weaviate OSS before 1.33.4. An attacker with access to insert data into the database can craft an entry name with an absolute path (e.g., /etc/...) or use parent directory traversal (../../..) to escape the restore root when a backup is restored, potentially creating or overwriting files in arbitrary locations within the application's privilege scope.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-15514	HIGH	8.7	Wolfi	cpe:2.3:a:ollama:ollama	No	No	Jan 12, 2026
CVE-2026-22801	MEDIUM	6.8	OpenJDK JDK	java-1.8.0-openjdk-devel-slowdebug	No	Yes	Jan 12, 2026
CVE-2026-22695	MEDIUM	6.1	OpenJDK JDK	java-17-openjdk-devel-slowdebug	No	Yes	Jan 12, 2026
CVE-2026-22772	MEDIUM	5.8	Wolfi	golang-github-sigstore-fulcio	No	Yes	Jan 12, 2026
CVE-2026-22784	LOW	2.3	Wolfi	lychee	No	Yes	Jan 12, 2026

CVE-2025-67818:
Wolfi vulnerability analysis and mitigation

7.2

Related Wolfi vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-67818: Wolfi vulnerability analysis and mitigation