{ "@context": "https://openvex.dev/ns/v0.2.0", "@id": "https://openvex.dev/docs/public/vex-c3cee08290a321ab82036d554fefad8c25685b0d6aa0dc66e64f248af9bfc416", "author": "minimus", "timestamp": "2026-06-27T09:41:46.387583963Z", "version": 1, "statements": [ { "vulnerability": { "name": "MINI-23p3-qw4q-3336", "aliases": [ "CVE-2026-4438" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-28f7-qwc7-m8cg", "aliases": [ "CVE-2026-39826" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-296j-9jv4-6jpq", "aliases": [ "CVE-2026-39836" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-3jx9-w69q-v5j9", "aliases": [ "CVE-2026-0861" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-4h2v-2wq7-j965", "aliases": [ "CVE-2026-27145" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-4hff-6j5q-cp3r", "aliases": [ "CVE-2025-0395" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-4hjr-3rw9-p262", "aliases": [ "CVE-2019-1010025" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "The CVE is disputed and the upstream project has determined it does not pose a risk." }, { "vulnerability": { "name": "MINI-4hx7-r8fj-4v45", "aliases": [ "CVE-2026-5928" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-4mwp-32g3-4x3m", "aliases": [ "CVE-2026-5358" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "This CVE was rejected by sourceware, for more details refer to - https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2026-0008;h=43b38ce38a78b6458608fa4c044994b8d8516751;hb=HEAD" }, { "vulnerability": { "name": "MINI-5699-2qf6-m8cp", "aliases": [ "CVE-2026-5435" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-76r4-7268-q2p2", "aliases": [ "CVE-2026-39817" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-87vj-9xxw-37fg", "aliases": [ "CVE-2026-39819" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-8fq4-p7r9-vcm5", "aliases": [ "CVE-2010-4756" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "The CVE in glibc is not considered a vulnerability by most distributions. Glibc implements glob according to POSIX standards, which do not guarantee memory safety. Network facing services should sanitize the inputs to glob, or configure resource limits." }, { "vulnerability": { "name": "MINI-8qf7-3jq4-43w3", "aliases": [ "CVE-2025-5702" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "not_affected", "justification": "component_not_present", "impact_statement": "The CVE is specific to PowerPC environments and it does not affect Minimus packages." }, { "vulnerability": { "name": "MINI-9482-2jh4-39pv", "aliases": [ "CVE-2026-6238" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-99jm-pjfm-xqq8", "aliases": [ "CVE-2026-39825" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-9hh6-fpmp-x773", "aliases": [ "CVE-2026-42507" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-9x7c-882f-gc36", "aliases": [ "CVE-2019-1010022" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "The CVE is disputed and the upstream project has determined it does not pose a risk." }, { "vulnerability": { "name": "MINI-c22c-296w-ggx6", "aliases": [ "CVE-2026-33811" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-cmmm-vp98-cjhp", "aliases": [ "CVE-2026-5450" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-fxvq-pfpj-pqwf", "aliases": [ "CVE-2026-39823" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-ggqv-3w5g-76qx", "aliases": [ "CVE-2026-4437" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-hxf5-4m8q-g8p3", "aliases": [ "CVE-2026-39820" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-hxqr-2743-w74q", "aliases": [ "CVE-2026-42504" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-jmmw-4597-rmjp", "aliases": [ "CVE-2019-1010023" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "The CVE is disputed and the upstream project has determined it does not pose a risk." }, { "vulnerability": { "name": "MINI-jmw8-55p2-h9f4", "aliases": [ "CVE-2026-39824" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path" }, { "vulnerability": { "name": "MINI-p8f2-2r9v-5wh5", "aliases": [ "CVE-2026-42501" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-phc3-7qpg-76g2", "aliases": [ "CVE-2025-15281" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-pjhm-32g4-94f9", "aliases": [ "CVE-2026-33814" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-pr9c-2v5q-34m2", "aliases": [ "CVE-2025-5745" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "not_affected", "justification": "component_not_present", "impact_statement": "The CVE is specific to PowerPC environments and it does not affect Minimus packages." }, { "vulnerability": { "name": "MINI-r5x8-hhfx-4867", "aliases": [ "CVE-2019-1010024" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "The CVE is disputed and the upstream project has determined it does not pose a risk." }, { "vulnerability": { "name": "MINI-rgw6-m9rq-wr8j", "aliases": [ "CVE-2026-0915" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-rpf9-4p9f-qx57", "aliases": [ "CVE-2025-8058" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-vv9p-q45w-3qm8", "aliases": [ "CVE-2026-4046" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/glibc@2.43-r4" }, { "@id": "pkg:apk/minimos/glibc-locale-posix@2.43-r4" }, { "@id": "pkg:apk/minimos/ld-linux@2.43-r4" } ] } ], "status": "fixed" }, { "vulnerability": { "name": "MINI-wrjp-j5xq-gww2", "aliases": [ "CVE-2025-65942" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "under_investigation" }, { "vulnerability": { "name": "MINI-wx69-rjv5-6g46", "aliases": [ "CVE-2026-42499" ] }, "products": [ { "@id": "pkg:oci/victoriametrics-victoria-traces", "hashes": { "sha-256": "sha256:aab906f79c6d07166eb616da81892623f511f005b04f667d14896e7ff71f8e58" }, "subcomponents": [ { "@id": "pkg:apk/minimos/victoriatraces@0.9.3-r0" }, { "@id": "pkg:apk/minimos/victoriatraces-compat@0.9.3-r0" } ] } ], "status": "fixed" } ] }