Docker is retiring Docker Content Trust and the Notary v1 service. Use this checklist to find DCT use, plan brownout tests, and migrate to Cosign or Notation.
Kubernetes 1.33 reaches end of life on June 28, 2026. Plan the upgrade path, confirm version skew, drain nodes safely, check add-ons, and verify workloads.
Kubernetes will correct older unfixed CVE records on June 1, 2026. Use this checklist to triage scanner alerts without mistaking configuration risks for simple patch gaps.
Patch Kubernetes SMB CSI Driver CVE-2026-3865 to v1.20.1+, restrict PersistentVolume creation, review SMB exports, and verify backups.
Patch ingress-nginx CVE-2026-4342, review Kubernetes Ingress permissions, protect Secrets, and plan migration away from retired ingress-nginx.
Patch Apache Flink CVE-2026-35194 by upgrading to fixed Flink releases, restricting query submission, and reviewing recent cluster job activity.
Patch MLflow CVE-2026-2652 by updating to 3.10.0 or newer, restricting exposed MLOps services, and reviewing recent experiment activity.
