Anchore Data Service Release Notes - Version 0.26.0 (2026-02-10)
Anchore Data Service v0.26.0 - 2026-02-10
Core Components
| name | version |
|---|---|
| vunnel | v0.51.0 |
| grype-db | v0.51.0 |
Improvements
The
alpinedata provider now accounts for the Alpine Linux security rejections, therefore reducing false positive matches for that ecosystem [#1023]The
nvddata provider now merges in additional reference URLs from the Anchore Curated Vulnerability dataset [#1036]The
githubdata provider passes additional reference URLs and both CVSS 3.x and CVSS 4.x scores through to the vulnerability database [#1032, #863]
Features
Enabled the
bitnamidata provider which pulls in data from the Bitnami Vulnerability database [#512, #2538, #217]Enabled the
echodata provider which pulls in data from the Echo Advisory database[#815, #572, #2647]Enabled the
minimosdata provider which pulls in data from the MinimOS Advisory database [#814, #566, #2627]
Additional Notes
The following additional data sources have also been enabled and will be compiled into the vulnerability database; however, these will not currently be matched against by a released version of Anchore Enterprise. Matching support for these will be added in a future release.
- secureos - SecureOS Advisory database
- arch - Arch Linux Security advisories
- Erlang/Elixir ecosystem from GitHub Security Advisories