TLP:WHITE6 IOCs

What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant

Securelist

Published May 29, 2026Original Report

Diamond Model

Adversary

Infrastructure

Capability(1)

Victim

Initial AccessTA0001·T1190

1/9

Exploit Public-Facing Application

ActionExploit vulnerable applications

Attackers exploit vulnerabilities in public-facing applications, such as web applications running in containers, to gain initial access.

Analysis unavailable

Type	Indicator	Confidence	Score	First Seen
CVE	CVE-2025-32463 exploitintel-blogmalware	Medium	51	Jun 2, 26
CVE	CVE-2026-24061 exploitintel-blogmalware	High	62	Jun 2, 26
CVE	CVE-2025-49844 exploitintel-blogmalware	Medium	51	Jun 2, 26
CVE	CVE-2023-4911 exploitintel-blogmalware	Medium	51	Jun 2, 26
CVE	CVE-2025-55182 exploitintel-blogmalware	High	73	Jun 2, 26
CVE	CVE-2021-4034 exploitintel-blogmalware	Medium	51	Jun 2, 26

IOC Relationship Graph6 total IOCs

CVE

scroll to zoom · drag to pan · click IOC to open