{
    "document": {
        "category": "csaf_base",
        "csaf_version": "2.0",
        "distribution": {
            "tlp": {
                "label": "WHITE"
            }
        },
        "lang": "en",
        "notes": [
            {
                "category": "legal_disclaimer",
                "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this portal to enhance access to its information and vulnerabilities. The use of this information is subject to the following terms and conditions:\n\nThe vulnerabilities disclosed in this portal are gathered by NCSC-NL from a variety of open sources, which the user can retrieve from other platforms. NCSC-NL makes every reasonable effort to ensure that the content of this portal is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or real-time keeping up-to-date. NCSC-NL does not control nor guarantee the accuracy, relevance, timeliness or completeness of information obtained from these external sources. The vulnerabilities disclosed in this portal are intended solely for the convenience of professional parties to take appropriate measures to manage the risks posed to the cybersecurity. No rights can be derived from the information provided therein.\n\nNCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of the vulnerabilities disclosed in this portal. This includes damage resulting from the inaccuracy of incompleteness of the information contained in it.\nThe information on this page is subject to Dutch law. All disputes related to or arising from the use of this portal regarding the disclosure of vulnerabilities will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
            }
        ],
        "publisher": {
            "category": "coordinator",
            "contact_details": "cert@ncsc.nl",
            "name": "National Cyber Security Centre",
            "namespace": "https://www.ncsc.nl/"
        },
        "title": "CVE-2026-21619",
        "tracking": {
            "current_release_date": "2026-04-02T05:42:31.196278Z",
            "generator": {
                "date": "2026-02-17T15:00:00Z",
                "engine": {
                    "name": "V.E.L.M.A",
                    "version": "1.7"
                }
            },
            "id": "CVE-2026-21619",
            "initial_release_date": "2026-02-27T18:26:30.391600Z",
            "revision_history": [
                {
                    "date": "2026-02-27T18:26:30.391600Z",
                    "number": "1",
                    "summary": "CVE created.| Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| References created (4).| CWES updated (1)."
                },
                {
                    "date": "2026-02-27T18:26:32.470957Z",
                    "number": "2",
                    "summary": "NCSC Score created."
                },
                {
                    "date": "2026-02-27T18:38:39.976346Z",
                    "number": "3",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products created (9).| Product Identifiers created (9).| References created (4).| CWES updated (1)."
                },
                {
                    "date": "2026-02-27T18:38:45.779437Z",
                    "number": "4",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-02-27T19:39:08.901672Z",
                    "number": "5",
                    "summary": "Unknown change."
                },
                {
                    "date": "2026-02-28T10:26:04.813979Z",
                    "number": "6",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products connected (10).| Products created (49).| References created (4).| CWES updated (1)."
                },
                {
                    "date": "2026-02-28T14:14:55.989003Z",
                    "number": "7",
                    "summary": "Source created.| CVE status created. (valid)| EPSS created."
                },
                {
                    "date": "2026-02-28T14:14:59.357987Z",
                    "number": "8",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-01T01:39:33.708018Z",
                    "number": "9",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| References created (6).| CWES updated (1)."
                },
                {
                    "date": "2026-03-01T01:39:41.127498Z",
                    "number": "10",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-02T10:19:22.395911Z",
                    "number": "11",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products connected (59).| Products created (43).| References created (4)."
                },
                {
                    "date": "2026-03-08T18:42:41.987568Z",
                    "number": "12",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| Products created (1)."
                },
                {
                    "date": "2026-03-08T18:42:47.332582Z",
                    "number": "13",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-16T03:26:39.440338Z",
                    "number": "14",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-20T10:03:39.075713Z",
                    "number": "15",
                    "summary": "Source connected.| CVE status created. (valid)| EPSS created."
                },
                {
                    "date": "2026-03-20T10:03:42.777329Z",
                    "number": "16",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-24T06:53:28.806994Z",
                    "number": "17",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products created (3).| Product Identifiers created (3).| References created (4).| CWES updated (1)."
                },
                {
                    "date": "2026-03-24T06:53:33.431529Z",
                    "number": "18",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-26T17:50:22.094053Z",
                    "number": "19",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products created (7).| Product Identifiers created (4).| References created (2)."
                },
                {
                    "date": "2026-03-26T17:50:29.152782Z",
                    "number": "20",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-04-02T05:42:20.450947Z",
                    "number": "21",
                    "summary": "NCSC Score updated."
