{
  "@context": "https://openvex.dev/ns/v0.2.0",
  "@id": "https://openvex.dev/docs/public/vex-720760f1d8b9a8ea905901ea07fc05189183cc142ae676f024ccc037863e7953",
  "author": "minimus",
  "timestamp": "2026-07-02T11:21:32.498509907Z",
  "version": 1,
  "statements": [
    {
      "vulnerability": {
        "name": "MINI-875q-7rr6-hw32",
        "aliases": [
          "CVE-2026-25680"
        ]
      },
      "products": [
        {
          "@id": "pkg:oci/cluster-api-vsphere-controller",
          "hashes": {
            "sha-256": "sha256:8056a82ca7cb4efa307ec852cc636b16d5c1e957caa820257831ed027f83a423"
          },
          "subcomponents": [
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16@1.16.1-r1"
            },
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16-compat@1.16.1-r1"
            }
          ]
        }
      ],
      "status": "under_investigation"
    },
    {
      "vulnerability": {
        "name": "MINI-ffhf-m64g-9vgg",
        "aliases": [
          "CVE-2026-25681"
        ]
      },
      "products": [
        {
          "@id": "pkg:oci/cluster-api-vsphere-controller",
          "hashes": {
            "sha-256": "sha256:8056a82ca7cb4efa307ec852cc636b16d5c1e957caa820257831ed027f83a423"
          },
          "subcomponents": [
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16@1.16.1-r1"
            },
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16-compat@1.16.1-r1"
            }
          ]
        }
      ],
      "status": "under_investigation"
    },
    {
      "vulnerability": {
        "name": "MINI-fvhx-m2gf-g9wq",
        "aliases": [
          "CVE-2026-27136"
        ]
      },
      "products": [
        {
          "@id": "pkg:oci/cluster-api-vsphere-controller",
          "hashes": {
            "sha-256": "sha256:8056a82ca7cb4efa307ec852cc636b16d5c1e957caa820257831ed027f83a423"
          },
          "subcomponents": [
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16@1.16.1-r1"
            },
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16-compat@1.16.1-r1"
            }
          ]
        }
      ],
      "status": "under_investigation"
    },
    {
      "vulnerability": {
        "name": "MINI-j4m6-gvvf-xvgp",
        "aliases": [
          "CVE-2026-42502"
        ]
      },
      "products": [
        {
          "@id": "pkg:oci/cluster-api-vsphere-controller",
          "hashes": {
            "sha-256": "sha256:8056a82ca7cb4efa307ec852cc636b16d5c1e957caa820257831ed027f83a423"
          },
          "subcomponents": [
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16@1.16.1-r1"
            },
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16-compat@1.16.1-r1"
            }
          ]
        }
      ],
      "status": "under_investigation"
    },
    {
      "vulnerability": {
        "name": "MINI-q4r8-v65q-44m5",
        "aliases": [
          "CVE-2026-39824"
        ]
      },
      "products": [
        {
          "@id": "pkg:oci/cluster-api-vsphere-controller",
          "hashes": {
            "sha-256": "sha256:8056a82ca7cb4efa307ec852cc636b16d5c1e957caa820257831ed027f83a423"
          },
          "subcomponents": [
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16@1.16.1-r1"
            },
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16-compat@1.16.1-r1"
            }
          ]
        }
      ],
      "status": "fixed"
    },
    {
      "vulnerability": {
        "name": "MINI-qr47-fq3p-59pr",
        "aliases": [
          "CVE-2026-41178"
        ]
      },
      "products": [
        {
          "@id": "pkg:oci/cluster-api-vsphere-controller",
          "hashes": {
            "sha-256": "sha256:8056a82ca7cb4efa307ec852cc636b16d5c1e957caa820257831ed027f83a423"
          },
          "subcomponents": [
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16@1.16.1-r1"
            },
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16-compat@1.16.1-r1"
            }
          ]
        }
      ],
      "status": "under_investigation"
    },
    {
      "vulnerability": {
        "name": "MINI-rqmp-q26j-f8cq",
        "aliases": [
          "CVE-2026-42506"
        ]
      },
      "products": [
        {
          "@id": "pkg:oci/cluster-api-vsphere-controller",
          "hashes": {
            "sha-256": "sha256:8056a82ca7cb4efa307ec852cc636b16d5c1e957caa820257831ed027f83a423"
          },
          "subcomponents": [
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16@1.16.1-r1"
            },
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16-compat@1.16.1-r1"
            }
          ]
        }
      ],
      "status": "under_investigation"
    },
    {
      "vulnerability": {
        "name": "MINI-rx84-f99m-jpfg",
        "aliases": [
          "CVE-2026-39821"
        ]
      },
      "products": [
        {
          "@id": "pkg:oci/cluster-api-vsphere-controller",
          "hashes": {
            "sha-256": "sha256:8056a82ca7cb4efa307ec852cc636b16d5c1e957caa820257831ed027f83a423"
          },
          "subcomponents": [
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16@1.16.1-r1"
            },
            {
              "@id": "pkg:apk/minimos/cluster-api-provider-vsphere-1.16-compat@1.16.1-r1"
            }
          ]
        }
      ],
      "status": "affected",
      "action_statement": "For more context and potential remediation information, review the References tab: https://images.minimus.io/advisories/CVE-2026-39821/references"
    }
  ]
}