{"id":5069,"vulnerabilities":[{"id":"CVE-2022-42010","package":"dbus","score":"6.5","severity":"medium","suppressed":"Exception: False positive; Controllers run a version of dbus greater than 1.14.4.","published":"2022-10-10T00:15:09Z","modified":"2025-06-09T15:15:27.810000Z","commentary":null},{"id":"CVE-2007-2768","package":"openssh","score":"4.3","severity":null,"suppressed":null,"published":"2007-05-21T20:30:00Z","modified":"2025-04-09T00:30:58.490000Z","commentary":null},{"id":"BIT-grafana-2026-28375","package":"pkg:bitnami/grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"BIT-grafana-2026-33375","package":"pkg:bitnami/grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2022-3219","package":"gnupg","score":"3.3","severity":"low","suppressed":null,"published":"2023-02-23T20:15:12.393000Z","modified":"2025-03-12T21:15:38.207000Z","commentary":null},{"id":"BIT-grafana-2026-21724","package":"pkg:bitnami/grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2025-6021","package":"libxml2","score":"7.5","severity":"high","suppressed":null,"published":"2025-06-12T13:15:25.590000Z","modified":"2026-03-20T19:16:13.063000Z","commentary":null},{"id":"CVE-2025-46394","package":"busybox","score":"3.3","severity":"low","suppressed":null,"published":"2025-04-23T16:15:48.713000Z","modified":"2025-09-24T14:38:22.127000Z","commentary":null},{"id":"RUSTSEC-2020-0021","package":"rio","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"OSV-2023-197","package":"p11-kit","score":null,"severity":null,"suppressed":null,"published":"2023-03-18T13:00:57.254906Z","modified":"2026-03-23T14:20:42.465411Z","commentary":null},{"id":"CVE-2021-21684","package":"git","score":"6.1","severity":"medium","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2021-10-06T23:15:06.977000Z","modified":"2024-11-21T05:48:49.770000Z","commentary":null},{"id":"CVE-2024-25004","package":"kitty","score":"7.8","severity":"high","suppressed":null,"published":"2024-02-09T07:16:00.930000Z","modified":"2025-05-15T20:15:48.197000Z","commentary":null},{"id":"CVE-2025-59777","package":"libmicrohttpd","score":"8.7","severity":"high","suppressed":null,"published":"2025-11-10T05:15:44.117000Z","modified":"2025-11-14T18:07:33.753000Z","commentary":null},{"id":"CVE-2024-58251","package":"busybox","score":"2.5","severity":"low","suppressed":null,"published":"2025-04-23T18:16:03.057000Z","modified":"2025-04-29T13:52:47.470000Z","commentary":null},{"id":"GHSA-8rc5-mr4f-m243","package":"rio","score":"9.8","severity":"critical","suppressed":null,"published":"2021-08-25T20:46:57Z","modified":null,"commentary":null},{"id":"CVE-2021-32783","package":"contour","score":"8.5","severity":"high","suppressed":null,"published":"2021-07-23T22:15:08.480000Z","modified":"2024-11-21T06:07:43.930000Z","commentary":null},{"id":"CVE-2014-9278","package":"openssh","score":"4.0","severity":null,"suppressed":null,"published":"2014-12-06T15:59:07.920000Z","modified":"2025-04-12T10:46:40.837000Z","commentary":null},{"id":"CVE-2026-28386","package":"openssl","score":"9.1","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2022-42012","package":"dbus","score":"6.5","severity":"medium","suppressed":"Exception: False positive; Controllers run a version of dbus greater than 1.14.4.","published":"2022-10-10T00:15:09.627000Z","modified":"2025-06-09T15:15:28.623000Z","commentary":null},{"id":"CVE-2025-62689","package":"libmicrohttpd","score":"8.7","severity":"high","suppressed":null,"published":"2025-11-10T05:15:49.087000Z","modified":"2025-11-14T18:05:06.277000Z","commentary":null},{"id":"CVE-2025-1153","package":"binutils","score":"2.3","severity":"low","suppressed":null,"published":"2025-02-10T19:15:39.900000Z","modified":"2025-04-04T23:15:42.230000Z","commentary":null},{"id":"CVE-2026-33186","package":"","score":"9.1","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"BIT-grafana-2026-27876","package":"pkg:bitnami/grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2022-36884","package":"git","score":"5.3","severity":"medium","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-07-27T15:15:08.933000Z","modified":"2024-11-21T07:13:59.117000Z","commentary":null},{"id":"CVE-2024-56406","package":"perl","score":"8.4","severity":"high","suppressed":null,"published":"2025-04-13T14:15:14.527000Z","modified":"2025-10-16T14:15:34.083000Z","commentary":null},{"id":"CVE-2023-48795","package":"kitty","score":"5.9","severity":"medium","suppressed":null,"published":"2023-12-18T16:15:10.897000Z","modified":"2025-11-04T22:15:55.110000Z","commentary":null},{"id":"RUSTSEC-2025-0121","package":"pkg:cargo/gcc","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2023-51767","package":"openssh","score":"7.0","severity":"high","suppressed":null,"published":"2023-12-24T07:15:07.410000Z","modified":"2025-11-18T22:15:43.950000Z","commentary":null},{"id":"CVE-2025-69646","package":"","score":"5.5","severity":"medium","suppressed":null,"published":"2026-03-06T18:16:16.500000Z","modified":"2026-03-20T16:59:57.090000Z","commentary":null},{"id":"CVE-2025-69647","package":"","score":"6.2","severity":"medium","suppressed":null,"published":"2026-03-09T15:15:50.740000Z","modified":"2026-03-13T16:44:02.490000Z","commentary":null},{"id":"OSV-2023-877","package":"libbpf","score":null,"severity":"medium","suppressed":null,"published":"2023-09-18T14:02:44.989260Z","modified":"2026-03-23T14:22:29.233253Z","commentary":null},{"id":"CVE-2023-7216","package":"cpio","score":"5.3","severity":"medium","suppressed":null,"published":"2024-02-05T15:15:08.903000Z","modified":"2026-02-25T19:29:28.290000Z","commentary":null},{"id":"BIT-grafana-2026-27880","package":"pkg:bitnami/grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-4647","package":"binutils","score":"6.1","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-21725","package":"grafana","score":"2.0","severity":"low","suppressed":null,"published":"2026-02-25T13:16:05.240000Z","modified":"2026-02-27T03:34:26.473000Z","commentary":null},{"id":"GHSA-2qfp-q593-8484","package":"brotli","score":"7.5","severity":"high","suppressed":null,"published":"2025-10-31T00:30:35Z","modified":null,"commentary":null},{"id":"CVE-2026-3783","package":"","score":"5.3","severity":"medium","suppressed":null,"published":"2026-03-11T11:16:00.080000Z","modified":"2026-03-12T14:10:37.300000Z","commentary":null},{"id":"CVE-2023-6992","package":"zlib","score":"5.5","severity":"medium","suppressed":"Exception: This result is a false positive; the vulnerable version of zlib is a Cloudflare-specific package and not the upstream zlib package.","published":"2024-01-04T12:15:23.690000Z","modified":"2024-11-21T08:44:59.467000Z","commentary":null},{"id":"CVE-2025-69651","package":"binutils","score":"5.5","severity":"medium","suppressed":null,"published":"2026-03-06T18:16:16.633000Z","modified":"2026-03-19T13:16:05.183000Z","commentary":null},{"id":"CVE-2022-38663","package":"git","score":"6.5","severity":"medium","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-08-23T17:15:15.257000Z","modified":"2024-11-21T07:16:53.420000Z","commentary":null},{"id":"CVE-2026-4176","package":"perl","score":"9.8","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2025-69650","package":"binutils","score":"7.5","severity":"high","suppressed":null,"published":"2026-03-06T19:16:10.773000Z","modified":"2026-03-19T13:16:04.113000Z","commentary":null},{"id":"CVE-2025-32990","package":"gnutls","score":"8.2","severity":"high","suppressed":null,"published":"2025-07-10T10:15:33.060000Z","modified":"2025-12-01T22:15:48.200000Z","commentary":null},{"id":"CVE-2025-8224","package":"binutils","score":"4.8","severity":"medium","suppressed":null,"published":"2025-07-27T06:15:26.947000Z","modified":"2025-08-01T17:08:29.620