Update CVE scans reports - 2026-01-21

Author: rancher-security-team[bot]

docs/csv/report-longhorn-v1.10-head-cves.csv

@@ -3,5 +3,4 @@ longhornio/csi-attacher:v4.10.0-20251226,longhorn/v1.10-head,golang.org/x/crypto
 longhornio/csi-attacher:v4.10.0-20251226,longhorn/v1.10-head,golang.org/x/crypto,v0.38.0,gobinary,CVE-2025-58181,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-58181,csi-attacher,0.45.0,false,not_affected,vulnerable_code_not_present
 longhornio/csi-snapshotter:v8.4.0-20251226,longhorn/v1.10-head,golang.org/x/crypto,v0.37.0,gobinary,CVE-2025-47914,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-47914,csi-snapshotter,0.45.0,false,not_affected,vulnerable_code_not_present
 longhornio/csi-snapshotter:v8.4.0-20251226,longhorn/v1.10-head,golang.org/x/crypto,v0.37.0,gobinary,CVE-2025-58181,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-58181,csi-snapshotter,0.45.0,false,not_affected,vulnerable_code_not_present
-longhornio/longhorn-cli:v1.10.x-head,longhorn/v1.10-head,libglib-2_0-0,2.78.6-150600.4.22.1,sles,SUSE-SU-2026:0018-1,HIGH,,longhornio/longhorn-cli:v1.10.x-head (sles 15.7),2.78.6-150600.4.25.1,false,affected,
 longhornio/longhorn-ui:v1.10.x-head,longhorn/v1.10-head,libglib-2_0-0,2.78.6-150600.4.22.1,sles,SUSE-SU-2026:0018-1,HIGH,,longhornio/longhorn-ui:v1.10.x-head (sles 15.7),2.78.6-150600.4.25.1,false,affected,

docs/csv/report-longhorn-v1.10-head-stats.csv

@@ -6,7 +6,7 @@ longhornio/csi-provisioner:v5.3.0-20251226,0,0,0
 longhornio/csi-resizer:v1.14.0-20260119,0,0,0
 longhornio/csi-snapshotter:v8.4.0-20251226,0,0,0
 longhornio/livenessprobe:v2.17.0-20251226,0,0,0
-longhornio/longhorn-cli:v1.10.x-head,0,1,1
+longhornio/longhorn-cli:v1.10.x-head,0,0,0
 longhornio/longhorn-engine:v1.10.x-head,0,0,0
 longhornio/longhorn-instance-manager:v1.10.x-head,0,0,0
 longhornio/longhorn-manager:v1.10.x-head,0,0,0

docs/csv/report-longhorn-v1.9-head-cves.csv

@@ -20,7 +20,6 @@ longhornio/csi-snapshotter:v8.4.0-20251030,longhorn/v1.9-head,golang.org/x/crypt
 longhornio/csi-snapshotter:v8.4.0-20251030,longhorn/v1.9-head,golang.org/x/crypto,v0.37.0,gobinary,CVE-2025-58181,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-58181,csi-snapshotter,0.45.0,false,not_affected,vulnerable_code_not_present
 longhornio/livenessprobe:v2.17.0-20251030,longhorn/v1.9-head,stdlib,v1.24.9,gobinary,CVE-2025-61729,HIGH,https://avd.aquasec.com/nvd/cve-2025-61729,livenessprobe,"1.24.11, 1.25.5",false,affected,
 longhornio/livenessprobe:v2.17.0-20251030,longhorn/v1.9-head,stdlib,v1.24.9,gobinary,CVE-2025-61727,HIGH,https://avd.aquasec.com/nvd/cve-2025-61727,livenessprobe,"1.24.11, 1.25.5",false,affected,severity_changed_due_to_suse_cvss_score
-longhornio/longhorn-cli:v1.9.x-head,longhorn/v1.9-head,libglib-2_0-0,2.78.6-150600.4.22.1,sles,SUSE-SU-2026:0018-1,HIGH,,longhornio/longhorn-cli:v1.9.x-head (sles 15.7),2.78.6-150600.4.25.1,false,affected,
 longhornio/longhorn-engine:v1.9.x-head,longhorn/v1.9-head,libglib-2_0-0,2.78.6-150600.4.22.1,sles,SUSE-SU-2026:0018-1,HIGH,,longhornio/longhorn-engine:v1.9.x-head (sles 15.7),2.78.6-150600.4.25.1,false,affected,
 longhornio/longhorn-engine:v1.9.x-head,longhorn/v1.9-head,libgmodule-2_0-0,2.78.6-150600.4.22.1,sles,SUSE-SU-2026:0018-1,HIGH,,longhornio/longhorn-engine:v1.9.x-head (sles 15.7),2.78.6-150600.4.25.1,false,affected,
 longhornio/longhorn-engine:v1.9.x-head,longhorn/v1.9-head,stdlib,v1.24.10,gobinary,CVE-2025-61729,HIGH,https://avd.aquasec.com/nvd/cve-2025-61729,usr/local/bin/grpc_health_probe,"1.24.11, 1.25.5",false,affected,

docs/csv/report-longhorn-v1.9-head-stats.csv

@@ -6,7 +6,7 @@ longhornio/csi-provisioner:v5.3.0-20251030,0,2,2
 longhornio/csi-resizer:v1.14.0-20251030,0,2,2
 longhornio/csi-snapshotter:v8.4.0-20251030,0,2,2
 longhornio/livenessprobe:v2.17.0-20251030,0,2,2
-longhornio/longhorn-cli:v1.9.x-head,0,1,1
+longhornio/longhorn-cli:v1.9.x-head,0,0,0
 longhornio/longhorn-engine:v1.9.x-head,0,8,8
 longhornio/longhorn-instance-manager:v1.9.x-head,0,0,0
 longhornio/longhorn-manager:v1.9.x-head,0,0,0

docs/csv/report-observability-agent-v1.2-dev-cves.csv

@@ -1,7 +1,7 @@
 image,release,package_name,package_version,type,vulnerability_id,severity,url,target,patched_version,mirrored,status,justification
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,pg8000,1.10.1,python-pkg,CVE-2025-61385,HIGH,https://avd.aquasec.com/nvd/cve-2025-61385,Python,1.31.5,false,affected,
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,protobuf,3.20.2,python-pkg,CVE-2025-4565,HIGH,https://avd.aquasec.com/nvd/cve-2025-4565,Python,"4.25.8, 5.29.5, 6.31.1",false,affected,
-quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,setuptools,70.0.0.post20260119,python-pkg,CVE-2025-47273,HIGH,https://avd.aquasec.com/nvd/cve-2025-47273,Python,78.1.1,false,affected,
+quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,setuptools,70.0.0.post20260120,python-pkg,CVE-2025-47273,HIGH,https://avd.aquasec.com/nvd/cve-2025-47273,Python,78.1.1,false,affected,
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,urllib3,1.26.19,python-pkg,CVE-2025-66418,HIGH,https://avd.aquasec.com/nvd/cve-2025-66418,Python,2.6.0,false,affected,
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,urllib3,1.26.19,python-pkg,CVE-2025-66471,HIGH,https://avd.aquasec.com/nvd/cve-2025-66471,Python,2.6.0,false,affected,
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,urllib3,1.26.19,python-pkg,CVE-2026-21441,HIGH,https://avd.aquasec.com/nvd/cve-2026-21441,Python,2.6.3,false,affected,