Search results

feat(secret): add built-in rules for OpenAI credential detection

kind/featureCategorizes issue or PR as related to a new feature.Categorizes issue or PR as related to a new feature.

scan/secretIssues relating to secret scanningIssues relating to secret scanning

Status: Open.

Feature

#10794 In aquasecurity/trivy;

· nikpivkin opened on Jun 4, 2026

·  

v0.72.0

bug(java): Maven 429 rate limit is reported as semaphore acquire: context canceled instead of the real error

kind/bugCategorizes issue or PR as related to a bug.Categorizes issue or PR as related to a bug.

scan/vulnerabilityIssues relating to vulnerability scanningIssues relating to vulnerability scanning

target/filesystemIssues relating to filesystem scanningIssues relating to filesystem scanning

target/repositoryIssues relating to VCS repository scanningIssues relating to VCS repository scanning

Status: Open.

#10792 In aquasecurity/trivy;

· DmitriyLewen opened on Jun 4, 2026

·  

v0.71.1

feat(bottlerocket): support vulnerability detection for Bottlerocket OS

Status: Open.

#10772 In aquasecurity/trivy;

· DmitriyLewen opened on Jun 2, 2026

·  

v0.72.0

feat(vex): migrate OCI VEX discovery off openvex/discovery (support Cosign v3 / OCI 1.1 referrers)

scan/vulnerabilityIssues relating to vulnerability scanningIssues relating to vulnerability scanning

target/container-imageIssues relating to container image scanningIssues relating to container image scanning

Status: Open.

#10750 In aquasecurity/trivy;

· DmitriyLewen opened on May 28, 2026

·  

v0.72.0

fix(misconf): false positive GIT-0003 when using github_repository_vulnerability_alerts resource

kind/bugCategorizes issue or PR as related to a bug.Categorizes issue or PR as related to a bug.

scan/misconfigurationIssues relating to misconfiguration scanningIssues relating to misconfiguration scanning

Status: Open.

Bug

#10675 In aquasecurity/trivy;

· nikpivkin opened on May 18, 2026

feat(misconf): add CloudFront standard logging v2 support to AVD-AWS-0010

kind/featureCategorizes issue or PR as related to a new feature.Categorizes issue or PR as related to a new feature.

scan/misconfigurationIssues relating to misconfiguration scanningIssues relating to misconfiguration scanning

Status: Open.

Feature

#10622 In aquasecurity/trivy;

· nikpivkin opened on May 6, 2026

test(misconf): add test coverage for Helm Charts v3

kind/testingCategorizes issue or PR as related to a unit/integration test.Categorizes issue or PR as related to a unit/integration test.

scan/misconfigurationIssues relating to misconfiguration scanningIssues relating to misconfiguration scanning

Status: Open.

Feature

#10604 In aquasecurity/trivy;

· nikpivkin opened on May 1, 2026

Migrate to Helm v4

kind/featureCategorizes issue or PR as related to a new feature.Categorizes issue or PR as related to a new feature.

scan/misconfigurationIssues relating to misconfiguration scanningIssues relating to misconfiguration scanning

Status: Open.

#10601 In aquasecurity/trivy;

· nikpivkin opened on May 1, 2026

feat(secret): support new stateless format for GitHub App installation tokens

kind/featureCategorizes issue or PR as related to a new feature.Categorizes issue or PR as related to a new feature.

scan/secretIssues relating to secret scanningIssues relating to secret scanning

Status: Open.

Feature

#10591 In aquasecurity/trivy;

· nikpivkin opened on Apr 28, 2026

feat(install): support passing expected checksum to contrib/install.sh

kind/featureCategorizes issue or PR as related to a new feature.Categorizes issue or PR as related to a new feature.

kind/securityCategorizes issue or PR as related to Trivy's own security or internal vulnerabilities.Categorizes issue or PR as related to Trivy's own security or internal vulnerabilities.

Status: Open.

#10589 In aquasecurity/trivy;

· knqyf263 opened on Apr 28, 2026

feat(ignore): make id optional in .trivyignore.yaml to ignore all findings for a PURL/path

kind/featureCategorizes issue or PR as related to a new feature.Categorizes issue or PR as related to a new feature.

scan/vulnerabilityIssues relating to vulnerability scanningIssues relating to vulnerability scanning

Status: Open.

#10583 In aquasecurity/trivy;

· knqyf263 opened on Apr 24, 2026

bug: SeveritySource is empty when severity falls back to top-level Severity field from trivy-db

kind/bugCategorizes issue or PR as related to a bug.Categorizes issue or PR as related to a bug.

scan/vulnerabilityIssues relating to vulnerability scanningIssues relating to vulnerability scanning

Status: Open.

Bug

#10409 In aquasecurity/trivy;

· DmitriyLewen opened on Mar 19, 2026