Secure and Free MinIO Chainguard Containers

On October 23, 2025, the MinIO project stopped publishing the free, community edition of their namesake Docker container image, requiring developers to build and maintain their own containers from the source code. Because of this, you may also be scrambling to prevent your build pipelines and CI/CD workflows from failing.

As the trusted source for open source, Chainguard is committed to providing the community with images that offer an improved security posture, without causing additional toil and stress with migration or compatibility. To fill in the gap left by the MinIO news, we are excited to add the latest version of our MinIO images (minio and minio-client) to our free tier available to all, no payment or account approval required. Like the rest of our catalog, our MinIO builds are minimal, vulnerability-free, and continuously built from source in our SLSA L3 hardened infrastructure.

Getting started with our images is quick. Pull the cgr.dev/chainguard/minio:latest image and head over to our directory for related documentation, or read our new MinIO guide.

Understanding the recent changes to MinIO

MinIO is a high-performance, S3-compatible object storage. It has become very popular due to its solid functionality and unrestricted availability, resulting in over 1 billion (!) pulls on Docker Hub. MinIO is used for testing, local development, and production use cases across on-prem and cloud deployments. The solid S3 compatibility made it an easy choice for many needing this functionality, and MinIO has become widely adopted across many other popular open source projects like Trino and Apache Spark.

On October 23, 2025, the MinIO maintainers ended their former practice of providing pre-compiled binary releases of the community version. As a result, the container images for MinIO were pulled from Docker Hub and Quay repositories and new versions will not be published going forward. That means developers and engineering organizations are now required to build the container image from source themselves or rely on now unmaintained versions. Additionally, a new vulnerability, CVE-2025-62506, was reported and the maintainers declined to patch MinIO containers.

Best source for MinIO

While you can still build the images from source, this adds an extra layer of complexity and responsibility for maintaining up-to-date and secure deployments. This move effectively closes off the easiest and most common channel, forcing many developers to find alternative ways to deploy and manage MinIO.

Fortunately, Chainguard has been building minimal, zero-CVE container images for the MinIO project on behalf of our customers for years. To help the community avoid current and future CVEs in the MinIO containers, we decided to make our minio and minio-client container images available to everyone:

docker pull cgr.dev/chainguard/minio

docker pull cgr.dev/chainguard/minio-client

Just like all other Chainguard Containers, we make new versions available when new releases come out or any component updates or security fixes require a rebuild – typically on a daily basis. For interested customers, we also offer specific versions, an operator, FIPS-compliant containers, and Helm charts.

So what are you waiting for? Switch to the Chainguard MinIO container and carry on! Reach out if you are interested in learning more.