                }
            ],
            "status": "interim",
            "version": "21"
        }
    },
    "product_tree": {
        "branches": [
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/>=2.3.0|<2.3.2",
                                "product": {
                                    "name": "vers:unknown/>=2.3.0|<2.3.2",
                                    "product_id": "CSAFPID-5896887",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:hex:hex:*:*:*:*:*:*:*:*"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Hex"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/>=0.1.0|<0.12.1",
                                "product": {
                                    "name": "vers:unknown/>=0.1.0|<0.12.1",
                                    "product_id": "CSAFPID-5896888",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:hex:hex_core:*:*:*:*:*:*:*:*"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Hex Core"
                    }
                ],
                "category": "vendor",
                "name": "Hex"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:git/209c02ec57c2cc3207ee0174c3af3675b8dc8f79|<1d4478f527e373de0b225951e53115450e0d9b9d",
                                "product": {
                                    "name": "vers:git/209c02ec57c2cc3207ee0174c3af3675b8dc8f79|<1d4478f527e373de0b225951e53115450e0d9b9d",
                                    "product_id": "CSAFPID-5736079",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:erlang:rebar3:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:purl/pkg:otp/rebar3@3.9.1|<pkg:otp/rebar3@3.27.0",
                                "product": {
                                    "name": "vers:purl/pkg:otp/rebar3@3.9.1|<pkg:otp/rebar3@3.27.0",
                                    "product_id": "CSAFPID-5736081",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:erlang:rebar3:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/3.9.1|<3.27.0",
                                "product": {
                                    "name": "vers:semver/3.9.1|<3.27.0",
                                    "product_id": "CSAFPID-5736080",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:erlang:rebar3:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.11.0",
                                "product": {
                                    "name": "vers:unknown/3.11.0",
                                    "product_id": "CSAFPID-549062"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.11.1",
                                "product": {
                                    "name": "vers:unknown/3.11.1",
                                    "product_id": "CSAFPID-549058"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.12.0",
                                "product": {
                                    "name": "vers:unknown/3.12.0",
                                    "product_id": "CSAFPID-549046"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.13.0",
                                "product": {
                                    "name": "vers:unknown/3.13.0",
                                    "product_id": "CSAFPID-549053"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.14.0",
                                "product": {
                                    "name": "vers:unknown/3.14.0",
                                    "product_id": "CSAFPID-5748643"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.14.0-rc1",
                                "product": {
                                    "name": "vers:unknown/3.14.0-rc1",
                                    "product_id": "CSAFPID-5748644"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.14.0-rc2",
                                "product": {
                                    "name": "vers:unknown/3.14.0-rc2",
                                    "product_id": "CSAFPID-5748645"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.14.1",
                                "product": {
                                    "name": "vers:unknown/3.14.1",
                                    "product_id": "CSAFPID-5748646"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.14.2",
                                "product": {
                                    "name": "vers:unknown/3.14.2",
                                    "product_id": "CSAFPID-5748647"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.14.4",
                                "product": {
                                    "name": "vers:unknown/3.14.4",
                                    "product_id": "CSAFPID-5748648"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.15.0",
                                "product": {
                                    "name": "vers:unknown/3.15.0",
                                    "product_id": "CSAFPID-5748649"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.15.1",
                                "product": {
                                    "name": "vers:unknown/3.15.1",
                                    "product_id": "CSAFPID-5748650"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.16.0",
                                "product": {
                                    "name": "vers:unknown/3.16.0",
                                    "product_id": "CSAFPID-5748651"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.16.1",
                                "product": {
                                    "name": "vers:unknown/3.16.1",
                                    "product_id": "CSAFPID-5748652"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.17.0",
                                "product": {
                                    "name": "vers:unknown/3.17.0",
                                    "product_id": "CSAFPID-5748653"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.18.0",
                                "product": {
                                    "name": "vers:unknown/3.18.0",
                                    "product_id": "CSAFPID-5748654"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.19.0",
                                "product": {
                                    "name": "vers:unknown/3.19.0",
                                    "product_id": "CSAFPID-5748655"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.20.0",
                                "product": {
                                    "name": "vers:unknown/3.20.0",
                                    "product_id": "CSAFPID-5748656"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.21.0",
                                "product": {
                                    "name": "vers:unknown/3.21.0",
                                    "product_id": "CSAFPID-5748657"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.22.0",
                                "product": {
                                    "name": "vers:unknown/3.22.0",
                                    "product_id": "CSAFPID-5748658"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.22.1",
                                "product": {
                                    "name": "vers:unknown/3.22.1",
                                    "product_id": "CSAFPID-5748659"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.23.0",
                                "product": {
                                    "name": "vers:unknown/3.23.0",
                                    "product_id": "CSAFPID-5748660"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.24.0",
                                "product": {
                                    "name": "vers:unknown/3.24.0",
                                    "product_id": "CSAFPID-5748661"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.25.0",
                                "product": {
