Debian DSA-6373-1 fixes multiple LXD security issues for Debian 13 trixie. Use this host, backup, tenant isolation, and verification checklist before and after patching.
Incus 7.2 fixes eight security issues, including critical host and tenant-isolation risks. Use this checklist to patch and verify safely.
Use Docker SBOMs to inventory container images, verify dependencies, connect vulnerability scanning, and prepare supply-chain reviews before production changes.
Docker is retiring Docker Content Trust and the Notary v1 service. Use this checklist to find DCT use, plan brownout tests, and migrate to Cosign or Notation.
Kubernetes 1.33 reaches end of life on June 28, 2026. Plan the upgrade path, confirm version skew, drain nodes safely, check add-ons, and verify workloads.
CISA added Linux kernel CVE-2022-0492 to KEV on June 2, 2026. Patch and reboot container hosts, shared hosting nodes, CI runners, and Linux servers that run untrusted workloads.
Update Docker Desktop for CVE-2026-5843 and recent Docker Model Runner fixes. Check admin workstations, homelab systems, and support laptops.
Patch ingress-nginx CVE-2026-4342, review Kubernetes Ingress permissions, protect Secrets, and plan migration away from retired ingress-nginx.
Patch Traefik CVE-2026-44774 in Kubernetes Gateway deployments, review tenant route permissions, and update Traefik custom error handling.
Patch or mitigate Fragnesia CVE-2026-46300 on Linux hosting, Proxmox, container, CloudLinux, AlmaLinux, Debian, and Ubuntu servers.
