PT-2026-23503 · Aqua Security · Trivy Vulnerability Scanner Vs Code Extension
Tzurielweisberg
·
Published
2026-03-05
·
Updated
2026-03-12
·
CVE-2026-28353
CVSS v4.0
10
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H |
Name of the Vulnerable Software and Affected Versions
Trivy Vulnerability Scanner VS Code Extension version 1.8.12
Description
The Trivy Vulnerability Scanner VS Code extension was compromised with malicious code in version 1.8.12, distributed through the OpenVSX marketplace. This malicious code was designed to collect and exfiltrate sensitive information by leveraging a local AI coding agent. The compromised artifact has been removed from the marketplace, and no other affected artifacts have been identified.
Recommendations
Immediately remove Trivy VSCode Extension version 1.8.12.
Rotate environment secrets.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Trivy Vulnerability Scanner Vs Code Extension