Vulnerability Details CVE-2026-32590
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.8%
CVSS Severity
CVSS v3 Score 7.1
References
Products affected by CVE-2026-32590
-
cpe:2.3:a:redhat:mirror_registry_for_red_hat_openshift:-
-
cpe:2.3:a:redhat:mirror_registry_for_red_hat_openshift:2.0
-
cpe:2.3:a:redhat:quay:3.0.0