                                    "name": "vers:unknown/3.25.0",
                                    "product_id": "CSAFPID-5748662"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.25.1",
                                "product": {
                                    "name": "vers:unknown/3.25.1",
                                    "product_id": "CSAFPID-5748663"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.26.0",
                                "product": {
                                    "name": "vers:unknown/3.26.0",
                                    "product_id": "CSAFPID-5748664"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/3.9.1",
                                "product": {
                                    "name": "vers:unknown/3.9.1",
                                    "product_id": "CSAFPID-549052"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/>=3.9.1|<3.27.0",
                                "product": {
                                    "name": "vers:unknown/>=3.9.1|<3.27.0",
                                    "product_id": "CSAFPID-5896886",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:erlang:rebar3:*:*:*:*:*:*:*:*"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Rebar3"
                    }
                ],
                "category": "vendor",
                "name": "Erlang"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:git/314546ac432229518714cc8e3336e916b9da6305|<636739f3322514e9303ca335fb630696fcbb3c95",
                                "product": {
                                    "name": "vers:git/314546ac432229518714cc8e3336e916b9da6305|<636739f3322514e9303ca335fb630696fcbb3c95",
                                    "product_id": "CSAFPID-5736076",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:hexpm:hex:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:purl/pkg:otp/hex@2.3.0|<pkg:otp/hex@2.3.2",
                                "product": {
                                    "name": "vers:purl/pkg:otp/hex@2.3.0|<pkg:otp/hex@2.3.2",
                                    "product_id": "CSAFPID-5736078",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:hexpm:hex:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/2.3.0|<2.3.2",
                                "product": {
                                    "name": "vers:semver/2.3.0|<2.3.2",
                                    "product_id": "CSAFPID-5736077",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:hexpm:hex:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.1.0",
                                "product": {
                                    "name": "vers:unknown/v0.1.0",
                                    "product_id": "CSAFPID-5752964"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.1.1",
                                "product": {
                                    "name": "vers:unknown/v0.1.1",
                                    "product_id": "CSAFPID-5752965"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.1.2",
                                "product": {
                                    "name": "vers:unknown/v0.1.2",
                                    "product_id": "CSAFPID-5752966"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.10.0",
                                "product": {
                                    "name": "vers:unknown/v0.10.0",
                                    "product_id": "CSAFPID-5752967"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.10.2",
                                "product": {
                                    "name": "vers:unknown/v0.10.2",
                                    "product_id": "CSAFPID-5752968"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.10.3",
                                "product": {
                                    "name": "vers:unknown/v0.10.3",
                                    "product_id": "CSAFPID-5752969"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.10.4",
                                "product": {
                                    "name": "vers:unknown/v0.10.4",
                                    "product_id": "CSAFPID-5752970"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.11.0",
                                "product": {
                                    "name": "vers:unknown/v0.11.0",
                                    "product_id": "CSAFPID-5752971"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.11.1",
                                "product": {
                                    "name": "vers:unknown/v0.11.1",
                                    "product_id": "CSAFPID-5752972"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.11.2",
                                "product": {
                                    "name": "vers:unknown/v0.11.2",
                                    "product_id": "CSAFPID-5752973"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.11.3",
                                "product": {
                                    "name": "vers:unknown/v0.11.3",
                                    "product_id": "CSAFPID-5752974"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.11.4",
                                "product": {
                                    "name": "vers:unknown/v0.11.4",
                                    "product_id": "CSAFPID-5752975"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.11.5",
                                "product": {
                                    "name": "vers:unknown/v0.11.5",
                                    "product_id": "CSAFPID-5752976"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.12.0",
                                "product": {
                                    "name": "vers:unknown/v0.12.0",
                                    "product_id": "CSAFPID-5752977"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.2.0",
                                "product": {
                                    "name": "vers:unknown/v0.2.0",
                                    "product_id": "CSAFPID-5752978"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.2.1",
                                "product": {
                                    "name": "vers:unknown/v0.2.1",
                                    "product_id": "CSAFPID-5752979"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.2.2",
                                "product": {
                                    "name": "vers:unknown/v0.2.2",
                                    "product_id": "CSAFPID-5752980"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.2.3",
                                "product": {
                                    "name": "vers:unknown/v0.2.3",
                                    "product_id": "CSAFPID-5752981"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.2.4",
                                "product": {
                                    "name": "vers:unknown/v0.2.4",
                                    "product_id": "CSAFPID-5752982"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.2.5",
                                "product": {
                                    "name": "vers:unknown/v0.2.5",
                                    "product_id": "CSAFPID-5752983"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.3.0",
                                "product": {
                                    "name": "vers:unknown/v0.3.0",
                                    "product_id": "CSAFPID-5752984"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.3.1",
                                "product": {
                                    "name": "vers:unknown/v0.3.1",
                                    "product_id": "CSAFPID-5752985"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.3.2",
