00 // INTEL / ADVISORIES
Public BleedWatch Vulnerability Advisories (BVA)
Public advisories summarize externally observable exposure patterns, affected ecosystems, and remediation context. The dashboard remains the source of record for customer-specific live evidence.
Filter
| ID | Title | Severity | Ecosystem | Published | Link |
|---|---|---|---|---|---|
| BVA-2026-0142 | Docker build layer exposes live AWS deploy role SaaS | critical | Docker / AWS | 2026-05-06 | Open |
| BVA-2026-0138 | GitHub Actions pull_request_target chain with write token Fintech | high | GitHub Actions | 2026-05-03 | Open |
| BVA-2026-0129 | NPM package publishes sourcemap with internal API host Developer tools | medium | NPM | 2026-04-28 | Open |
| BVA-2026-0117 | PyPI wheel contains forgotten staging credential Healthcare | high | PyPI | 2026-04-20 | Open |
| BVA-2026-0104 | Wildcard CORS on billing subdomain enables token exposure Commerce | medium | Web | 2026-04-11 | Open |
| BVA-2026-0098 | Public container registry leaks deploy metadata AI infrastructure | low | Docker | 2026-04-04 | Open |
ALREADY SHIPPED
Refresh applied. Live data fed from app.bleedwatch.com.
The public shell is reviewable here; customer-specific advisory evidence, ownership, and remediation routing are served from the authenticated dashboard.