{"@context":"https://openvex.dev/ns/v0.2.0","@id":"pkg:docker/cluster-agent@7.76.3","author":"security@datadoghq.com","author_role":"Vulnerability Management","last_updated":"2026-05-14T11:43:14.114869433Z","statements":[{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.163371Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.163371Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.16337Z","vulnerability":{"name":"CVE-2026-5928"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.163341Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.163341Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.163341Z","vulnerability":{"name":"CVE-2026-33845"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.163403Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.163403Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.163403Z","vulnerability":{"name":"CVE-2026-42499"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.29099Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.167889Z","vulnerability":{"name":"CVE-2026-32289"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.163542Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.163542Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.163542Z","vulnerability":{"name":"CVE-2026-5435"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.16378Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.16378Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.16378Z","vulnerability":{"name":"CVE-2026-6238"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.161099Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.161099Z","products":[{"@id":"pkg:deb/ubuntu/login@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=shadow"},{"@id":"pkg:deb/ubuntu/passwd@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=shadow"},{"@id":"pkg:deb/ubuntu/login@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=shadow"},{"@id":"pkg:deb/ubuntu/passwd@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=shadow"}],"status":"affected","timestamp":"2026-05-14T10:30:54.161099Z","vulnerability":{"name":"CVE-2024-56433"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.1612Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.1612Z","products":[{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.161199Z","vulnerability":{"name":"CVE-2024-2236"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.161254Z","impact_statement":"The Datadog Agent uses its significantly newer embedded OpenSSL, not the Ubuntu system OpenSSL package.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T10:30:54.161254Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"not_affected","timestamp":"2026-05-14T10:30:54.161254Z","vulnerability":{"name":"CVE-2024-41996"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.161466Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.161466Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.161466Z","vulnerability":{"name":"CVE-2026-42010"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.161613Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.161613Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.161613Z","vulnerability":{"name":"CVE-2025-27587"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.161657Z","impact_statement":"Given the low risk of this vulnerability, since it requires repeated use of the system tar binary and the agent neither invokes /usr/bin/tar nor relies on it for archive handling, instead using Go’s safe archive/tar implementation with path protections, we propose to wait for an official fix from the vendor.","justification":"vulnerable_code_cannot_be_controlled_by_adversary","last_updated":"2026-05-14T10:30:54.161657Z","products":[{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"not_affected","timestamp":"2026-05-14T10:30:54.161657Z","vulnerability":{"name":"CVE-2025-45582"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.161727Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.161727Z","products":[{"@id":"pkg:golang/github.com/modelcontextprotocol/go-sdk@v1.1.0"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.161727Z","vulnerability":{"name":"CVE-2026-34742"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.162004Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.162004Z","products":[{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.162004Z","vulnerability":{"name":"CVE-2026-40355"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.16222Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.16222Z","products":[{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.16222Z","vulnerability":{"name":"CVE-2026-40356"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.1623Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.1623Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.1623Z","vulnerability":{"name":"CVE-2026-3833"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.162356Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.162356Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.162355Z","vulnerability":{"name":"CVE-2026-39820"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.162589Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.162589Z","products":[{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.1?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.162589Z","vulnerability":{"name":"CVE-2025-5278"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.162684Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.162684Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.162684Z","vulnerability":{"name":"CVE-2026-33846"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.162869Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.162869Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T10:30:54.162869Z","vulnerability":{"name":"CVE-2026-4437"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.163024Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.163024Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T10:30:54.163024Z","vulnerability":{"name":"CVE-2026-4046"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.163264Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.163263Z","products":[{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.1?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.163263Z","vulnerability":{"name":"CVE-2016-2781"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.163298Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.163297Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.163297Z","vulnerability":{"name":"CVE-2026-5450"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.168986Z","impact_statement":"The Datadog Agent's Go binary uses Go's standard library `compress/zlib` (pure Go, no linkage to system libz), and Python's `zlib` module, while linking against system libz, does not expose `crc32_combine64` to Python userspace.","justification":"vulnerable_code_cannot_be_controlled_by_adversary","last_updated":"2026-05-14T10:30:54.168986Z","products":[{"@id":"pkg:deb/ubuntu/zlib1g@1%3A1.3.dfsg-3.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=zlib"},{"@id":"pkg:deb/ubuntu/zlib1g@1%3A1.3.dfsg-3.1ubuntu2.1?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=zlib"}],"status":"not_affected","timestamp":"2026-05-14T10:30:54.168986Z","vulnerability":{"name":"CVE-2026-27171"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.169227Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.169227Z","products":[{"@id":"pkg:golang/github.com/modelcontextprotocol/go-sdk@v1.1.0"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.169227Z","vulnerability":{"name":"GHSA-q382-vc8q-7jhj"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.169257Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.169257Z","products":[{"@id":"pkg:golang/github.com/prometheus/prometheus@v0.309.2-0.20260113170727-c7bc56cf6c8f"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.169256Z","vulnerability":{"name":"CVE-2026-44903"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.169285Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.169285Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.169285Z","vulnerability":{"name":"CVE-2026-42009"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.169312Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.169312Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.169311Z","vulnerability":{"name":"CVE-2026-42012"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.16936Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.16936Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.16936Z","vulnerability":{"name":"CVE-2026-42013"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.169393Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.169393Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.169393Z","vulnerability":{"name":"CVE-2026-42014"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.169418Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.169418Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.169418Z","vulnerability":{"name":"CVE-2026-42015"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.16946Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.16946Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.16946Z","vulnerability":{"name":"CVE-2026-5260"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.169494Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.169493Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.169493Z","vulnerability":{"name":"CVE-2026-5419"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.597211Z","products":[{"@id":"pkg:deb/ubuntu/sed@4.9-2build1?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/sed@4.9-2build1?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.16902Z","vulnerability":{"name":"CVE-2026-5958"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.597214Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.169046Z","vulnerability":{"name":"CVE-2026-6276"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.291069Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.169088Z","vulnerability":{"name":"CVE-2026-32288"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:11:22.861258Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.169188Z","vulnerability":{"name":"CVE-2026-31789"}},{"action_statement":"This vulnerability was fixed in: 7.77.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:46:13.865982Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.169136Z","vulnerability":{"name":"CVE-2026-27139"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.29097Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166277Z","vulnerability":{"name":"CVE-2026-32283"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.290979Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166486Z","vulnerability":{"name":"CVE-2026-27140"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.59714Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.165056Z","vulnerability":{"name":"CVE-2026-5545"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.59717Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166016Z","vulnerability":{"name":"CVE-2026-7168"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.597176Z","products":[{"@id":"pkg:deb/ubuntu/libnghttp2-14@1.59.0-1ubuntu0.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=nghttp2"},{"@id":"pkg:deb/ubuntu/libnghttp2-14@1.59.0-1ubuntu0.2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=nghttp2"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166532Z","vulnerability":{"name":"CVE-2026-27135"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.597182Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.167071Z","vulnerability":{"name":"CVE-2026-6429"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.597186Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.167262Z","vulnerability":{"name":"CVE-2026-6253"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.59719Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel/sdk@v1.39.0"}],"status":"affected","timestamp":"2026-05-14T10:30:54.167559Z","vulnerability":{"name":"CVE-2026-39883"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.597197Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.168123Z","vulnerability":{"name":"CVE-2026-5773"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:33:02.597206Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.168679Z","vulnerability":{"name":"CVE-2026-4873"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.290937Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.165563Z","vulnerability":{"name":"CVE-2026-27143"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.290961Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166167Z","vulnerability":{"name":"CVE-2026-32281"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.290966Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166211Z","vulnerability":{"name":"CVE-2026-32280"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.290995Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.168275Z","vulnerability":{"name":"CVE-2026-32282"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.290999Z","products":[{"@id":"pkg:deb/ubuntu/libcap2@1%3A2.66-5ubuntu2.2?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcap2@1%3A2.66-5ubuntu2.2?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.16847Z","vulnerability":{"name":"CVE-2026-4878"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:20:59.291051Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.16853Z","vulnerability":{"name":"CVE-2026-27144"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:11:22.860119Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel@v1.39.1-0.20260115134311-f809f7d71e2d"}],"status":"affected","timestamp":"2026-05-14T10:30:54.162329Z","vulnerability":{"name":"CVE-2026-29181"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:11:22.860726Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.163184Z","vulnerability":{"name":"CVE-2026-28389"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:11:22.860838Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.163206Z","vulnerability":{"name":"CVE-2026-28390"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:11:22.860996Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.165665Z","vulnerability":{"name":"CVE-2026-31790"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:11:22.861061Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.16637Z","vulnerability":{"name":"CVE-2026-28387"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:11:22.861145Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166655Z","vulnerability":{"name":"CVE-2026-28388"}},{"action_statement":"This vulnerability was fixed in: 7.77.2","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:57:34.257054Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166724Z","vulnerability":{"name":"CVE-2026-29111"}},{"action_statement":"This vulnerability was fixed in: 7.77.