                                "product": {
                                    "name": "vers:unknown/v0.3.2",
                                    "product_id": "CSAFPID-5752986"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.3.3",
                                "product": {
                                    "name": "vers:unknown/v0.3.3",
                                    "product_id": "CSAFPID-5752987"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.4.0",
                                "product": {
                                    "name": "vers:unknown/v0.4.0",
                                    "product_id": "CSAFPID-5752988"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.4.1",
                                "product": {
                                    "name": "vers:unknown/v0.4.1",
                                    "product_id": "CSAFPID-5752989"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.4.2",
                                "product": {
                                    "name": "vers:unknown/v0.4.2",
                                    "product_id": "CSAFPID-5752990"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.4.3",
                                "product": {
                                    "name": "vers:unknown/v0.4.3",
                                    "product_id": "CSAFPID-5752991"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.5.0",
                                "product": {
                                    "name": "vers:unknown/v0.5.0",
                                    "product_id": "CSAFPID-5752992"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.0",
                                "product": {
                                    "name": "vers:unknown/v0.6.0",
                                    "product_id": "CSAFPID-5752993"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.1",
                                "product": {
                                    "name": "vers:unknown/v0.6.1",
                                    "product_id": "CSAFPID-5752994"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.2",
                                "product": {
                                    "name": "vers:unknown/v0.6.2",
                                    "product_id": "CSAFPID-5752995"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.7.0",
                                "product": {
                                    "name": "vers:unknown/v0.7.0",
                                    "product_id": "CSAFPID-5752996"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.7.1",
                                "product": {
                                    "name": "vers:unknown/v0.7.1",
                                    "product_id": "CSAFPID-5752997"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.7.2",
                                "product": {
                                    "name": "vers:unknown/v0.7.2",
                                    "product_id": "CSAFPID-5752998"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.7.3",
                                "product": {
                                    "name": "vers:unknown/v0.7.3",
                                    "product_id": "CSAFPID-5752999"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.7.4",
                                "product": {
                                    "name": "vers:unknown/v0.7.4",
                                    "product_id": "CSAFPID-5753000"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.7.5",
                                "product": {
                                    "name": "vers:unknown/v0.7.5",
                                    "product_id": "CSAFPID-5753001"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.8.0",
                                "product": {
                                    "name": "vers:unknown/v0.8.0",
                                    "product_id": "CSAFPID-5753002"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.8.1",
                                "product": {
                                    "name": "vers:unknown/v0.8.1",
                                    "product_id": "CSAFPID-5753003"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.8.2",
                                "product": {
                                    "name": "vers:unknown/v0.8.2",
                                    "product_id": "CSAFPID-5753004"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.8.3",
                                "product": {
                                    "name": "vers:unknown/v0.8.3",
                                    "product_id": "CSAFPID-5753005"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.9.0",
                                "product": {
                                    "name": "vers:unknown/v0.9.0",
                                    "product_id": "CSAFPID-5753006"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v2.3.0",
                                "product": {
                                    "name": "vers:unknown/v2.3.0",
                                    "product_id": "CSAFPID-5748641"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v2.3.1",
                                "product": {
                                    "name": "vers:unknown/v2.3.1",
                                    "product_id": "CSAFPID-5748642"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "hex"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:git/eb327f8edfe45507351e38cc0805aa12fa647f0b|<cdf726095bca85ad2549d146df1e831ae93c2b13",
                                "product": {
                                    "name": "vers:git/eb327f8edfe45507351e38cc0805aa12fa647f0b|<cdf726095bca85ad2549d146df1e831ae93c2b13",
                                    "product_id": "CSAFPID-5736073",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:hexpm:hex_core:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:purl/pkg:hex/hex_core@0.1.0|<pkg:hex/hex_core@0.12.1",
                                "product": {
                                    "name": "vers:purl/pkg:hex/hex_core@0.1.0|<pkg:hex/hex_core@0.12.1",
                                    "product_id": "CSAFPID-5736075",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:hexpm:hex_core:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/0.1.0|<0.12.1",
                                "product": {
                                    "name": "vers:semver/0.1.0|<0.12.1",
                                    "product_id": "CSAFPID-5736074",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:a:hexpm:hex_core:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.1.0",
                                "product": {
                                    "name": "vers:unknown/v0.1.0",
                                    "product_id": "CSAFPID-3312404"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.1.1",
                                "product": {
                                    "name": "vers:unknown/v0.1.1",
                                    "product_id": "CSAFPID-3312405"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.10.0",
                                "product": {
                                    "name": "vers:unknown/v0.10.0",
                                    "product_id": "CSAFPID-5748616"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.10.1",
                                "product": {
                                    "name": "vers:unknown/v0.10.1",
                                    "product_id": "CSAFPID-5748617"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.10.2",
                                "product": {
                                    "name": "vers:unknown/v0.10.2",
                                    "product_id": "CSAFPID-5748618"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.10.3",