000Z","commentary":null},{"id":"CVE-2022-36882","package":"git","score":"8.8","severity":"high","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-07-27T15:15:08.827000Z","modified":"2024-11-21T07:13:58.690000Z","commentary":null},{"id":"CVE-2025-69652","package":"binutils","score":"6.2","severity":"medium","suppressed":null,"published":"2026-03-06T19:16:10.907000Z","modified":"2026-03-11T15:49:59.467000Z","commentary":null},{"id":"BIT-grafana-2026-27877","package":"pkg:bitnami/grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-3591","package":"bind","score":"5.4","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"GHSA-547x-748v-vp6p","package":"dash-core-components","score":"6.5","severity":"medium","suppressed":null,"published":"2024-02-02T06:30:31Z","modified":null,"commentary":null},{"id":"RUSTSEC-2024-0382","package":"pkg:cargo/hwloc","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-3805","package":"","score":"7.5","severity":"high","suppressed":null,"published":"2026-03-11T11:16:00.967000Z","modified":"2026-03-12T14:08:56.790000Z","commentary":null},{"id":"CVE-2026-1519","package":"bind","score":"7.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2022-36883","package":"git","score":"7.5","severity":"high","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-07-27T15:15:08.880000Z","modified":"2024-11-21T07:13:58.903000Z","commentary":null},{"id":"CVE-2025-8225","package":"binutils","score":"4.8","severity":"medium","suppressed":null,"published":"2025-07-27T08:15:25.760000Z","modified":"2025-08-01T17:08:13.977000Z","commentary":null},{"id":"CVE-2023-34111","package":"grafana","score":"9.8","severity":"critical","suppressed":"Exception: Controllers do not use the TaosData Grafana plugin.","published":"2023-06-06T17:15:15.210000Z","modified":"2024-11-21T08:06:34.313000Z","commentary":null},{"id":"CVE-2013-4577","package":"grub","score":"2.1","severity":null,"suppressed":"Exception: False positive; this is a Debian-specific vulnerability applicable only to Debian-based systems.","published":"2014-05-12T14:55:05.023000Z","modified":"2025-04-12T10:46:40.837000Z","commentary":null},{"id":"CVE-2010-4226","package":"cpio","score":"7.2","severity":"high","suppressed":"Exception: False positive; this vulnerability only applies to systems that use RPM packaging, which Controllers do not.","published":"2014-02-06T17:00:03.167000Z","modified":"2025-06-09T15:15:22.147000Z","commentary":null},{"id":"CVE-2025-15281","package":"","score":"7.5","severity":"high","suppressed":null,"published":"2026-01-20T14:16:07.843000Z","modified":"2026-02-05T17:43:18.630000Z","commentary":null},{"id":"CVE-2025-69648","package":"","score":"6.2","severity":"medium","suppressed":null,"published":"2026-03-09T15:15:52.210000Z","modified":"2026-03-13T16:43:41.887000Z","commentary":null},{"id":"PYSEC-2024-35","package":"dash","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-28389","package":"openssl","score":"7.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"GHSA-rjvj-673q-4hfw","package":"traceroute","score":null,"severity":"critical","suppressed":"Exception: This result is a false positive; the indicated vulnerability only applies to the npm package, not the generic Linux utility.","published":"2020-09-04T17:54:31Z","modified":null,"commentary":null},{"id":"CVE-2026-0861","package":"","score":"8.4","severity":"high","suppressed":null,"published":"2026-01-14T21:15:52.617000Z","modified":"2026-02-03T18:26:25.390000Z","commentary":null},{"id":"CVE-2000-0006","package":"strace","score":"2.6","severity":null,"suppressed":null,"published":"1999-12-25T05:00:00Z","modified":"2025-04-03T01:03:51.193000Z","commentary":null},{"id":"CVE-2025-32989","package":"gnutls","score":"5.3","severity":"medium","suppressed":null,"published":"2025-07-10T08:15:24.430000Z","modified":"2025-12-01T22:15:48.027000Z","commentary":