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:46:13.865662Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.162923Z","vulnerability":{"name":"CVE-2026-25679"}},{"action_statement":"This vulnerability was fixed in: 7.77.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:46:13.865936Z","products":[{"@id":"pkg:golang/github.com/modelcontextprotocol/go-sdk@v1.1.0"}],"status":"affected","timestamp":"2026-05-14T10:30:54.162974Z","vulnerability":{"name":"CVE-2026-27896"}},{"action_statement":"This vulnerability was fixed in: 7.77.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:46:13.865953Z","products":[{"@id":"pkg:golang/google.golang.org/grpc@v1.78.0"}],"status":"affected","timestamp":"2026-05-14T10:30:54.165217Z","vulnerability":{"name":"CVE-2026-33186"}},{"action_statement":"This vulnerability was fixed in: 7.77.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:46:13.86597Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T10:30:54.167463Z","vulnerability":{"name":"CVE-2026-27142"}},{"action_statement":"This vulnerability was fixed in: 7.77.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:37:32.010505Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.161311Z","vulnerability":{"name":"CVE-2025-0167"}},{"action_statement":"This vulnerability was fixed in: 7.77.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"libssh-4 0.10.6-2ubuntu0.3 is present in the cluster-agent image as a transitive dependency of libcurl4 (installed via `curl` in the Dockerfile). CVE-2026-3731 is an out-of-bounds read in libssh's SFTP Extension Name Handler (`sftp_extensions_get_name`/`sftp_extensions_get_data`), triggered when an SFTP client processes crafted extension data from a malicious server. The Datadog Cluster Agent is a pure-Go binary with no libssh linkage and performs no SSH or SFTP operations. The `curl` binary that carries the libssh dependency is present but never invoked with SFTP URLs by the cluster-agent. A fix is available: `libssh-4 0.10.6-2ubuntu0.4` (Ubuntu 24.04, released 2026-03-17).","justification":"vulnerable_code_cannot_be_controlled_by_adversary","last_updated":"2026-05-14T10:37:32.010543Z","products":[{"@id":"pkg:deb/ubuntu/libssh-4@0.10.6-2ubuntu0.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libssh"},{"@id":"pkg:deb/ubuntu/libssh-4@0.10.6-2ubuntu0.3?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=libssh"}],"status":"affected","timestamp":"2026-05-14T10:30:54.161804Z","vulnerability":{"name":"CVE-2026-3731"}},{"action_statement":"This vulnerability was fixed in: 7.77.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:37:32.010552Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.16315Z","vulnerability":{"name":"CVE-2026-1965"}},{"action_statement":"This vulnerability was fixed in: 7.77.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:37:32.010585Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166557Z","vulnerability":{"name":"CVE-2026-3783"}},{"action_statement":"This vulnerability was fixed in: 7.77.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"the CVE is macOS-only","justification":"vulnerable_code_not_present","last_updated":"2026-05-14T10:37:32.010592Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel/sdk@v1.39.0"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166689Z","vulnerability":{"name":"CVE-2026-24051"}},{"action_statement":"This vulnerability was fixed in: 7.77.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:37:32.010604Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:30:54.167619Z","vulnerability":{"name":"CVE-2026-3784"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166762Z","impact_statement":"Given the low risk of the vulnerability, as the agent never invokes `dpkg-deb` or processes .deb archives at runtime, our current proposal is to wait for an official fix from the vendor for dpkg-deb.","justification":"vulnerable_code_cannot_be_controlled_by_adversary","last_updated":"2026-05-14T10:30:54.166762Z","products":[{"@id":"pkg:deb/ubuntu/dpkg@1.22.6ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/dpkg@1.22.6ubuntu6.5?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"not_affected","timestamp":"2026-05-14T10:30:54.166762Z","vulnerability":{"name":"CVE-2026-2219"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166785Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166785Z","products":[{"@id":"pkg:golang/github.com/docker/docker@v28.5.2%2Bincompatible"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.166785Z","vulnerability":{"name":"CVE-2026-33997"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166805Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166805Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.166805Z","vulnerability":{"name":"CVE-2026-39826"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.163915Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.163915Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T10:30:54.163915Z","vulnerability":{"name":"CVE-2026-4438"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.164096Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.164095Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.164095Z","vulnerability":{"name":"CVE-2026-40225"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.164286Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.164286Z","products":[{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-base@6.4%2B20240113-1ubuntu2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.164286Z","vulnerability":{"name":"CVE-2025-6141"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.16455Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.16455Z","products":[{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-runtime@1.5.3-5ubuntu5.5?arch=all\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.16455Z","vulnerability":{"name":"CVE-2026-43916"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.164851Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.16485Z","products":[{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-runtime@1.5.3-5ubuntu5.5?arch=all\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"}],"status":"affected","timestamp":"2026-05-14T10:30:54.16485Z","vulnerability":{"name":"CVE-2024-10041"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166856Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166856Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.166856Z","vulnerability":{"name":"CVE-2026-39817"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166912Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166912Z","products":[{"@id":"pkg:deb/ubuntu/bsdutils@1%3A2.39.3-9ubuntu6.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux%402.39.3-9ubuntu6.4"},{"@id":"pkg:deb/ubuntu/libblkid1@2.39.3-9ubuntu6.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libmount1@2.39.3-9ubuntu6.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libsmartcols1@2.39.3-9ubuntu6.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libuuid1@2.39.3-9ubuntu6.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/mount@2.39.3-9ubuntu6.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/util-linux@2.39.3-9ubuntu6.4?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/bsdutils@1%3A2.39.3-9ubuntu6.4?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux%402.39.3-9ubuntu6.4"},{"@id":"pkg:deb/ubuntu/libblkid1@2.39.3-9ubuntu6.4?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libmount1@2.39.3-9ubuntu6.4?