                                "product": {
                                    "name": "vers:unknown/v0.10.3",
                                    "product_id": "CSAFPID-5748619"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.11.0",
                                "product": {
                                    "name": "vers:unknown/v0.11.0",
                                    "product_id": "CSAFPID-5748620"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.12.0",
                                "product": {
                                    "name": "vers:unknown/v0.12.0",
                                    "product_id": "CSAFPID-5748621"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.2.0",
                                "product": {
                                    "name": "vers:unknown/v0.2.0",
                                    "product_id": "CSAFPID-3312406"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.2.1",
                                "product": {
                                    "name": "vers:unknown/v0.2.1",
                                    "product_id": "CSAFPID-3312407"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.3.0",
                                "product": {
                                    "name": "vers:unknown/v0.3.0",
                                    "product_id": "CSAFPID-3312408"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.4.0",
                                "product": {
                                    "name": "vers:unknown/v0.4.0",
                                    "product_id": "CSAFPID-5748622"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.5.0",
                                "product": {
                                    "name": "vers:unknown/v0.5.0",
                                    "product_id": "CSAFPID-5748623"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.0",
                                "product": {
                                    "name": "vers:unknown/v0.6.0",
                                    "product_id": "CSAFPID-5748624"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.1",
                                "product": {
                                    "name": "vers:unknown/v0.6.1",
                                    "product_id": "CSAFPID-5748625"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.3",
                                "product": {
                                    "name": "vers:unknown/v0.6.3",
                                    "product_id": "CSAFPID-5748626"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.4",
                                "product": {
                                    "name": "vers:unknown/v0.6.4",
                                    "product_id": "CSAFPID-5748627"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.5",
                                "product": {
                                    "name": "vers:unknown/v0.6.5",
                                    "product_id": "CSAFPID-5748628"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.6",
                                "product": {
                                    "name": "vers:unknown/v0.6.6",
                                    "product_id": "CSAFPID-5748629"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.7",
                                "product": {
                                    "name": "vers:unknown/v0.6.7",
                                    "product_id": "CSAFPID-5748630"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.8",
                                "product": {
                                    "name": "vers:unknown/v0.6.8",
                                    "product_id": "CSAFPID-5748631"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.6.9",
                                "product": {
                                    "name": "vers:unknown/v0.6.9",
                                    "product_id": "CSAFPID-5748632"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.7.0",
                                "product": {
                                    "name": "vers:unknown/v0.7.0",
                                    "product_id": "CSAFPID-5748633"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.7.1",
                                "product": {
                                    "name": "vers:unknown/v0.7.1",
                                    "product_id": "CSAFPID-5748634"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.8.0",
                                "product": {
                                    "name": "vers:unknown/v0.8.0",
                                    "product_id": "CSAFPID-5748635"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.8.1",
                                "product": {
                                    "name": "vers:unknown/v0.8.1",
                                    "product_id": "CSAFPID-5748636"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.8.2",
                                "product": {
                                    "name": "vers:unknown/v0.8.2",
                                    "product_id": "CSAFPID-5748637"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.8.3",
                                "product": {
                                    "name": "vers:unknown/v0.8.3",
                                    "product_id": "CSAFPID-5748638"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.8.4",
                                "product": {
                                    "name": "vers:unknown/v0.8.4",
                                    "product_id": "CSAFPID-5748639"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/v0.9.0",
                                "product": {
                                    "name": "vers:unknown/v0.9.0",
                                    "product_id": "CSAFPID-5748640"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "hex_core"
                    }
                ],
                "category": "vendor",
                "name": "hexpm"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:deb/unknown",
                                        "product": {
                                            "name": "vers:deb/unknown",
                                            "product_id": "CSAFPID-5770841"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "rebar3"
                            }
                        ],
                        "category": "product_family",
                        "name": "bookworm"
                    }
                ],
                "category": "vendor",
                "name": "Debian"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:unknown/3.18.0-1",
                                        "product": {
                                            "name": "vers:unknown/3.18.0-1",
                                            "product_id": "CSAFPID-5918268",
                                            "product_identification_helper": {
                                                "purl": "pkg:deb/ubuntu/rebar3@3.18.0-1?arch=source&distro=jammy"
                                            }
                                        }
                                    },
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:unknown/>=0",
                                        "product": {
                                            "name": "vers:unknown/>=0",
                                            "product_id": "CSAFPID-5918269"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "rebar3"
                            }
                        ],
                        "category": "product_family",
                        "name": "Ubuntu:22.04:LTS"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:unknown/3.19.0-1",
