{"@context":"https://openvex.dev/ns/v0.2.0","@id":"pkg:docker/operator@1.24.0","author":"security@datadoghq.com","author_role":"Vulnerability Management","last_updated":"2026-05-14T11:46:26.608398491Z","statements":[{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.886915Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.886915Z","products":[{"@id":"pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=coreutils-8.32-39.el9.src.rpm"},{"@id":"pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=coreutils-8.32-39.el9.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.886915Z","vulnerability":{"name":"CVE-2025-5278"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.890554Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.890554Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.890554Z","vulnerability":{"name":"CVE-2026-39826"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.890627Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.890627Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.890627Z","vulnerability":{"name":"CVE-2026-39817"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.890688Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.890688Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.890687Z","vulnerability":{"name":"CVE-2026-42501"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.890764Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.890764Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.890764Z","vulnerability":{"name":"CVE-2026-39825"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.890897Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.890897Z","products":[{"@id":"pkg:golang/helm.sh/helm/v3@v3.18.5"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.890897Z","vulnerability":{"name":"CVE-2026-35206"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.891054Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.891054Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.891054Z","vulnerability":{"name":"CVE-2026-39823"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.890119Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.890119Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.890119Z","vulnerability":{"name":"CVE-2026-33811"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.887107Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.887107Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.887107Z","vulnerability":{"name":"CVE-2026-39820"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.88727Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.88727Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.88727Z","vulnerability":{"name":"CVE-2026-4437"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.887581Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.887581Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.88758Z","vulnerability":{"name":"CVE-2026-4046"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.888333Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.888333Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.888333Z","vulnerability":{"name":"CVE-2026-5435"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.888422Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.888422Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.888422Z","vulnerability":{"name":"CVE-2026-5450"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.888599Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.888599Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.888598Z","vulnerability":{"name":"CVE-2026-5928"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.888657Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.888657Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.888657Z","vulnerability":{"name":"CVE-2026-42499"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.888837Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.888837Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.888837Z","vulnerability":{"name":"CVE-2026-33814"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.889002Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.889002Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.889002Z","vulnerability":{"name":"CVE-2026-39836"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.889604Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.889604Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.10.src.rpm"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.889603Z","vulnerability":{"name":"CVE-2026-4438"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.415969Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel@v1.40.0"}],"status":"affected","timestamp":"2026-05-14T11:16:38.886963Z","vulnerability":{"name":"CVE-2026-29181"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416005Z","products":[{"@id":"pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch\u0026distro=rhel-9.7\u0026upstream=ncurses-6.2-12.20210508.el9.src.rpm"},{"@id":"pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=ncurses-6.2-12.20210508.el9.src.rpm"},{"@id":"pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=ncurses-6.2-12.20210508.el9.src.rpm"}],"status":"affected","timestamp":"2026-05-14T11:16:38.888505Z","vulnerability":{"name":"CVE-2023-50495"}},{"action_statement":"","action_statement_timestamp":"2026-05-14T11:16:38.892328Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.892328Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"under_investigation","timestamp":"2026-05-14T11:16:38.892327Z","vulnerability":{"name":"CVE-2026-39819"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.945535Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.2?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.2?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.2?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.2?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.2?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.2?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"}],"status":"fixed","timestamp":"2026-05-14T11:16:38.945534Z","vulnerability":{"name":"CVE-2025-15281"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.945565Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.2?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.2?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.2?