{"@context":"https://openvex.dev/ns/v0.2.0","@id":"pkg:docker/cluster-agent@7.77.1","author":"security@datadoghq.com","author_role":"Vulnerability Management","last_updated":"2026-05-14T11:43:11.768334299Z","statements":[{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.455872Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.455872Z","products":[{"@id":"pkg:deb/ubuntu/login@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=shadow"},{"@id":"pkg:deb/ubuntu/passwd@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=shadow"},{"@id":"pkg:deb/ubuntu/login@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=shadow"},{"@id":"pkg:deb/ubuntu/passwd@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=shadow"}],"status":"affected","timestamp":"2026-05-14T10:45:21.455871Z","vulnerability":{"name":"CVE-2024-56433"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.455931Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.455931Z","products":[{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.455931Z","vulnerability":{"name":"CVE-2024-2236"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.45596Z","impact_statement":"The Datadog Agent uses its significantly newer embedded OpenSSL, not the Ubuntu system OpenSSL package.","justification":"vulnerable_code_not_in_execute_path","last_updated":"2026-05-14T10:45:21.45596Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"not_affected","timestamp":"2026-05-14T10:45:21.45596Z","vulnerability":{"name":"CVE-2024-41996"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456034Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456034Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.456034Z","vulnerability":{"name":"CVE-2026-42010"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456081Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456081Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.45608Z","vulnerability":{"name":"CVE-2025-27587"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456117Z","impact_statement":"Given the low risk of this vulnerability, since it requires repeated use of the system tar binary and the agent neither invokes /usr/bin/tar nor relies on it for archive handling, instead using Go’s safe archive/tar implementation with path protections, we propose to wait for an official fix from the vendor.","justification":"vulnerable_code_cannot_be_controlled_by_adversary","last_updated":"2026-05-14T10:45:21.456116Z","products":[{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"not_affected","timestamp":"2026-05-14T10:45:21.456116Z","vulnerability":{"name":"CVE-2025-45582"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456141Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456141Z","products":[{"@id":"pkg:golang/github.com/modelcontextprotocol/go-sdk@v1.3.1"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.45614Z","vulnerability":{"name":"CVE-2026-34742"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.45617Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.45617Z","products":[{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.45617Z","vulnerability":{"name":"CVE-2026-40355"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456723Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456722Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T10:45:21.456722Z","vulnerability":{"name":"CVE-2026-4437"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456783Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456782Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T10:45:21.456782Z","vulnerability":{"name":"CVE-2026-4046"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.4569Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456899Z","products":[{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.2?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.2?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.456899Z","vulnerability":{"name":"CVE-2016-2781"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456943Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456942Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.456942Z","vulnerability":{"name":"CVE-2026-5450"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.45699Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.45699Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.45699Z","vulnerability":{"name":"CVE-2026-33845"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.457106Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.457106Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.457106Z","vulnerability":{"name":"CVE-2026-5928"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.457191Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.45719Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.45719Z","vulnerability":{"name":"CVE-2026-42499"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.457263Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.457263Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.457263Z","vulnerability":{"name":"CVE-2026-5435"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.457292Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.457292Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.457292Z","vulnerability":{"name":"CVE-2026-6238"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.457352Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.457351Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T10:45:21.457351Z","vulnerability":{"name":"CVE-2026-4438"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.457397Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.457397Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.457397Z","vulnerability":{"name":"CVE-2026-40225"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.457443Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.457443Z","products":[{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-base@6.4%2B20240113-1ubuntu2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.457443Z","vulnerability":{"name":"CVE-2025-6141"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.457876Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.457876Z","products":[{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-runtime@1.5.3-5ubuntu5.5?arch=all\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.457876Z","vulnerability":{"name":"CVE-2026-43916"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.457983Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.457983Z","products":[{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-runtime@1.5.3-5ubuntu5.5?arch=all\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"},{"@id":"pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam"}],"status":"affected","timestamp":"2026-05-14T10:45:21.457983Z","vulnerability":{"name":"CVE-2024-10041"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.458201Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.458201Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.458201Z","vulnerability":{"name":"CVE-2026-33814"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.458446Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.458446Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.458446Z","vulnerability":{"name":"CVE-2026-3832"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.458482Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.458482Z","products":[{"@id":"pkg:deb/ubuntu/liblzma5@5.6.1%2Breally5.4.5-1ubuntu0.2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=xz-utils"},{"@id":"pkg:deb/ubuntu/liblzma5@5.6.1%2Breally5.4.5-1ubuntu0.