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libsmartcols1@2.39.3-9ubuntu6.4?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libuuid1@2.39.3-9ubuntu6.4?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/mount@2.39.3-9ubuntu6.4?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/util-linux@2.39.3-9ubuntu6.4?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166912Z","vulnerability":{"name":"CVE-2026-27456"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.165168Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.165168Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.165167Z","vulnerability":{"name":"CVE-2026-33814"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.165368Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.165368Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.165368Z","vulnerability":{"name":"CVE-2026-3832"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.165503Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.165503Z","products":[{"@id":"pkg:deb/ubuntu/liblzma5@5.6.1%2Breally5.4.5-1ubuntu0.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=xz-utils"},{"@id":"pkg:deb/ubuntu/liblzma5@5.6.1%2Breally5.4.5-1ubuntu0.2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=xz-utils"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.165503Z","vulnerability":{"name":"CVE-2026-34743"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.165955Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.165955Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.165955Z","vulnerability":{"name":"CVE-2026-39836"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166053Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166053Z","products":[{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166053Z","vulnerability":{"name":"CVE-2026-5704"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166618Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166618Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.166617Z","vulnerability":{"name":"CVE-2026-40227"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.167118Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.167118Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.167117Z","vulnerability":{"name":"CVE-2026-40223"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.167159Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.167159Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.167159Z","vulnerability":{"name":"CVE-2026-42501"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.167218Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.167218Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.167218Z","vulnerability":{"name":"CVE-2026-39825"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.167305Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.167304Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.167304Z","vulnerability":{"name":"CVE-2026-40228"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.167347Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.167347Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.167347Z","vulnerability":{"name":"CVE-2026-39823"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.167392Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.167392Z","products":[{"@id":"pkg:golang/github.com/prometheus/prometheus@v0.309.2-0.20260113170727-c7bc56cf6c8f"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.167392Z","vulnerability":{"name":"CVE-2026-42151"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.16742Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.16742Z","products":[{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=arm64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.16742Z","vulnerability":{"name":"CVE-2026-41989"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.167443Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.167443Z","products":[{"@id":"pkg:golang/github.com/docker/docker@v28.5.2%2Bincompatible"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.167443Z","vulnerability":{"name":"CVE-2026-34040"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166079Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166079Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T10:30:54.166079Z","vulnerability":{"name":"CVE-2016-20013"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.167517Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.167517Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.167517Z","vulnerability":{"name":"CVE-2026-40224"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166116Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166115Z","products":[{"@id":"pkg:golang/github.com/prometheus/prometheus@v0.309.2-0.20260113170727-c7bc56cf6c8f"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.166115Z","vulnerability":{"name":"CVE-2026-42154"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166144Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166144Z","products":[{"@id":"pkg:golang/github.com/moby/spdystream@v0.5.0"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.166144Z","vulnerability":{"name":"CVE-2026-35469"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166347Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166347Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.166347Z","vulnerability":{"name":"CVE-2026-42011"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.168032Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.168032Z","products":[{"@id":"pkg:golang/github.com/prometheus/prometheus@v0.309.2-0.20260113170727-c7bc56cf6c8f"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.168032Z","vulnerability":{"name":"CVE-2026-40179"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.168328Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.168327Z","products":[{"@id":"pkg:golang/github.com/modelcontextprotocol/go-sdk@v1.1.0"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.168327Z","vulnerability":{"name":"CVE-2026-33252"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.168409Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.168409Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.168409Z","vulnerability":{"name":"CVE-2026-40226"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.168501Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.168501Z","products":[{"@id":"pkg:deb/ubuntu/gpgv@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/gpgv@2.4.4-2ubuntu17.4?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"}],"status":"affected","timestamp":"2026-05-14T10:30:54.168501Z","vulnerability":{"name":"CVE-2022-3219"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.168584Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.168584Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.168584Z","vulnerability":{"name":"CVE-2026-39819"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.16889Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.16889Z","products":[{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-base@6.4%2B20240113-1ubuntu2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.16889Z","vulnerability":{"name":"CVE-2025-69720"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:30:54.166415Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:30:54.166415Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T10:30:54.166415Z","vulnerability":{"name":"CVE-2026-33811"}}],"timestamp":"2026-03-09T15:56:04.58246516Z","tooling":"","version":20}