Update CVE scans reports - 2026-02-04

Author: rancher-security-team[bot]

docs/csv/report-observability-agent-v1.2-dev-cves.csv

@@ -2,7 +2,7 @@ image,release,package_name,package_version,type,vulnerability_id,severity,url,ta
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,pg8000,1.10.1,python-pkg,CVE-2025-61385,HIGH,https://avd.aquasec.com/nvd/cve-2025-61385,Python,1.31.5,false,affected,
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,protobuf,3.20.2,python-pkg,CVE-2025-4565,HIGH,https://avd.aquasec.com/nvd/cve-2025-4565,Python,"4.25.8, 5.29.5, 6.31.1",false,affected,
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,protobuf,3.20.2,python-pkg,CVE-2026-0994,HIGH,https://avd.aquasec.com/nvd/cve-2026-0994,Python,6.33.5,false,affected,
-quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,setuptools,70.0.0.post20260202,python-pkg,CVE-2025-47273,HIGH,https://avd.aquasec.com/nvd/cve-2025-47273,Python,78.1.1,false,affected,
+quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,setuptools,70.0.0.post20260203,python-pkg,CVE-2025-47273,HIGH,https://avd.aquasec.com/nvd/cve-2025-47273,Python,78.1.1,false,affected,
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,urllib3,1.26.19,python-pkg,CVE-2025-66418,HIGH,https://avd.aquasec.com/nvd/cve-2025-66418,Python,2.6.0,false,affected,
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,urllib3,1.26.19,python-pkg,CVE-2025-66471,HIGH,https://avd.aquasec.com/nvd/cve-2025-66471,Python,2.6.0,false,affected,
 quay.io/stackstate/stackstate-k8s-agent:b85512ad,observability-agent/v1.2-dev,urllib3,1.26.19,python-pkg,CVE-2026-21441,HIGH,https://avd.aquasec.com/nvd/cve-2026-21441,Python,2.6.3,false,affected,

docs/csv/report-rancher-head-cves.csv

@@ -9395,9 +9395,6 @@ rancher/nginx-ingress-controller:v1.13.5-hardened2,rancher/head,stdlib,v1.25.5,g
 rancher/nginx-ingress-controller:v1.13.5-hardened2,rancher/head,stdlib,v1.25.5,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,wait-shutdown,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/nginx-ingress-controller:v1.13.5-hardened2,rancher/head,stdlib,v1.25.5,gobinary,CVE-2025-61730,LOW,https://avd.aquasec.com/nvd/cve-2025-61730,wait-shutdown,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher-agent:head,rancher/head,github.com/containerd/containerd,v1.7.28,gobinary,CVE-2024-25621,HIGH,https://avd.aquasec.com/nvd/cve-2024-25621,usr/bin/agent,1.7.29,false,affected,
-rancher/rancher-agent:head,rancher/head,stdlib,v1.25.5,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,usr/bin/agent,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
-rancher/rancher-agent:head,rancher/head,stdlib,v1.25.5,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,usr/bin/agent,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
-rancher/rancher-agent:head,rancher/head,stdlib,v1.25.5,gobinary,CVE-2025-61730,LOW,https://avd.aquasec.com/nvd/cve-2025-61730,usr/bin/agent,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher-agent:head,rancher/head,stdlib,v1.24.6,gobinary,CVE-2025-58183,LOW,https://avd.aquasec.com/nvd/cve-2025-58183,usr/bin/kubectl,"1.24.8, 1.25.2",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher-agent:head,rancher/head,stdlib,v1.24.6,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,usr/bin/kubectl,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher-agent:head,rancher/head,stdlib,v1.24.6,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,usr/bin/kubectl,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
@@ -9509,9 +9506,6 @@ rancher/rancher:head,rancher/head,golang.org/x/crypto,v0.36.0,gobinary,CVE-2025-
 rancher/rancher:head,rancher/head,golang.org/x/crypto,v0.36.0,gobinary,CVE-2025-58181,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-58181,usr/bin/k3s,0.45.0,false,not_affected,vulnerable_code_not_present
 rancher/rancher:head,rancher/head,stdlib,v1.24.6,gobinary,CVE-2025-61724,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61724,usr/bin/k3s,"1.24.8, 1.25.2",false,not_affected,vulnerable_code_not_in_execute_path
 rancher/rancher:head,rancher/head,github.com/containerd/containerd,v1.7.28,gobinary,CVE-2024-25621,HIGH,https://avd.aquasec.com/nvd/cve-2024-25621,usr/bin/rancher,1.7.29,false,affected,
-rancher/rancher:head,rancher/head,stdlib,v1.25.5,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,usr/bin/rancher,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
-rancher/rancher:head,rancher/head,stdlib,v1.25.5,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,usr/bin/rancher,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
-rancher/rancher:head,rancher/head,stdlib,v1.25.5,gobinary,CVE-2025-61730,LOW,https://avd.aquasec.com/nvd/cve-2025-61730,usr/bin/rancher,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher:head,rancher/head,stdlib,v1.24.7,gobinary,CVE-2025-58183,LOW,https://avd.aquasec.com/nvd/cve-2025-58183,usr/bin/rancher-machine,"1.24.8, 1.25.2",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher:head,rancher/head,stdlib,v1.24.7,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,usr/bin/rancher-machine,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher:head,rancher/head,stdlib,v1.24.7,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,usr/bin/rancher-machine,"1.24.12, 1.25.6",false,affected,severity_changed_due_to_suse_cvss_score

