{"@context":"https://openvex.dev/ns/v0.2.0","@id":"pkg:docker/operator@1.19.1","author":"security@datadoghq.com","author_role":"Vulnerability Management","last_updated":"2026-05-14T11:46:32.319070625Z","statements":[{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.271012Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.271012Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.271012Z","vulnerability":{"name":"CVE-2026-39826"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.271128Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.271128Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.271128Z","vulnerability":{"name":"CVE-2026-39825"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.271053Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.271053Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.271053Z","vulnerability":{"name":"CVE-2026-39817"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.271093Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.271093Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.271093Z","vulnerability":{"name":"CVE-2026-42501"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.262621Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.262621Z","products":[{"@id":"pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=coreutils-8.32-39.el9.src.rpm"},{"@id":"pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=coreutils-8.32-39.el9.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.262621Z","vulnerability":{"name":"CVE-2025-5278"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.273963Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.273963Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.273963Z","vulnerability":{"name":"CVE-2026-39823"}},{"action_statement":"This vulnerability was fixed in: 1.23.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:59:58.050453Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274013Z","vulnerability":{"name":"CVE-2025-61731"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.262779Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.262779Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.262779Z","vulnerability":{"name":"CVE-2026-39820"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.262831Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.262831Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.26283Z","vulnerability":{"name":"CVE-2026-4437"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.262915Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.262915Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.262915Z","vulnerability":{"name":"CVE-2026-4046"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.264083Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.264083Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.264083Z","vulnerability":{"name":"CVE-2026-5435"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.264134Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.264134Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.264134Z","vulnerability":{"name":"CVE-2026-5450"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.264227Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.264227Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.264227Z","vulnerability":{"name":"CVE-2026-5928"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.265296Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.265296Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.265296Z","vulnerability":{"name":"CVE-2026-42499"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.266104Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.266104Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.266104Z","vulnerability":{"name":"CVE-2026-33814"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.266211Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.266211Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.266211Z","vulnerability":{"name":"CVE-2026-39836"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.268095Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.268095Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.268095Z","vulnerability":{"name":"CVE-2026-4438"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.26989Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.26989Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.26989Z","vulnerability":{"name":"CVE-2026-33811"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972555Z","products":[{"@id":"pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm"},{"@id":"pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm"},{"@id":"pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm"}],"status":"affected","timestamp":"2026-05-14T10:26:22.264188Z","vulnerability":{"name":"CVE-2023-50495"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972561Z","products":[{"@id":"pkg:rpm/redhat/libgcc@11.5.0-5.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gcc-11.5.0-5.el9_5.src.rpm"},{"@id":"pkg:rpm/redhat/libgcc@11.5.0-5.el9_5?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=gcc-11.5.0-5.el9_5.src.rpm"}],"status":"affected","timestamp":"2026-05-14T10:26:22.265966Z","vulnerability":{"name":"CVE-2022-27943"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972566Z","products":[{"@id":"pkg:rpm/redhat/pcre2@10.40-6.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=pcre2-10.40-6.el9.src.rpm"},{"@id":"pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch\u0026distro=rhel-9.6\u0026upstream=pcre2-10.40-6.el9.src.rpm"},{"@id":"pkg:rpm/redhat/pcre2@10.40-6.el9?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=pcre2-10.40-6.el9.src.rpm"}],"status":"affected","timestamp":"2026-05-14T10:26:22.266017Z","vulnerability":{"name":"CVE-2022-41409"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.97257Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.266174Z","vulnerability":{"name":"CVE-2026-27143"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972573Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.269723Z","vulnerability":{"name":"CVE-2026-32281"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972578Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.269769Z","vulnerability":{"name":"CVE-2026-32280"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972582Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.269813Z","vulnerability":{"name":"CVE-2026-32283"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972591Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.269966Z","vulnerability":{"name":"CVE-2026-27140"}},{"action_statement":"This vulnerability was fixed in: 1.25.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:35.588454Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.262984Z","vulnerability":{"name":"CVE-2026-25679"}},{"action_statement":"This vulnerability was fixed in: 1.25.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:35.588853Z","products":[{"@id":"pkg:golang/google.golang.org/grpc@v1.69.4"}],"status":"affected","timestamp":"2026-05-14T10:26:22.266143Z","vulnerability":{"name":"CVE-2026-33186"}},{"action_statement":"This vulnerability was fixed in: 1.24.