Every CVE whose affected-product data names Zotregistry Zot, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-31801 — CVSS 7.7 (high): zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. From 1.3.0 to 2.1.14, zot’s…
CVE-2025-23208 — CVSS 7.3 (high): zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db) is an…
CVE-2024-39897 — CVSS 4.3 (medium): zot is an OCI image registry. Prior to 2.1.0, the cache driver `GetBlob()` allows read access to any blob without access control check. If…