K3s - CVE Scans - 2025-07-30

How to use this page

• Only the latest patch version of each supported release line and the respective next release candidate (RC) versions are scanned. Older patch versions and no longer supported (EOL) versions are not scanned.
• The CVE scans are executed daily with internal automation developed by the K3s team. The CVE scanner used is Trivy with the latest version available.
• These pages are updated and regenerated daily.
• Our scans use SUSE Rancher's VEX Hub reports to remove known false-positives. Please consult the README for more information on how to use the reports.
• Only critical and high severity CVEs are displayed (internally we track all severities).
• If you want to report an issue with these pages, please open an issue.