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:07.1556Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"}],"status":"affected","timestamp":"2026-05-14T10:26:22.263023Z","vulnerability":{"name":"CVE-2025-15281"}},{"action_statement":"This vulnerability was fixed in: 1.23.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:08:00.950236Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.266264Z","vulnerability":{"name":"CVE-2025-68121"}},{"action_statement":"This vulnerability was fixed in: 1.23.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:59:58.050408Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.264036Z","vulnerability":{"name":"CVE-2025-61726"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T10:26:22.274541Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:26:22.274541Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"under_investigation","timestamp":"2026-05-14T10:26:22.274541Z","vulnerability":{"name":"CVE-2026-39819"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"This vulnerability is not exploitable in our environment, as the affected function is not used by the application. The binary does not link against or invoke the vulnerable component (cap_set_file function).","justification":"vulnerable_code_not_present","last_updated":"2026-05-14T11:35:02.972603Z","products":[{"@id":"pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libcap-2.48-9.el9_2.src.rpm"},{"@id":"pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=libcap-2.48-9.el9_2.src.rpm"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274087Z","vulnerability":{"name":"CVE-2026-4878"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"The vulnerability exploits the BSD-specific kenv command in the OpenTelemetry Go SDK resource detection. This code is gated by Go OS build constraints and is only compiled on BSD/Solaris targets. The operator binary is built with GOOS=linux, so the vulnerable code is excluded from the compiled binary and is not present in the image.","justification":"vulnerable_code_not_present","last_updated":"2026-05-14T11:35:02.972606Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel/sdk@v1.33.0"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274146Z","vulnerability":{"name":"CVE-2026-39883"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972609Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274175Z","vulnerability":{"name":"CVE-2026-32289"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972614Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274357Z","vulnerability":{"name":"CVE-2026-32282"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.972617Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274502Z","vulnerability":{"name":"CVE-2026-27144"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:35:02.97262Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274579Z","vulnerability":{"name":"CVE-2026-32288"}},{"action_statement":"This vulnerability was fixed in: 1.25.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:35.589119Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274616Z","vulnerability":{"name":"CVE-2026-27139"}},{"action_statement":"This vulnerability was fixed in: 1.24.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:07.155639Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"}],"status":"affected","timestamp":"2026-05-14T10:26:22.27428Z","vulnerability":{"name":"CVE-2026-0861"}},{"action_statement":"This vulnerability was fixed in: 1.23.1","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:08:00.950268Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274223Z","vulnerability":{"name":"CVE-2025-61732"}},{"action_statement":"This vulnerability was fixed in: 1.23.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:59:58.050462Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274411Z","vulnerability":{"name":"CVE-2025-61730"}},{"action_statement":"This vulnerability was fixed in: 1.21.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:43:28.321948Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274458Z","vulnerability":{"name":"CVE-2025-61727"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.617307Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274116Z","vulnerability":{"name":"CVE-2025-58188"}},{"action_statement":"This vulnerability was fixed in: 1.25.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:35.588987Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.274056Z","vulnerability":{"name":"CVE-2026-27142"}},{"action_statement":"This vulnerability was fixed in: 1.24.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:07.155628Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=aarch64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm"}],"status":"affected","timestamp":"2026-05-14T10:26:22.270927Z","vulnerability":{"name":"CVE-2026-0915"}},{"action_statement":"This vulnerability was fixed in: 1.24.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:07.155634Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel/sdk@v1.33.0"}],"status":"affected","timestamp":"2026-05-14T10:26:22.270983Z","vulnerability":{"name":"CVE-2026-24051"}},{"action_statement":"This vulnerability was fixed in: 1.23.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:59:58.050447Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.270661Z","vulnerability":{"name":"CVE-2025-61728"}},{"action_statement":"This vulnerability was fixed in: 1.21.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:43:28.321906Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.269929Z","vulnerability":{"name":"CVE-2025-61729"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.617239Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.263075Z","vulnerability":{"name":"CVE-2025-61725"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.617268Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.263985Z","vulnerability":{"name":"CVE-2025-61723"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.617274Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.266064Z","vulnerability":{"name":"CVE-2025-58186"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.61728Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.26775Z","vulnerability":{"name":"CVE-2025-58185"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.617297Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.273866Z","vulnerability":{"name":"CVE-2025-58189"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.6173Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.273919Z","vulnerability":{"name":"CVE-2025-58183"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.617284Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.269851Z","vulnerability":{"name":"CVE-2025-58187"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.617289Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.270329Z","vulnerability":{"name":"CVE-2025-47912"}},{"action_statement":"This vulnerability was fixed in: 1.20.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T10:34:08.617292Z","products":[{"@id":"pkg:golang/stdlib@1.24.6"}],"status":"affected","timestamp":"2026-05-14T10:26:22.270883Z","vulnerability":{"name":"CVE-2025-61724"}}],"timestamp":"2026-03-12T17:45:42.731557443Z","tooling":"","version":18}