CVE-2026-44218— ciguard: Container image runs as root (no USER directive)

CVSS 3.0 · Low EPSS 0.01% · P1 Updated May 15, 2026

Affected Version Matrix 1

Vendor	Product	Version Range	Status
Jo-Jo98	ciguard	`>= 0.1.0, < 0.8.2`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-44218

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

ciguard: Container image runs as root (no USER directive)

Source: NVD (National Vulnerability Database)

Vulnerability Description

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

特权管理不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

ciguard 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

ciguard是Johannes Moore个人开发者的一款CI/CD管道安全审计与可视化工具。 ciguard 0.1.0至0.8.1版本存在安全漏洞，该漏洞源于发布的容器镜像继承默认root用户，因为Dockerfile缺少USER指令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Jo-Jo98	ciguard	>= 0.1.0, < 0.8.2	-

II. Public POCs for CVE-2026-44218

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-44218

请登录查看更多情报信息。

Same Patch Batch · Jo-Jo98 · 2026-05-12 · 3 CVEs total

CVE-2026-44219	3.7 LOW	ciguard: SCA HTTP client reads response body without size cap
CVE-2026-44220	3.2 LOW	ciguard: discover_pipeline_files follows symlinks out of scan root

IV. Related Vulnerabilities

Same product: ciguard

Same vendor: Jo-Jo98

Same weakness: CWE-269

V. Comments for CVE-2026-44218

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-44218— ciguard: Container image runs as root (no USER directive)

Affected Version Matrix 1

I. Basic Information for CVE-2026-44218

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-44218

III. Intelligence Information for CVE-2026-44218

Same Patch Batch · Jo-Jo98 · 2026-05-12 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-44218

Leave a comment