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=xz-utils"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.458482Z","vulnerability":{"name":"CVE-2026-34743"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.458747Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.458747Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.458747Z","vulnerability":{"name":"CVE-2026-39836"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.458863Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.458863Z","products":[{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.458863Z","vulnerability":{"name":"CVE-2026-5704"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.458892Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.458892Z","products":[{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc6@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"},{"@id":"pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc"}],"status":"affected","timestamp":"2026-05-14T10:45:21.458891Z","vulnerability":{"name":"CVE-2016-20013"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.458963Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.458963Z","products":[{"@id":"pkg:golang/github.com/prometheus/prometheus@v0.309.2-0.20260113170727-c7bc56cf6c8f"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.458963Z","vulnerability":{"name":"CVE-2026-42154"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.458988Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.458987Z","products":[{"@id":"pkg:golang/github.com/moby/spdystream@v0.5.0"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.458987Z","vulnerability":{"name":"CVE-2026-35469"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.459325Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.459325Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.459325Z","vulnerability":{"name":"CVE-2026-42011"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.459397Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.459397Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.459396Z","vulnerability":{"name":"CVE-2026-33811"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.45958Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.459579Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.459579Z","vulnerability":{"name":"CVE-2026-40227"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.459751Z","impact_statement":"Given the low risk of the vulnerability, as the agent never invokes `dpkg-deb` or processes .deb archives at runtime, our current proposal is to wait for an official fix from the vendor for dpkg-deb.","justification":"vulnerable_code_cannot_be_controlled_by_adversary","last_updated":"2026-05-14T10:45:21.459751Z","products":[{"@id":"pkg:deb/ubuntu/dpkg@1.22.6ubuntu6.5?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/dpkg@1.22.6ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"not_affected","timestamp":"2026-05-14T10:45:21.459751Z","vulnerability":{"name":"CVE-2026-2219"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.459782Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.459782Z","products":[{"@id":"pkg:golang/github.com/docker/docker@v28.5.2%2Bincompatible"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.459782Z","vulnerability":{"name":"CVE-2026-33997"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.459961Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.45996Z","products":[{"@id":"pkg:deb/ubuntu/bsdutils@1%3A2.39.3-9ubuntu6.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux%402.39.3-9ubuntu6.5"},{"@id":"pkg:deb/ubuntu/libblkid1@2.39.3-9ubuntu6.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libmount1@2.39.3-9ubuntu6.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libsmartcols1@2.39.3-9ubuntu6.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libuuid1@2.39.3-9ubuntu6.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/mount@2.39.3-9ubuntu6.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/util-linux@2.39.3-9ubuntu6.5?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/bsdutils@1%3A2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux%402.39.3-9ubuntu6.5"},{"@id":"pkg:deb/ubuntu/libblkid1@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libmount1@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libsmartcols1@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/libuuid1@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/mount@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux"},{"@id":"pkg:deb/ubuntu/util-linux@2.39.3-9ubuntu6.5?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.45996Z","vulnerability":{"name":"CVE-2026-27456"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.460166Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.460166Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.460165Z","vulnerability":{"name":"CVE-2026-40223"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.46022Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.46022Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.460219Z","vulnerability":{"name":"CVE-2026-42501"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.460298Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.460298Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.460297Z","vulnerability":{"name":"CVE-2026-39825"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.460433Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.460433Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.460433Z","vulnerability":{"name":"CVE-2026-40228"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.460477Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.460476Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.460475Z","vulnerability":{"name":"CVE-2026-39823"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.460545Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.460545Z","products":[{"@id":"pkg:golang/github.com/prometheus/prometheus@v0.309.2-0.20260113170727-c7bc56cf6c8f"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.460545Z","vulnerability":{"name":"CVE-2026-42151"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.460577Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.460577Z","products":[{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.460577Z","vulnerability":{"name":"CVE-2026-41989"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.460656Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.460656Z","products":[{"@id":"pkg:golang/github.com/docker/docker@v28.5.2%2Bincompatible"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.460656Z","vulnerability":{"name":"CVE-2026-34040"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.46069Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.46069Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.46069Z","vulnerability":{"name":"CVE-2026-40224"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.460856Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.460856Z","products":[{"@id":"pkg:golang/github.com/prometheus/prometheus@v0.309.2-0.20260113170727-c7bc56cf6c8f"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.460856Z","vulnerability":{"name":"CVE-2026-40179"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.461122Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.461122Z","products":[{"@id":"pkg:golang/github.com/modelcontextprotocol/go-sdk@v1.3.1"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.461122Z","vulnerability":{"name":"CVE-2026-33252"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.461164Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.461164Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.461163Z","vulnerability":{"name":"CVE-2026-40226"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.461248Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.461247Z","products":[{"@id":"pkg:deb/ubuntu/gpgv@2.4.4-2ubuntu17.4?