CVE-2026-32591

Name of the Vulnerable Software and Affected Versions Red Hat Quay (affected versions not specified)

Description A flaw exists in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay establishes a network connection to the specified registry hostname without validating that it points to a legitimate external service. An attacker possessing organization administrator privileges could provide a manipulated hostname, causing the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should be inaccessible to the Quay application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.