docs/csv/report-rancher-v2.10-head-cves.csv

@@ -22855,6 +22855,8 @@ rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.10-head,stdlib,v1.22
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.10-head,stdlib,v1.22.2,gobinary,CVE-2024-34158,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34158,usr/local/bin/pilot-agent,"1.22.7, 1.23.1",true,not_affected,vulnerable_code_not_in_execute_path
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.10-head,stdlib,v1.22.2,gobinary,CVE-2025-61724,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61724,usr/local/bin/pilot-agent,"1.24.8, 1.25.2",true,not_affected,vulnerable_code_not_in_execute_path
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10-head,glibc,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10-head,glibc-locale-posix,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10-head,ld-linux,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10-head,stdlib,v1.22.6,gobinary,CVE-2025-58183,LOW,https://avd.aquasec.com/nvd/cve-2025-58183,usr/local/bin/pilot-agent,"1.24.8, 1.25.2",true,affected,severity_changed_due_to_suse_cvss_score
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10-head,stdlib,v1.22.6,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,usr/local/bin/pilot-agent,"1.24.12, 1.25.6",true,affected,severity_changed_due_to_suse_cvss_score
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10-head,stdlib,v1.22.6,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,usr/local/bin/pilot-agent,"1.24.12, 1.25.6",true,affected,severity_changed_due_to_suse_cvss_score

docs/csv/report-rancher-v2.10-head-stats.csv

@@ -429,7 +429,7 @@ rancher/mirrored-istio-pilot:1.25.0-distroless,0,4,4
 rancher/mirrored-istio-proxyv2:1.19.6-distroless,0,16,16
 rancher/mirrored-istio-proxyv2:1.21.1-distroless,0,9,9
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,0,6,6
-rancher/mirrored-istio-proxyv2:1.23.2-distroless,0,5,5
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,0,7,7
 rancher/mirrored-istio-proxyv2:1.24.1-distroless,0,7,7
 rancher/mirrored-istio-proxyv2:1.25.0-distroless,0,7,7
 rancher/mirrored-jaegertracing-all-in-one:1.52.0,0,17,17

docs/csv/report-rancher-v2.10.11-cves.csv

@@ -22860,6 +22860,8 @@ rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.10.11,stdlib,v1.22.2
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.10.11,stdlib,v1.22.2,gobinary,CVE-2024-34158,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34158,usr/local/bin/pilot-agent,"1.22.7, 1.23.1",true,not_affected,vulnerable_code_not_in_execute_path
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.10.11,stdlib,v1.22.2,gobinary,CVE-2025-61724,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61724,usr/local/bin/pilot-agent,"1.24.8, 1.25.2",true,not_affected,vulnerable_code_not_in_execute_path
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10.11,glibc,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10.11,glibc-locale-posix,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10.11,ld-linux,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10.11,stdlib,v1.22.6,gobinary,CVE-2025-58183,LOW,https://avd.aquasec.com/nvd/cve-2025-58183,usr/local/bin/pilot-agent,"1.24.8, 1.25.2",true,affected,severity_changed_due_to_suse_cvss_score
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10.11,stdlib,v1.22.6,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,usr/local/bin/pilot-agent,"1.24.12, 1.25.6",true,affected,severity_changed_due_to_suse_cvss_score
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.10.11,stdlib,v1.22.6,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,usr/local/bin/pilot-agent,"1.24.12, 1.25.6",true,affected,severity_changed_due_to_suse_cvss_score

docs/csv/report-rancher-v2.10.11-stats.csv

@@ -429,7 +429,7 @@ rancher/mirrored-istio-pilot:1.25.0-distroless,0,4,4
 rancher/mirrored-istio-proxyv2:1.19.6-distroless,0,16,16
 rancher/mirrored-istio-proxyv2:1.21.1-distroless,0,9,9
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,0,6,6
-rancher/mirrored-istio-proxyv2:1.23.2-distroless,0,5,5
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,0,7,7
 rancher/mirrored-istio-proxyv2:1.24.1-distroless,0,7,7
 rancher/mirrored-istio-proxyv2:1.25.0-distroless,0,7,7
 rancher/mirrored-jaegertracing-all-in-one:1.52.0,0,17,17

