chore: update security scan results

    - Updated scan data from workflow run 126
    - Scan mode: git-only
    - Total scanned: 160
    - Total vulnerabilities: 478

Author: actions-user

data/master-d1b91b79b5.json

@@ -0,0 +1,42 @@
+{
+  "release_version": "master-d1b91b79b5",
+  "scan_date": "2025-11-06T00:28:37.895988Z",
+  "tool_version": "0.21.0",
+  "total_components": 0,
+  "vulnerabilities": [
+    {
+      "cve_id": "CVE-2025-54764",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "6.2",
+      "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+      "description": "Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-54764"
+    },
+    {
+      "cve_id": "CVE-2025-59438",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "5.3",
+      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+      "description": "Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-59438"
+    }
+  ],
+  "summary": {
+    "total_vulnerabilities": 2,
+    "by_severity": {
+      "CRITICAL": 0,
+      "HIGH": 0,
+      "MEDIUM": 2,
+      "LOW": 0
+    }
+  },
+  "metadata": {
+    "scanner": "esp-idf-security-dashboard",
+    "scan_method": "git-release-branch",
+    "docker_image": null
+  }
+}

data/release_v5.0-d9f9b7d8ed.json

@@ -1,6 +1,6 @@
 {
   "release_version": "release/v5.0-d9f9b7d8ed",
-  "scan_date": "2025-11-05T00:27:48.349482Z",
+  "scan_date": "2025-11-06T00:27:48.401919Z",
   "tool_version": "0.21.0",
   "total_components": 0,
   "vulnerabilities": [

data/release_v5.1-79c0dff3a5.json

@@ -0,0 +1,42 @@
+{
+  "release_version": "release/v5.1-79c0dff3a5",
+  "scan_date": "2025-11-06T00:27:56.238875Z",
+  "tool_version": "0.21.0",
+  "total_components": 0,
+  "vulnerabilities": [
+    {
+      "cve_id": "CVE-2025-54764",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "6.2",
+      "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+      "description": "Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-54764"
+    },
+    {
+      "cve_id": "CVE-2025-59438",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "5.3",
+      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+      "description": "Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-59438"
+    }
+  ],
+  "summary": {
+    "total_vulnerabilities": 2,
+    "by_severity": {
+      "CRITICAL": 0,
+      "HIGH": 0,
+      "MEDIUM": 2,
+      "LOW": 0
+    }
+  },
+  "metadata": {
+    "scanner": "esp-idf-security-dashboard",
+    "scan_method": "git-release-branch",
+    "docker_image": null
+  }
+}

data/release_v5.2-72d06017df.json

@@ -0,0 +1,42 @@
+{
+  "release_version": "release/v5.2-72d06017df",
+  "scan_date": "2025-11-06T00:28:12.508565Z",
+  "tool_version": "0.21.0",
+  "total_components": 0,
+  "vulnerabilities": [
+    {
+      "cve_id": "CVE-2025-54764",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "6.2",
+      "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+      "description": "Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-54764"
+    },
+    {
+      "cve_id": "CVE-2025-59438",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "5.3",
+      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+      "description": "Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-59438"
+    }
+  ],
+  "summary": {
+    "total_vulnerabilities": 2,
+    "by_severity": {
+      "CRITICAL": 0,
+      "HIGH": 0,
+      "MEDIUM": 2,
+      "LOW": 0
+    }
+  },
+  "metadata": {
+    "scanner": "esp-idf-security-dashboard",
+    "scan_method": "git-release-branch",
+    "docker_image": null
+  }
+}

data/release_v5.3-e807677650.json

@@ -0,0 +1,42 @@
+{
+  "release_version": "release/v5.3-e807677650",
+  "scan_date": "2025-11-06T00:28:29.573802Z",
+  "tool_version": "0.21.0",
+  "total_components": 0,
+  "vulnerabilities": [
+    {
+      "cve_id": "CVE-2025-54764",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "6.2",
+      "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+      "description": "Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-54764"
+    },
+    {
+      "cve_id": "CVE-2025-59438",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "5.3",
+      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+      "description": "Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-59438"
+    }
+  ],
+  "summary": {
+    "total_vulnerabilities": 2,
+    "by_severity": {
+      "CRITICAL": 0,
+      "HIGH": 0,
+      "MEDIUM": 2,
+      "LOW": 0
+    }
+  },
+  "metadata": {
+    "scanner": "esp-idf-security-dashboard",
+    "scan_method": "git-release-branch",
+    "docker_image": null
+  }
+}