null},{"id":"CVE-2026-3442","package":"binutils","score":"7.1","severity":"high","suppressed":null,"published":"2026-03-16T14:19:47.720000Z","modified":"2026-03-20T18:23:46.453000Z","commentary":null},{"id":"CVE-2026-2673","package":"","score":"7.5","severity":"high","suppressed":null,"published":"2026-03-13T19:54:34.033000Z","modified":"2026-03-17T18:16:15.600000Z","commentary":null},{"id":"MAL-2025-191532","package":"pkg:npm/yq-go","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2025-69644","package":"binutils","score":"5.0","severity":"medium","suppressed":null,"published":"2026-03-06T18:16:16.223000Z","modified":"2026-03-10T20:42:09.033000Z","commentary":null},{"id":"CVE-2026-33375","package":"grafana","score":"6.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-3441","package":"binutils","score":"7.1","severity":"high","suppressed":null,"published":"2026-03-16T14:19:47.447000Z","modified":"2026-03-20T18:24:05.240000Z","commentary":null},{"id":"CVE-2025-60876","package":"busybox","score":"6.5","severity":"medium","suppressed":null,"published":"2025-11-10T20:15:48.683000Z","modified":"2025-12-31T18:29:41.550000Z","commentary":null},{"id":"CVE-2023-22834","package":"contour","score":"4.3","severity":"medium","suppressed":null,"published":"2023-06-27T00:15:09.437000Z","modified":"2024-11-21T07:45:29.317000Z","commentary":null},{"id":"CVE-2022-30947","package":"git","score":"7.5","severity":"high","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-05-17T15:15:08.797000Z","modified":"2024-11-21T07:03:36.643000Z","commentary":null},{"id":"CVE-2026-3119","package":"bind","score":"6.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"MAL-2022-4301","package":"libidn2","score":null,"severity":null,"suppressed":"Exception: This result is a false positive; the indicated package is an npm package and not the generic Linux library.","published":null,"modified":null,"commentary":null},{"id":"CVE-2023-44487","package":"contour","score":"7.5","severity":"high","suppressed":null,"published":"2023-10-10T14:15:10.883000Z","modified":"2025-11-07T19:00:41.810000Z","commentary":null},{"id":"CVE-2026-28388","package":"openssl","score":"7.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2025-69645","package":"","score":"5.5","severity":"medium","suppressed":null,"published":"2026-03-06T18:16:16.367000Z","modified":"2026-03-20T17:08:38.863000Z","commentary":null},{"id":"CVE-2026-35414","package":"openssh","score":"4.2","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2023-4039","package":"gcc","score":"4.8","severity":"medium","suppressed":"Exception: This vulnerability applies to aarch64 systems only; Controllers currently only target x86-64 systems.","published":"2023-09-13T09:15:15.690000Z","modified":"2025-02-13T17:17:14.717000Z","commentary":null},{"id":"CVE-2026-27135","package":"nghttp2","score":"7.5","severity":"high","suppressed":null,"published":"2026-03-18T18:16:26.723000Z","modified":"2026-03-23T17:51:17.017000Z","commentary":null},{"id":"CVE-2024-21485","package":"dash","score":"5.4","severity":"medium","suppressed":null,"published":"2024-02-02T05:15:09.510000Z","modified":"2025-05-15T20:15:42.327000Z","commentary":null},{"id":"CVE-2024-25003","package":"kitty","score":"7.8","severity":"high","suppressed":null,"published":"2024-02-09T07:16:00.807000Z","modified":"2025-05-08T19:16:00.100000Z","commentary":null},{"id":"CVE-2025-3198","package":"binutils","score":"4.8","severity":"medium","suppressed":null,"published":"2025-04-04T02:15:18.803000Z","modified":"2025-05-15T19:46:30.950000Z","commentary":null},{"id":"GHSA-72fg-jqhx-c68p","package":"st","score":"6.1","severity":"medium","suppressed":null,"published":"2018-08-06T21:33:31Z","modified":null,"commentary":null},{"id":"CVE-2026-21444","package":"","score":"5.5","severity":"medium","suppressed":null,"published":"2026-01-02T19:15:48.763000