                                        "product": {
                                            "name": "vers:unknown/3.19.0-1",
                                            "product_id": "CSAFPID-5918270",
                                            "product_identification_helper": {
                                                "purl": "pkg:deb/ubuntu/rebar3@3.19.0-1?arch=source&distro=noble"
                                            }
                                        }
                                    },
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:unknown/>=0",
                                        "product": {
                                            "name": "vers:unknown/>=0",
                                            "product_id": "CSAFPID-5918271"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "rebar3"
                            }
                        ],
                        "category": "product_family",
                        "name": "Ubuntu:24.04:LTS"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:unknown/3.23.0-3",
                                        "product": {
                                            "name": "vers:unknown/3.23.0-3",
                                            "product_id": "CSAFPID-5918272",
                                            "product_identification_helper": {
                                                "purl": "pkg:deb/ubuntu/rebar3@3.23.0-3?arch=source&distro=questing"
                                            }
                                        }
                                    },
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:unknown/3.24.0-1",
                                        "product": {
                                            "name": "vers:unknown/3.24.0-1",
                                            "product_id": "CSAFPID-5918273",
                                            "product_identification_helper": {
                                                "purl": "pkg:deb/ubuntu/rebar3@3.24.0-1?arch=source&distro=questing"
                                            }
                                        }
                                    },
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:unknown/>=0",
                                        "product": {
                                            "name": "vers:unknown/>=0",
                                            "product_id": "CSAFPID-5918274"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "rebar3"
                            }
                        ],
                        "category": "product_family",
                        "name": "Ubuntu:25.10"
                    }
                ],
                "category": "vendor",
                "name": "Ubuntu"
            }
        ]
    },
    "vulnerabilities": [
        {
            "cve": "CVE-2026-21619",
            "cwe": {
                "id": "CWE-502",
                "name": "Deserialization of Untrusted Data"
            },
            "notes": [
                {
                    "category": "description",
                    "text": "Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4.\n\nThis issue affects hex_core: from 0.1.0 before 0.12.1; hex: from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0.",
                    "title": "nvd - https://nvd.nist.gov/vuln/detail/CVE-2026-21619"
                },
                {
                    "category": "description",
                    "text": "Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4.\n\nThis issue affects hex_core: from 0.1.0 before 0.12.1; hex: from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0.",
                    "title": "cveprojectv5 - https://www.cve.org/CVERecord?id=CVE-2026-21619"
                },
                {
                    "category": "description",
                    "text": "Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4.\n\nThis issue affects hex_core: from 0.1.0 before 0.12.1; hex: from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0.",
                    "title": "osv - https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/GIT%2FEEF-CVE-2026-21619.json?alt=media"
                },
                {
                    "category": "description",
                    "text": "### Impact\n\nThe Hex client (`hex_core`) deserializes Erlang terms received from the Hex API using `binary_to_term/1` without sufficient restrictions.\n\nIf an attacker can control the HTTP response body returned by the Hex API, this allows denial-of-service attacks such as **atom table exhaustion**, leading to a VM crash. No released versions are known to allow remote code execution.\n\n### Patches\n\n* https://github.com/hexpm/hex_core/commit/cdf726095bca85ad2549d146df1e831ae93c2b13\n* https://github.com/hexpm/hex/commit/636739f3322514e9303ca335fb630696fcbb3c95\n* https://github.com/erlang/rebar3/commit/1d4478f527e373de0b225951e53115450e0d9b9d\n\n### Workarounds\n\nEnsure that the Hex API URL (`HEX_API_URL`) points only to trusted endpoints. There is no client-side workaround that fully mitigates this issue without applying the patch.\n\n### Resources\n\n* hex_core Module: https://github.com/hexpm/hex_core/blob/main/src/hex_api.erl\n* Hex Vendored Module: https://github.com/hexpm/hex/blob/main/src/mix_hex_api.erl\n* Rebar3 Vendored Module: https://github.com/erlang/rebar3/blob/main/apps/rebar/src/vendored/r3_hex_api.erl\n* hex_core Patch: https://github.com/hexpm/hex_core/commit/cdf726095bca85ad2549d146df1e831ae93c2b13\n* Hex Vendored Patch: https://github.com/hexpm/hex/commit/636739f3322514e9303ca335fb630696fcbb3c95\n* Rebar3 Vendored Patch: https://github.com/erlang/rebar3/commit/1d4478f527e373de0b225951e53115450e0d9b9d",
                    "title": "github - https://github.com/advisories/GHSA-hx9w-f2w9-9g96"
                },
                {
                    "category": "description",
                    "text": "Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4.\n\nThis issue affects hex_core: from 0.1.0 before 0.12.1; hex: from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0.",
                    "title": "osv - https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/GIT%2FCVE-2026-21619.json?alt=media"
                },
                {
                    "category": "description",
                    "text": "Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4.  This issue affects hex_core: from 0.1.0 before 0.12.1; hex: from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0.",
                    "title": "debian - https://security-tracker.debian.org/tracker/CVE-2026-21619"
                },
                {
                    "category": "description",
                    "text": "Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4.\n\nThis issue affects hex_core: from 0.1.0 before 0.12.1; hex: from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0.",
                    "title": "nvd - https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-21619"
                },
                {
                    "category": "description",
                    "text": "Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4. This issue affects hex_core: from 0.1.0 before 0.12.1; hex: from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0.",
                    "title": "osv - https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/Ubuntu%2FUBUNTU-CVE-2026-21619.json?alt=media"
                },
                {
                    "category": "other",
                    "text": "0.00018",
                    "title": "EPSS"
                },
                {
                    "category": "other",
                    "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