data/release_v5.4-616ff5862b.json

@@ -0,0 +1,42 @@
+{
+  "release_version": "release/v5.4-616ff5862b",
+  "scan_date": "2025-11-06T00:28:04.795900Z",
+  "tool_version": "0.21.0",
+  "total_components": 0,
+  "vulnerabilities": [
+    {
+      "cve_id": "CVE-2025-54764",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "6.2",
+      "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+      "description": "Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-54764"
+    },
+    {
+      "cve_id": "CVE-2025-59438",
+      "component": "mbed_tls",
+      "component_version": "3.6.4",
+      "severity": "MEDIUM",
+      "score": "5.3",
+      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+      "description": "Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.",
+      "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-59438"
+    }
+  ],
+  "summary": {
+    "total_vulnerabilities": 2,
+    "by_severity": {
+      "CRITICAL": 0,
+      "HIGH": 0,
+      "MEDIUM": 2,
+      "LOW": 0
+    }
+  },
+  "metadata": {
+    "scanner": "esp-idf-security-dashboard",
+    "scan_method": "git-release-branch",
+    "docker_image": null
+  }
+}

data/release_v5.5-f1a1df9b2e.json

@@ -1,6 +1,6 @@
 {
   "release_version": "release/v5.5-f1a1df9b2e",
-  "scan_date": "2025-11-05T00:27:39.918002Z",
+  "scan_date": "2025-11-06T00:28:20.928514Z",
   "tool_version": "0.21.0",
   "total_components": 0,
   "vulnerabilities": [

data/scan_summary.json

@@ -1,61 +1,61 @@
 {
-  "last_updated": "2025-11-05T00:28:05.594992Z",
+  "last_updated": "2025-11-06T00:28:37.896430Z",
   "scanned_versions": [
-    "v5.4.1",
-    "v5.3.2",
-    "v5.0.3",
-    "v5.0.9",
-    "v5.3",
-    "v5.1.1",
-    "v5.0.1",
-    "v5.0.5",
     "v5.1.5",
+    "v5.0.1",
     "v5.1.3",
+    "v5.0",
+    "v5.1.4",
+    "v5.4",
+    "v5.2.3",
+    "v5.4.1",
+    "v5.0.9",
+    "v5.1.6",
+    "v5.0.8",
     "v5.3.3",
-    "v5.2.6",
+    "v5.2.1",
     "v5.5.1",
-    "v5.3.1",
+    "v5.0.7",
+    "v5.3",
     "v5.1",
     "v5.2.4",
-    "v5.3.4",
-    "v5.4",
-    "v5.4.3",
-    "v5.1.4",
-    "v5.0.6",
-    "v5.2.3",
-    "v5.2.5",
-    "v5.0.7",
-    "v5.2.1",
-    "v5.1.2",
-    "v5.0.4",
+    "v5.2.6",
     "v5.0.2",
-    "v5.0.8",
-    "v5.2.2",
-    "v5.0",
-    "v5.1.6",
+    "v5.2",
+    "v5.1.1",
+    "v5.0.4",
     "v5.4.2",
+    "v5.4.3",
     "v5.5",
-    "v5.2",
-    "release/v5.2-083e2bb56a",
-    "release/v5.3-13ec3f6f6f",
-    "release/v5.4-c94fdcdb48",
-    "release/v5.5-f1a1df9b2e",
+    "v5.3.2",
+    "v5.0.5",
+    "v5.3.4",
+    "v5.2.2",
+    "v5.0.3",
+    "v5.2.5",
+    "v5.3.1",
+    "v5.1.2",
+    "v5.0.6",
     "release/v5.0-d9f9b7d8ed",
-    "release/v5.1-dd37234fff",
-    "master-ff97953b32"
+    "release/v5.1-79c0dff3a5",
+    "release/v5.4-616ff5862b",
+    "release/v5.2-72d06017df",
+    "release/v5.5-f1a1df9b2e",
+    "release/v5.3-e807677650",
+    "master-d1b91b79b5"
   ],
   "failed_versions": [
-    "release/v5.2",
-    "release/v5.3",
-    "release/v5.4",
-    "release/v5.5",
     "release/v5.0",
     "release/v5.1",
+    "release/v5.4",
+    "release/v5.2",
+    "release/v5.5",
+    "release/v5.3",
     "master"
   ],
   "total_scanned": 42,
   "scan_method": "git-batch",
-  "workflow_run": "125",
+  "workflow_run": "126",
   "scanner_info": {
     "tool": "esp-idf-security-dashboard",
     "esp_idf_sbom_version": "0.21.0",

data/v5.0.1.json

@@ -1,6 +1,6 @@
 {
   "release_version": "v5.0.1",
-  "scan_date": "2025-11-05T00:23:34.743758Z",
+  "scan_date": "2025-11-06T00:23:30.293204Z",
   "tool_version": "0.21.0",
   "total_components": 0,
   "vulnerabilities": [],

data/v5.0.2.json

@@ -1,6 +1,6 @@
 {
   "release_version": "v5.0.2",
-  "scan_date": "2025-11-05T00:26:14.099881Z",
+  "scan_date": "2025-11-06T00:25:43.475679Z",
   "tool_version": "0.21.0",
   "total_components": 0,
   "vulnerabilities": [],