docs/csv/report-rancher-v2.11-head-cves.csv

@@ -15045,6 +15045,8 @@ rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.11-head,stdlib,v1.22
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.11-head,stdlib,v1.22.2,gobinary,CVE-2024-34158,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34158,usr/local/bin/pilot-agent,"1.22.7, 1.23.1",true,not_affected,vulnerable_code_not_in_execute_path
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.11-head,stdlib,v1.22.2,gobinary,CVE-2025-61724,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61724,usr/local/bin/pilot-agent,"1.24.8, 1.25.2",true,not_affected,vulnerable_code_not_in_execute_path
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11-head,glibc,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11-head,glibc-locale-posix,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11-head,ld-linux,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11-head,stdlib,v1.22.6,gobinary,CVE-2025-58183,LOW,https://avd.aquasec.com/nvd/cve-2025-58183,usr/local/bin/pilot-agent,"1.24.8, 1.25.2",true,affected,severity_changed_due_to_suse_cvss_score
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11-head,stdlib,v1.22.6,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,usr/local/bin/pilot-agent,"1.24.12, 1.25.6",true,affected,severity_changed_due_to_suse_cvss_score
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11-head,stdlib,v1.22.6,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,usr/local/bin/pilot-agent,"1.24.12, 1.25.6",true,affected,severity_changed_due_to_suse_cvss_score

docs/csv/report-rancher-v2.11-head-stats.csv

@@ -363,7 +363,7 @@ rancher/mirrored-istio-pilot:1.23.2-distroless,0,4,4
 rancher/mirrored-istio-pilot:1.24.1-distroless,0,4,4
 rancher/mirrored-istio-pilot:1.25.0-distroless,0,4,4
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,0,6,6
-rancher/mirrored-istio-proxyv2:1.23.2-distroless,0,5,5
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,0,7,7
 rancher/mirrored-istio-proxyv2:1.24.1-distroless,0,7,7
 rancher/mirrored-istio-proxyv2:1.25.0-distroless,0,7,7
 rancher/mirrored-jaegertracing-all-in-one:1.57.0,0,10,10

docs/csv/report-rancher-v2.11.10-cves.csv

@@ -15045,6 +15045,8 @@ rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.11.10,stdlib,v1.22.2
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.11.10,stdlib,v1.22.2,gobinary,CVE-2024-34158,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34158,usr/local/bin/pilot-agent,"1.22.7, 1.23.1",true,not_affected,vulnerable_code_not_in_execute_path
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,rancher/v2.11.10,stdlib,v1.22.2,gobinary,CVE-2025-61724,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61724,usr/local/bin/pilot-agent,"1.24.8, 1.25.2",true,not_affected,vulnerable_code_not_in_execute_path
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11.10,glibc,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11.10,glibc-locale-posix,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11.10,ld-linux,2.40-r1,wolfi,CVE-2026-0861,HIGH,https://avd.aquasec.com/nvd/cve-2026-0861,rancher/mirrored-istio-proxyv2:1.23.2-distroless (wolfi 20230201),2.42-r6,true,affected,
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11.10,stdlib,v1.22.6,gobinary,CVE-2025-58183,LOW,https://avd.aquasec.com/nvd/cve-2025-58183,usr/local/bin/pilot-agent,"1.24.8, 1.25.2",true,affected,severity_changed_due_to_suse_cvss_score
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11.10,stdlib,v1.22.6,gobinary,CVE-2025-61726,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61726,usr/local/bin/pilot-agent,"1.24.12, 1.25.6",true,affected,severity_changed_due_to_suse_cvss_score
 rancher/mirrored-istio-proxyv2:1.23.2-distroless,rancher/v2.11.10,stdlib,v1.22.6,gobinary,CVE-2025-61728,MEDIUM,https://avd.aquasec.com/nvd/cve-2025-61728,usr/local/bin/pilot-agent,"1.24.12, 1.25.6",true,affected,severity_changed_due_to_suse_cvss_score

docs/csv/report-rancher-v2.11.10-stats.csv

@@ -363,7 +363,7 @@ rancher/mirrored-istio-pilot:1.23.2-distroless,0,4,4
 rancher/mirrored-istio-pilot:1.24.1-distroless,0,4,4
 rancher/mirrored-istio-pilot:1.25.0-distroless,0,4,4
 rancher/mirrored-istio-proxyv2:1.22.1-distroless,0,6,6
-rancher/mirrored-istio-proxyv2:1.23.2-distroless,0,5,5
+rancher/mirrored-istio-proxyv2:1.23.2-distroless,0,7,7
 rancher/mirrored-istio-proxyv2:1.24.1-distroless,0,7,7
 rancher/mirrored-istio-proxyv2:1.25.0-distroless,0,7,7
 rancher/mirrored-jaegertracing-all-in-one:1.57.0,0,10,10