{"vulnerability": "CVE-2026-57231", "sightings": [{"uuid": "51cc6116-d635-43b2-a75f-c72aebc9ce88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57231", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7lwuwflj26", "content": "CVE-2026-57231 - Podman: Malformed Image can trick podman run into leaking host environment variables into the container\nCVE ID : CVE-2026-57231\n \n Published : June 26, 2026, 4:29 p.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : Podman is a tool for managing OCI containers and p...", "creation_timestamp": "2026-06-26T18:42:49.292086Z"}, {"uuid": "67652e57-6e0a-419e-a6f2-e37bef6eef66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57231", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mpbbr7oncd2v", "content": "Podman 5.8.4 patches CVE-2026-57231, where a crafted image with malformed Env entries could leak host environment variables into the container, including via glob patterns. It also bumps x/crypto for two more CVEs. Do you treat image Env as untrusted?\n#containers", "creation_timestamp": "2026-06-27T10:46:02.027782Z"}, {"uuid": "02e08717-4267-4231-8829-94e7d901b837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57231", "type": "seen", "source": "https://bsky.app/profile/mfahlandt.bsky.social/post/3mpgh5trego2s", "content": "\ud83d\udee1\ufe0f LWCN Week 27: Strimzi 1.1.0 removes older CRD APIs.\n*   Strimzi Kafka Operator 1.1.0 removes support for v1beta2, v1beta1, v1alpha1 CRD APIs.\n*   Podman v6.0.0/v5.8.4 addressed CVE-2026-57231 (host env var leak).\n*   Envoy patch releases resolved CVE-20\u2026\n\nhttps://lwcn.dev/newsletter/2026-week-27/", "creation_timestamp": "2026-06-29T12:05:52.529616Z"}]}