Z","modified":"2026-02-25T15:18:34.413000Z","commentary":null},{"id":"CVE-2026-1965","package":"","score":"6.5","severity":"medium","suppressed":null,"published":"2026-03-11T11:15:59.177000Z","modified":"2026-03-12T14:11:19.070000Z","commentary":null},{"id":"CVE-2025-6170","package":"libxml2","score":"2.5","severity":"low","suppressed":null,"published":"2025-06-16T16:15:20.430000Z","modified":"2025-11-03T20:19:18.300000Z","commentary":null},{"id":"CVE-2016-2781","package":"coreutils","score":"4.6","severity":"medium","suppressed":null,"published":"2017-02-07T15:59:00.333000Z","modified":"2025-06-09T16:15:25.013000Z","commentary":null},{"id":"CVE-2026-31789","package":"openssl","score":"9.8","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"OSV-2024-112","package":"boost","score":null,"severity":"low","suppressed":null,"published":"2024-02-16T00:05:47.896843Z","modified":"2026-03-23T14:24:23.003774Z","commentary":null},{"id":"CVE-2026-0994","package":"","score":"7.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-28387","package":"openssl","score":"8.1","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-28390","package":"openssl","score":"7.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-4437","package":"glibc","score":"7.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2008-3844","package":"openssh","score":"9.3","severity":null,"suppressed":null,"published":"2008-08-27T20:41:00Z","modified":"2025-04-09T00:30:58.490000Z","commentary":null},{"id":"CVE-2026-4438","package":"glibc","score":"5.4","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2019-12749","package":"dbus","score":"7.1","severity":"high","suppressed":"Exception: False positive; Controllers run a version of dbus not subject to this vulnerability.","published":"2019-06-11T17:29:00Z","modified":"2026-02-13T20:16:12.897000Z","commentary":null},{"id":"CVE-2026-4046","package":"glibc","score":"7.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2022-42011","package":"dbus","score":"6.5","severity":"medium","suppressed":"Exception: False positive; Controllers run a version of dbus greater than 1.14.4.","published":"2022-10-10T00:15:09.573000Z","modified":"2025-06-09T15:15:28.073000Z","commentary":null},{"id":"MAL-2025-25227","package":"libbsd","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"BIT-grafana-2026-21725","package":"pkg:bitnami/grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-0915","package":"glibc","score":"7.5","severity":"high","suppressed":null,"published":"2026-01-15T22:16:12.457000Z","modified":"2026-01-23T19:36:50.730000Z","commentary":null},{"id":"BIT-grafana-2026-27879","package":"pkg:bitnami/grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-23749","package":"kitty","score":"7.8","severity":"high","suppressed":null,"published":"2024-02-09T08:15:08.530000Z","modified":"2025-05-15T20:15:44.290000Z","commentary":null},{"id":"OSV-2023-1307","package":"libbpf","score":null,"severity":"medium","suppressed":null,"published":"2023-12-15T00:12:51.528155Z","modified":"2026-03-23T14:21:09.052079Z","commentary":null},{"id":"CVE-2026-3104","package":"bind","score":"7.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2026-31790","package":"openssl","score":"7.5","severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"OSV-2024-914","package":"boost","score":null,"severity":"medium","suppressed":null,"published":"2024-08-16T00:08:20.277708Z","modified":"2026-03-23T14:28:15.573802Z","commentary":null},{"id":"CVE-2025-69649","package":"binutils","score":"7.5","severity":"high","suppressed":null,"published":"2026-03-06T19:16:10.640000Z","modified":"2026-03-11T15:51:24.160000Z","commentary":null}],"created":"2026-04-14T15:10:46.942206Z","next_scan":"2026-04-21T15:25:17.724300Z","scanned":"2026-04-14T15:25:01.583263Z","package":18840,"has_cdx":true,"has_spdx":true,"scanning":false,"queued":false}