CVE-2026-28407

MEDIUM

malcontent <1.21.0 - Info Disclosure

Title source: llm

Description

malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archives so that malcontent can attempt a best-effort scan of the archive bytes. Version 1.21.0 fixes the issue.

References (3)

[Vendor Advisory] https://github.com/chainguard-dev/malcontent/security/advisories/GHSA-945p-3jhm-6rcp

[Issue Tracking] https://github.com/chainguard-dev/malcontent/pull/1383

[Patch] https://github.com/chainguard-dev/malcontent/commit/356c56659ccfcad0b249a97de8cf71f151ed3ee9

View Patch ZIP pw:eip

Scores

CVSS v3 5.3

EPSS 0.0003

EPSS Percentile 10.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-703

Status published

Products (2)

chainguard/malcontent < 1.21.0

chainguard-dev/malcontent 0 - 1.21.0Go

Published Feb 27, 2026

Tracked Since Feb 28, 2026