Proxy Cache Configuration Flaw in Red Hat Quay
CVE-2026-32591

5.2MEDIUM

Key Information:

Vendor: Red Hat
Status: Mirror Registry For Red Hat Openshift; Mirror Registry For Red Hat Openshift 2; Red Hat Quay 3
Vendor: CVE Published:; 8 April 2026

What is CVE-2026-32591?

A vulnerability exists in Red Hat Quay related to the Proxy Cache configuration feature. When administrators set up an upstream registry for proxy caching, the application establishes a network connection to the designated hostname without validating its legitimacy. This flaw allows attackers with organization administrator privileges to exploit the system by supplying a malicious hostname. Consequently, the Quay server may inadvertently interact with internal network services or unauthorized cloud infrastructure endpoints, leading to potential exposure of sensitive resources that should remain inaccessible.

References

https://access.redhat.com/security/cve/CVE-2026-32591

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2446965

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

5.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2026
Vulnerability Reserved
Mar 12, 2026

Credit

Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.

CVE-2026-32591 Data

JSON