                    "title": "CVSSV4"
                },
                {
                    "category": "other",
                    "text": "2.0",
                    "title": "CVSSV4 base score"
                },
                {
                    "category": "other",
                    "text": "4.5",
                    "title": "NCSC Score"
                },
                {
                    "category": "other",
                    "text": "Is related to CWE-400 (Uncontrolled Resource Consumption), There is product data available from source Nvd",
                    "title": "NCSC Score top increasing factors"
                },
                {
                    "category": "other",
                    "text": "The value of the most recent EPSS score, Is related to CWE-502 (Deserialization of Untrusted Data)",
                    "title": "NCSC Score top decreasing factors"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-5736073",
                    "CSAFPID-5736074",
                    "CSAFPID-5736075",
                    "CSAFPID-5736076",
                    "CSAFPID-5736077",
                    "CSAFPID-5736078",
                    "CSAFPID-5736079",
                    "CSAFPID-5736080",
                    "CSAFPID-5736081",
                    "CSAFPID-549046",
                    "CSAFPID-549052",
                    "CSAFPID-549053",
                    "CSAFPID-549058",
                    "CSAFPID-549062",
                    "CSAFPID-3312404",
                    "CSAFPID-3312405",
                    "CSAFPID-3312406",
                    "CSAFPID-3312407",
                    "CSAFPID-3312408",
                    "CSAFPID-5748616",
                    "CSAFPID-5748617",
                    "CSAFPID-5748618",
                    "CSAFPID-5748619",
                    "CSAFPID-5748620",
                    "CSAFPID-5748621",
                    "CSAFPID-5748622",
                    "CSAFPID-5748623",
                    "CSAFPID-5748624",
                    "CSAFPID-5748625",
                    "CSAFPID-5748626",
                    "CSAFPID-5748627",
                    "CSAFPID-5748628",
                    "CSAFPID-5748629",
                    "CSAFPID-5748630",
                    "CSAFPID-5748631",
                    "CSAFPID-5748632",
                    "CSAFPID-5748633",
                    "CSAFPID-5748634",
                    "CSAFPID-5748635",
                    "CSAFPID-5748636",
                    "CSAFPID-5748637",
                    "CSAFPID-5748638",
                    "CSAFPID-5748639",
                    "CSAFPID-5748640",
                    "CSAFPID-5748641",
                    "CSAFPID-5748642",
                    "CSAFPID-5748643",
                    "CSAFPID-5748644",
                    "CSAFPID-5748645",
                    "CSAFPID-5748646",
                    "CSAFPID-5748647",
                    "CSAFPID-5748648",
                    "CSAFPID-5748649",
                    "CSAFPID-5748650",
                    "CSAFPID-5748651",
                    "CSAFPID-5748652",
                    "CSAFPID-5748653",
                    "CSAFPID-5748654",
                    "CSAFPID-5748655",
                    "CSAFPID-5748656",
                    "CSAFPID-5748657",
                    "CSAFPID-5748658",
                    "CSAFPID-5748659",
                    "CSAFPID-5748660",
                    "CSAFPID-5748661",
                    "CSAFPID-5748662",
                    "CSAFPID-5748663",
                    "CSAFPID-5748664",
                    "CSAFPID-5752964",
                    "CSAFPID-5752965",
                    "CSAFPID-5752966",
                    "CSAFPID-5752967",
                    "CSAFPID-5752968",
                    "CSAFPID-5752969",
                    "CSAFPID-5752970",
                    "CSAFPID-5752971",
                    "CSAFPID-5752972",
                    "CSAFPID-5752973",
                    "CSAFPID-5752974",
                    "CSAFPID-5752975",
                    "CSAFPID-5752976",
                    "CSAFPID-5752977",
                    "CSAFPID-5752978",
                    "CSAFPID-5752979",
                    "CSAFPID-5752980",
                    "CSAFPID-5752981",
                    "CSAFPID-5752982",
                    "CSAFPID-5752983",
                    "CSAFPID-5752984",
                    "CSAFPID-5752985",
                    "CSAFPID-5752986",
                    "CSAFPID-5752987",
                    "CSAFPID-5752988",
                    "CSAFPID-5752989",
                    "CSAFPID-5752990",
                    "CSAFPID-5752991",
                    "CSAFPID-5752992",
                    "CSAFPID-5752993",
                    "CSAFPID-5752994",
                    "CSAFPID-5752995",
                    "CSAFPID-5752996",
                    "CSAFPID-5752997",
                    "CSAFPID-5752998",
                    "CSAFPID-5752999",
                    "CSAFPID-5753000",
                    "CSAFPID-5753001",
                    "CSAFPID-5753002",
                    "CSAFPID-5753003",
                    "CSAFPID-5753004",
                    "CSAFPID-5753005",
                    "CSAFPID-5753006",
                    "CSAFPID-5770841",
                    "CSAFPID-5896886",
                    "CSAFPID-5896887",
                    "CSAFPID-5896888",
                    "CSAFPID-5918268",
                    "CSAFPID-5918269",
                    "CSAFPID-5918270",
                    "CSAFPID-5918271",
                    "CSAFPID-5918272",
                    "CSAFPID-5918273",
                    "CSAFPID-5918274"
                ]
            },
            "references": [
                {
                    "category": "external",
                    "summary": "Source - nvd",
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21619"
                },
                {
                    "category": "external",
                    "summary": "Source raw - nvd",
                    "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-21619"
                },
                {
                    "category": "external",
                    "summary": "Source - cveprojectv5",
                    "url": "https://www.cve.org/CVERecord?id=CVE-2026-21619"
                },
                {
                    "category": "external",
                    "summary": "Source raw - cveprojectv5",
                    "url": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/21xxx/CVE-2026-21619.json"
                },
                {
                    "category": "external",
                    "summary": "Source - osv",
                    "url": "https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/GIT%2FEEF-CVE-2026-21619.json?alt=media"
                },
                {
                    "category": "external",
                    "summary": "Source - first",
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21619"
                },
                {
                    "category": "external",
                    "summary": "Source raw - first",
                    "url": "https://api.first.org/data/v1/epss?limit=10000&offset=0"
                },
                {
                    "category": "external",
                    "summary": "Source - github",
                    "url": "https://github.com/advisories/GHSA-hx9w-f2w9-9g96"
                },
                {
                    "category": "external",
                    "summary": "Source raw - github",
                    "url": "https://api.github.com/advisories/GHSA-hx9w-f2w9-9g96"
                },
                {
                    "category": "external",
                    "summary": "Source - osv",
                    "url": "https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/GIT%2FCVE-2026-21619.json?alt=media"