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"},{"@id":"pkg:deb/ubuntu/gpgv@2.4.4-2ubuntu17.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2"}],"status":"affected","timestamp":"2026-05-14T10:45:21.461247Z","vulnerability":{"name":"CVE-2022-3219"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.461373Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.461373Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.461372Z","vulnerability":{"name":"CVE-2026-39819"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.461492Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.461492Z","products":[{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-base@6.4%2B20240113-1ubuntu2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"},{"@id":"pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.461492Z","vulnerability":{"name":"CVE-2025-69720"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.46158Z","impact_statement":"The Datadog Agent's Go binary uses Go's standard library `compress/zlib` (pure Go, no linkage to system libz), and Python's `zlib` module, while linking against system libz, does not expose `crc32_combine64` to Python userspace.","justification":"vulnerable_code_cannot_be_controlled_by_adversary","last_updated":"2026-05-14T10:45:21.46158Z","products":[{"@id":"pkg:deb/ubuntu/zlib1g@1%3A1.3.dfsg-3.1ubuntu2.1?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=zlib"},{"@id":"pkg:deb/ubuntu/zlib1g@1%3A1.3.dfsg-3.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=zlib"}],"status":"not_affected","timestamp":"2026-05-14T10:45:21.46158Z","vulnerability":{"name":"CVE-2026-27171"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.461832Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.461832Z","products":[{"@id":"pkg:golang/github.com/modelcontextprotocol/go-sdk@v1.3.1"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.461831Z","vulnerability":{"name":"GHSA-q382-vc8q-7jhj"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.461866Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.461866Z","products":[{"@id":"pkg:golang/github.com/prometheus/prometheus@v0.309.2-0.20260113170727-c7bc56cf6c8f"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.461865Z","vulnerability":{"name":"CVE-2026-44903"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.461899Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.461899Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.461899Z","vulnerability":{"name":"CVE-2026-42009"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.46193Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.46193Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.46193Z","vulnerability":{"name":"CVE-2026-42012"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.462005Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.462005Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.462005Z","vulnerability":{"name":"CVE-2026-42013"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.462051Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.46205Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.46205Z","vulnerability":{"name":"CVE-2026-42014"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.462082Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.462081Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.462081Z","vulnerability":{"name":"CVE-2026-42015"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.462114Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.462114Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.462114Z","vulnerability":{"name":"CVE-2026-5260"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.462148Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.462148Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.462148Z","vulnerability":{"name":"CVE-2026-5419"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.497019Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"fixed","timestamp":"2026-05-14T10:45:21.497019Z","vulnerability":{"name":"CVE-2026-25679"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.497063Z","products":[{"@id":"pkg:golang/github.com/modelcontextprotocol/go-sdk@v1.1.0"}],"status":"fixed","timestamp":"2026-05-14T10:45:21.497063Z","vulnerability":{"name":"CVE-2026-27896"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.497078Z","products":[{"@id":"pkg:golang/google.golang.org/grpc@v1.79.1"}],"status":"fixed","timestamp":"2026-05-14T10:45:21.497077Z","vulnerability":{"name":"CVE-2026-33186"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.497102Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"fixed","timestamp":"2026-05-14T10:45:21.497102Z","vulnerability":{"name":"CVE-2026-27142"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.497117Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"fixed","timestamp":"2026-05-14T10:45:21.497117Z","vulnerability":{"name":"CVE-2026-27139"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.18868Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:45:21.45815Z","vulnerability":{"name":"CVE-2026-5545"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.188911Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:45:21.460107Z","vulnerability":{"name":"CVE-2026-6429"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.189079Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel/sdk@v1.40.0"}],"status":"affected","timestamp":"2026-05-14T10:45:21.460753Z","vulnerability":{"name":"CVE-2026-39883"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.189148Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:45:21.460887Z","vulnerability":{"name":"CVE-2026-5773"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.189168Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:45:21.461436Z","vulnerability":{"name":"CVE-2026-4873"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.189175Z","products":[{"@id":"pkg:deb/ubuntu/sed@4.9-2build1?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/sed@4.9-2build1?