Devsecops

2 posts

/gitea-act-runner-container-escape/gitea-docker-container-escape.png
Your Gitea Docker Runner Gives Up Root Even With Privileged Mode Off

June 28, 2026

A Docker container on a Gitea build runner can break out to root on the host, the setting built to stop that does nothing, and there is no patch yet. CVSS 9.9. …

/php-composer-command-injection-cve-2026-40261/featured-image.png
PHP Composer Command Injection CVE-2026-40261

April 15, 2026

PHP Composer Has Two Flaws That Run Arbitrary Commands on Developer Machines PHP Composer, the package manager that almost every PHP developer uses to build …