| Package | Version | Severity | CVE | Fix Version | Description |
|---|---|---|---|---|---|
| glibc | 2.43-r6 | HIGH | CVE-2026-5928 | n/a | Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte |
| json | 2.18.0 | HIGH | GHSA-3m6g-2423-7cp3 | 2.19.2 | Ruby JSON has a format string injection vulnerability |