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.2?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.2?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.2?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"}],"status":"fixed","timestamp":"2026-05-14T11:16:38.945565Z","vulnerability":{"name":"CVE-2026-0915"}},{"action_statement":"","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:16:38.945576Z","products":[{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.2?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.2?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.2?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc@2.34-231.el9_7.2?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-common@2.34-231.el9_7.2?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"},{"@id":"pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.2?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=glibc-2.34-231.el9_7.2.src.rpm"}],"status":"fixed","timestamp":"2026-05-14T11:16:38.945576Z","vulnerability":{"name":"CVE-2026-0861"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416035Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.889895Z","vulnerability":{"name":"CVE-2026-32281"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.41604Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.889974Z","vulnerability":{"name":"CVE-2026-32280"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416042Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.890051Z","vulnerability":{"name":"CVE-2026-32283"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416046Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.890203Z","vulnerability":{"name":"CVE-2026-27140"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416051Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel/sdk@v1.33.0"}],"status":"affected","timestamp":"2026-05-14T11:16:38.945569Z","vulnerability":{"name":"CVE-2026-24051"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"This vulnerability is not exploitable in our environment, as the affected function is not used by the application. The binary does not link against or invoke the vulnerable component (cap_set_file function).","justification":"vulnerable_code_not_present","last_updated":"2026-05-14T11:32:36.416057Z","products":[{"@id":"pkg:rpm/redhat/libcap@2.48-10.el9?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=libcap-2.48-10.el9.src.rpm"},{"@id":"pkg:rpm/redhat/libcap@2.48-10.el9?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=libcap-2.48-10.el9.src.rpm"}],"status":"affected","timestamp":"2026-05-14T11:16:38.891744Z","vulnerability":{"name":"CVE-2026-4878"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"The vulnerability exploits the BSD-specific kenv command in the OpenTelemetry Go SDK resource detection. This code is gated by Go OS build constraints and is only compiled on BSD/Solaris targets. The operator binary is built with GOOS=linux, so the vulnerable code is excluded from the compiled binary and is not present in the image.","justification":"vulnerable_code_not_present","last_updated":"2026-05-14T11:32:36.416061Z","products":[{"@id":"pkg:golang/go.opentelemetry.io/otel/sdk@v1.40.0"}],"status":"affected","timestamp":"2026-05-14T11:16:38.891771Z","vulnerability":{"name":"CVE-2026-39883"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416064Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.892016Z","vulnerability":{"name":"CVE-2026-32289"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416069Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.892204Z","vulnerability":{"name":"CVE-2026-32282"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416073Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.89227Z","vulnerability":{"name":"CVE-2026-27144"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416076Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.892385Z","vulnerability":{"name":"CVE-2026-32288"}},{"action_statement":"This vulnerability was fixed in: 1.25.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:23:45.052976Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.88767Z","vulnerability":{"name":"CVE-2026-25679"}},{"action_statement":"This vulnerability was fixed in: 1.25.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:23:45.053017Z","products":[{"@id":"pkg:golang/google.golang.org/grpc@v1.69.4"}],"status":"affected","timestamp":"2026-05-14T11:16:38.888906Z","vulnerability":{"name":"CVE-2026-33186"}},{"action_statement":"This vulnerability was fixed in: 1.25.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:23:45.053151Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.891543Z","vulnerability":{"name":"CVE-2026-27142"}},{"action_statement":"This vulnerability was fixed in: 1.25.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:23:45.053166Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.892437Z","vulnerability":{"name":"CVE-2026-27139"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.41601Z","products":[{"@id":"pkg:rpm/redhat/libgcc@11.5.0-11.el9?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=gcc-11.5.0-11.el9.src.rpm"},{"@id":"pkg:rpm/redhat/libgcc@11.5.0-11.el9?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=gcc-11.5.0-11.el9.src.rpm"}],"status":"affected","timestamp":"2026-05-14T11:16:38.88874Z","vulnerability":{"name":"CVE-2022-27943"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416028Z","products":[{"@id":"pkg:rpm/redhat/pcre2@10.40-6.el9?arch=aarch64\u0026distro=rhel-9.7\u0026upstream=pcre2-10.40-6.el9.src.rpm"},{"@id":"pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch\u0026distro=rhel-9.7\u0026upstream=pcre2-10.40-6.el9.src.rpm"},{"@id":"pkg:rpm/redhat/pcre2@10.40-6.el9?arch=x86_64\u0026distro=rhel-9.7\u0026upstream=pcre2-10.40-6.el9.src.rpm"}],"status":"affected","timestamp":"2026-05-14T11:16:38.888774Z","vulnerability":{"name":"CVE-2022-41409"}},{"action_statement":"This vulnerability was fixed in: 1.26.0","action_statement_timestamp":"0001-01-01T00:00:00Z","impact_statement":"","justification":"","last_updated":"2026-05-14T11:32:36.416031Z","products":[{"@id":"pkg:golang/stdlib@1.25.7"}],"status":"affected","timestamp":"2026-05-14T11:16:38.888946Z","vulnerability":{"name":"CVE-2026-27143"}}],"timestamp":"2026-03-12T17:45:40.428356933Z","tooling":"","version":18}