CVE-2026-32590

HIGH NVD

CVSS Score 7.1

Severity HIGH

Published Apr 08, 2026

Vendor unknown

Description

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.

References

https://access.redhat.com/security/cve/CVE-2026-32590
https://bugzilla.redhat.com/show_bug.cgi?id=2446964