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.461608Z","vulnerability":{"name":"CVE-2026-5958"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252235Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"affected","timestamp":"2026-05-14T10:45:21.45947Z","vulnerability":{"name":"CVE-2026-27140"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252244Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"affected","timestamp":"2026-05-14T10:45:21.460781Z","vulnerability":{"name":"CVE-2026-32289"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.189178Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:45:21.461654Z","vulnerability":{"name":"CVE-2026-6276"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252109Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"affected","timestamp":"2026-05-14T10:45:21.458521Z","vulnerability":{"name":"CVE-2026-27143"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252211Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"affected","timestamp":"2026-05-14T10:45:21.459014Z","vulnerability":{"name":"CVE-2026-32281"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252224Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"affected","timestamp":"2026-05-14T10:45:21.459169Z","vulnerability":{"name":"CVE-2026-32280"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252229Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"affected","timestamp":"2026-05-14T10:45:21.459242Z","vulnerability":{"name":"CVE-2026-32283"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252248Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"affected","timestamp":"2026-05-14T10:45:21.461003Z","vulnerability":{"name":"CVE-2026-32282"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252254Z","products":[{"@id":"pkg:deb/ubuntu/libcap2@1%3A2.66-5ubuntu2.2?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcap2@1%3A2.66-5ubuntu2.2?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.461213Z","vulnerability":{"name":"CVE-2026-4878"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252259Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"affected","timestamp":"2026-05-14T10:45:21.461284Z","vulnerability":{"name":"CVE-2026-27144"}},{"action_statement":"This vulnerability was fixed in: 7.78.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:17:18.252266Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"affected","timestamp":"2026-05-14T10:45:21.461712Z","vulnerability":{"name":"CVE-2026-32288"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:07:15.395566Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.45682Z","vulnerability":{"name":"CVE-2026-28389"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:07:15.39553Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel@v1.40.0"}],"status":"affected","timestamp":"2026-05-14T10:45:21.45636Z","vulnerability":{"name":"CVE-2026-29181"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:07:15.395583Z","products":[{"@id":"pkg:golang/github.com/go-jose/go-jose/v4@v4.1.3"}],"status":"affected","timestamp":"2026-05-14T10:45:21.458357Z","vulnerability":{"name":"CVE-2026-34986"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:07:15.395587Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.458695Z","vulnerability":{"name":"CVE-2026-31790"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:07:15.395593Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.459356Z","vulnerability":{"name":"CVE-2026-28387"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:07:15.395574Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.456845Z","vulnerability":{"name":"CVE-2026-28390"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:07:15.3956Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.459632Z","vulnerability":{"name":"CVE-2026-28388"}},{"action_statement":"This vulnerability was fixed in: 7.77.2","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:54:18.756857Z","products":[{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"},{"@id":"pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.12?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd"}],"status":"affected","timestamp":"2026-05-14T10:45:21.459671Z","vulnerability":{"name":"CVE-2026-29111"}},{"action_statement":"This vulnerability was fixed in: 7.78.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:07:15.395619Z","products":[{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl"},{"@id":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"affected","timestamp":"2026-05-14T10:45:21.461786Z","vulnerability":{"name":"CVE-2026-31789"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.188868Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:45:21.458816Z","vulnerability":{"name":"CVE-2026-7168"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.18888Z","products":[{"@id":"pkg:deb/ubuntu/libnghttp2-14@1.59.0-1ubuntu0.2?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=nghttp2"},{"@id":"pkg:deb/ubuntu/libnghttp2-14@1.59.0-1ubuntu0.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=nghttp2"}],"status":"affected","timestamp":"2026-05-14T10:45:21.459545Z","vulnerability":{"name":"CVE-2026-27135"}},{"action_statement":"This vulnerability was fixed in: 7.78.3","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:37.189033Z","products":[{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=curl"},{"@id":"pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.8?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl"}],"status":"affected","timestamp":"2026-05-14T10:45:21.460376Z","vulnerability":{"name":"CVE-2026-6253"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456251Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.45625Z","products":[{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"},{"@id":"pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.45625Z","vulnerability":{"name":"CVE-2026-40356"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456328Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456328Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.456327Z","vulnerability":{"name":"CVE-2026-3833"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456461Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456454Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.456454Z","vulnerability":{"name":"CVE-2026-39820"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.45663Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.45663Z","products":[{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.2?arch=arm64\u0026distro=ubuntu-24.04"},{"@id":"pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.2?arch=amd64\u0026distro=ubuntu-24.04"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.456629Z","vulnerability":{"name":"CVE-2025-5278"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.456678Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.456678Z","products":[{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=arm64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"},{"@id":"pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.456678Z","vulnerability":{"name":"CVE-2026-33846"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.459809Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.459809Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.459809Z","vulnerability":{"name":"CVE-2026-39826"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:45:21.459891Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:45:21.459891Z","products":[{"@id":"pkg:golang/stdlib@1.25.8"}],"status":"under_investigation","timestamp":"2026-05-14T10:45:21.459891Z","vulnerability":{"name":"CVE-2026-39817"}}],"timestamp":"2026-03-26T11:35:24.51234953Z","tooling":"","version":13}