On March 19, 2026, a critical supply chain compromise was identified in the Aqua Security Trivy ecosystem (CVE-2026-33634). Threat actors gained access to release credentials and published malicious versions of the Trivy binary (v0.69.4) designed to exfiltrate CI/CD secrets.

Broadcom has conducted an impact assessment for Tanzu Application Platform (TAP) and Spring Enterprise artefacts to address customer concerns regarding potential exposure in their supply chains.

• VMware Tanzu Application Platform (TAP) 1.x
• VMware Tanzu Build Service (TBS)
• Spring Enterprise Subscription / Spring Enterprise Repositories

A third-party supply chain attack where a threat actor (identified as "TeamPCP") successfully published a compromised Trivy binary (v0.69.4) between March 19 and March 22, 2026. This binary aimed to exfiltrate AWS/GCP/Azure keys, Kubernetes tokens, and other pipeline secrets from the runner environment.

1. Spring Enterprise Artefact Verification

Internal audits confirm that Spring Enterprise artefacts pulled from Broadcom repositories are not impacted:

• Spring Enterprise libraries are not built using the compromised Trivy v0.69.4 binary.
• Broadcom does not utilize Trivy to scan Spring libraries during the final packaging phase in a way that affects the integrity of the published JAR files.

2. Tanzu Application Platform (TAP) Assessment

• Official Shipments: TAP distributions include a verified version of the Trivy scanner. Broadcom did not ship the compromised build (v0.69.4) in any official TAP package.
• BYOS Risk: Customers utilizing a "Bring Your Own Scanner" (BYOS) configuration must verify if they manually integrated Trivy v0.69.4 into their TAP supply chains or pipelines during the attack window.

3. Diagnostic Steps for TAP Environments

To verify the version of the Trivy scanner running in your TAP cluster, execute the following command:

Review this command before running it.

kubectl get pods -A -l app=trivy -o jsonpath='{range .items[*]}{.metadata.namespace}{"\t"}{.metadata.name}{"\t"}{.spec.containers[*].image}{"\n"}{end}'

Note: If the output matches version v0.69.4, immediate action is required.

4. Remediation for Affected Environments

If a compromised scanner was utilized:

• Isolate: Stop all active pipelines using the affected version.
• Rotate Credentials: Immediately rotate all secrets accessible to the build runner (e.g., registry pull secrets, Git tokens, cloud provider keys, and Kubernetes Service Account tokens).
• Pin Versions: Update configurations to pin scanning tools to a known-safe version or immutable commit SHA.

Bitnami Security Update: Trivy and BSI
Potential Supply Chain Compromise Trivy Vulnerability CVE-2026-33634 in Harbor
VMware Impact Assessment for Aqua Security Trivy CVE-2026-33634