                },
                {
                    "category": "external",
                    "summary": "Source - debian",
                    "url": "https://security-tracker.debian.org/tracker/CVE-2026-21619"
                },
                {
                    "category": "external",
                    "summary": "Source - first",
                    "url": "https://api.first.org/data/v1/epss?limit=10000&offset=0"
                },
                {
                    "category": "external",
                    "summary": "Source - nvd",
                    "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-21619"
                },
                {
                    "category": "external",
                    "summary": "Source - osv",
                    "url": "https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/Ubuntu%2FUBUNTU-CVE-2026-21619.json?alt=media"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; github; nvd; osv",
                    "url": "https://github.com/erlang/rebar3/commit/1d4478f527e373de0b225951e53115450e0d9b9d"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; github; nvd; osv",
                    "url": "https://github.com/hexpm/hex/commit/636739f3322514e9303ca335fb630696fcbb3c95"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; github; nvd; osv",
                    "url": "https://github.com/hexpm/hex_core/commit/cdf726095bca85ad2549d146df1e831ae93c2b13"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; github; nvd; osv",
                    "url": "https://github.com/hexpm/hex_core/security/advisories/GHSA-hx9w-f2w9-9g96"
                },
                {
                    "category": "external",
                    "summary": "Reference - github",
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21619"
                },
                {
                    "category": "external",
                    "summary": "Reference - github",
                    "url": "https://github.com/advisories/GHSA-hx9w-f2w9-9g96"
                },
                {
                    "category": "external",
                    "summary": "Reference - osv",
                    "url": "https://ubuntu.com/security/CVE-2026-21619"
                },
                {
                    "category": "external",
                    "summary": "Reference - osv",
                    "url": "https://www.cve.org/CVERecord?id=CVE-2026-21619"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-3312404",
                        "CSAFPID-3312405",
                        "CSAFPID-3312406",
                        "CSAFPID-3312407",
                        "CSAFPID-3312408",
                        "CSAFPID-549046",
                        "CSAFPID-549052",
                        "CSAFPID-549053",
                        "CSAFPID-549058",
                        "CSAFPID-549062",
                        "CSAFPID-5736073",
                        "CSAFPID-5736074",
                        "CSAFPID-5736075",
                        "CSAFPID-5736076",
                        "CSAFPID-5736077",
                        "CSAFPID-5736078",
                        "CSAFPID-5736079",
                        "CSAFPID-5736080",
                        "CSAFPID-5736081",
                        "CSAFPID-5748616",
                        "CSAFPID-5748617",
                        "CSAFPID-5748618",
                        "CSAFPID-5748619",
                        "CSAFPID-5748620",
                        "CSAFPID-5748621",
                        "CSAFPID-5748622",
                        "CSAFPID-5748623",
                        "CSAFPID-5748624",
                        "CSAFPID-5748625",
                        "CSAFPID-5748626",
                        "CSAFPID-5748627",
                        "CSAFPID-5748628",
                        "CSAFPID-5748629",
                        "CSAFPID-5748630",
                        "CSAFPID-5748631",
                        "CSAFPID-5748632",
                        "CSAFPID-5748633",
                        "CSAFPID-5748634",
                        "CSAFPID-5748635",
                        "CSAFPID-5748636",
                        "CSAFPID-5748637",
                        "CSAFPID-5748638",
                        "CSAFPID-5748639",
                        "CSAFPID-5748640",
                        "CSAFPID-5748641",
                        "CSAFPID-5748642",
                        "CSAFPID-5748643",
                        "CSAFPID-5748644",
                        "CSAFPID-5748645",
                        "CSAFPID-5748646",
                        "CSAFPID-5748647",
                        "CSAFPID-5748648",
                        "CSAFPID-5748649",
                        "CSAFPID-5748650",
                        "CSAFPID-5748651",
                        "CSAFPID-5748652",
                        "CSAFPID-5748653",
                        "CSAFPID-5748654",
                        "CSAFPID-5748655",
                        "CSAFPID-5748656",
                        "CSAFPID-5748657",
                        "CSAFPID-5748658",
                        "CSAFPID-5748659",
                        "CSAFPID-5748660",
                        "CSAFPID-5748661",
                        "CSAFPID-5748662",
                        "CSAFPID-5748663",
                        "CSAFPID-5748664",
                        "CSAFPID-5752964",
                        "CSAFPID-5752965",
                        "CSAFPID-5752966",
                        "CSAFPID-5752967",
                        "CSAFPID-5752968",
                        "CSAFPID-5752969",
                        "CSAFPID-5752970",
                        "CSAFPID-5752971",
                        "CSAFPID-5752972",
                        "CSAFPID-5752973",
                        "CSAFPID-5752974",
                        "CSAFPID-5752975",
                        "CSAFPID-5752976",
                        "CSAFPID-5752977",
                        "CSAFPID-5752978",
                        "CSAFPID-5752979",
                        "CSAFPID-5752980",
                        "CSAFPID-5752981",
                        "CSAFPID-5752982",
                        "CSAFPID-5752983",
                        "CSAFPID-5752984",
                        "CSAFPID-5752985",
                        "CSAFPID-5752986",
                        "CSAFPID-5752987",
                        "CSAFPID-5752988",
                        "CSAFPID-5752989",
                        "CSAFPID-5752990",
                        "CSAFPID-5752991",
                        "CSAFPID-5752992",
                        "CSAFPID-5752993",
                        "CSAFPID-5752994",
                        "CSAFPID-5752995",
                        "CSAFPID-5752996",
                        "CSAFPID-5752997",
                        "CSAFPID-5752998",
                        "CSAFPID-5752999",
                        "CSAFPID-5753000",
                        "CSAFPID-5753001",
                        "CSAFPID-5753002",
                        "CSAFPID-5753003",
                        "CSAFPID-5753004",
                        "CSAFPID-5753005",
                        "CSAFPID-5753006",
                        "CSAFPID-5770841",
                        "CSAFPID-5896886",
                        "CSAFPID-5896887",
                        "CSAFPID-5896888",
                        "CSAFPID-5918268",
                        "CSAFPID-5918269",
                        "CSAFPID-5918270",
                        "CSAFPID-5918271",
                        "CSAFPID-5918272",
                        "CSAFPID-5918273",
                        "CSAFPID-5918274"
                    ]
                }
            ],
            "title": "CVE-2026-21619"
        }
    ]
}