Packer is a software for creating identical machine images or containers for multiple platforms from a single source configuration.

Packer

HashiCorp's Vault secures, stores, and controls access to tokens, passwords, certificates, API keys, and other sensitive resources in modern data centers. For each resource, Vault handles leasing, revocation, rolling, and auditing.

HashiCorp Vault

A simple and comprehensive vulnerability scanner for containers, suitable for CI.

Trivy

The AWS Systems Manager Agent (SSM Agent) is Amazon software that can be installed and configured on an EC2 instance, an on-premises server, or a virtual machine (VM). The SSM Agent makes it possible for Systems Manager to update, manage, and configure these resources.

AWS Systems Manager Agent (SSM)

Rclone is a command line program to sync files and directories to and from different cloud storage providers.

Rclone

Gitea is an open-source forge software package for hosting software development version control using Git, as well as other collaborative features like bug tracking, wikis, and code review.

Gitea

SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI, and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, and PGP.

SOPS

Atlantis is an application for automating Terraform via pull requests. It is deployed as a standalone application into your infrastructure.

Atlantis

Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

Kubescape CLI is an open-source Kubernetes security platform that helps identify and fix misconfigurations in Kubernetes clusters. It scans Kubernetes YAML files, Helm charts, and live clusters against various security frameworks and best practices. Kubescape CLI provides detailed risk scoring, compliance reports, and remediation suggestions to improve the security posture of Kubernetes environments.

Kubescape CLI

Trufflehog is a tool designed to search through git repositories for secrets, such as high entropy strings and passwords. It can scan both public and private repositories, as well as local git repositories, to identify potential security risks. Trufflehog uses pattern matching and entropy analysis to detect sensitive information that may have been accidentally committed to version control.

Trufflehog

MinimOS is a minimalist operating system designed for simplicity and efficiency. It aims to provide only essential functionalities, making it lightweight and suitable for resource-constrained environments. MinimOS is often used in embedded systems or as a base for custom operating system development.

MinimOS

GPTScript is a programming language and runtime environment designed specifically for building AI applications and automating interactions with large language models like GPT. It provides a simplified syntax for creating AI-powered scripts and applications, allowing developers to integrate AI capabilities more easily into their workflows.

gptscript

The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas.
ECDH and ECDSA signing relying on this curve are not affected.

The bug was fixed in  v1.6.3 https://github.com/cloudflare/circl/releases/tag/v1.6.3 .

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-33186	CRITICAL	9.1	cAdvisor	cloud-provider-azure-fips-1.31	No	Yes	Mar 20, 2026
CVE-2026-25679	HIGH	7.5	cAdvisor	cloud-provider-aws-fips-1.32	No	Yes	Mar 06, 2026
CVE-2026-27142	MEDIUM	6.1	cAdvisor	eks-distro-fips-1.34	No	Yes	Mar 06, 2026
CVE-2026-1229	LOW	2.9	Packer	gitaly-18.9	No	Yes	Feb 24, 2026
CVE-2026-27139	LOW	2.5	cAdvisor	dask-gateway	No	Yes	Mar 06, 2026

CVE-2026-1229:
Packer vulnerability analysis and mitigation

2.9

Related Packer vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-1229: Packer vulnerability analysis and mitigation