Tag
A critical vulnerability, CVE-2026-54174, in Chainguard's apko and melange packages allows attackers to substitute arbitrary file contents within packages due to incomplete integrity verification, potentially leading to remote code execution.