{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:c729ccc1-0d10-57ac-adf8-2861b54a8274",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:npm/protobufjs@7.4.0",
      "type": "library",
      "name": "protobufjs",
      "version": "7.4.0",
      "purl": "pkg:npm/protobufjs@7.4.0"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:4012b167-80d4-5a0d-a61f-069344101776",
      "id": "CVE-2026-41242",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41242 affects version 7.4.0 of protobufjs."
      },
      "affects": [
        {
          "ref": "pkg:npm/protobufjs@7.4.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cc4c7c5f-669d-5778-94f5-2b34f767306d",
      "id": "CVE-2026-44288",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-44288 affects version 7.4.0 of protobufjs."
      },
      "affects": [
        {
          "ref": "pkg:npm/protobufjs@7.4.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c89d5e97-c4aa-5fbb-bd71-3cc57f8ac5d2",
      "id": "CVE-2026-44289",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-44289 affects version 7.4.0 of protobufjs."
      },
      "affects": [
        {
          "ref": "pkg:npm/protobufjs@7.4.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bd5636af-0407-50d1-aaa7-dee32e1016f7",
      "id": "CVE-2026-44290",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-44290 affects version 7.4.0 of protobufjs."
      },
      "affects": [
        {
          "ref": "pkg:npm/protobufjs@7.4.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:231262af-f789-557c-ae88-c387c73bb908",
      "id": "CVE-2026-44291",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-44291 affects version 7.4.0 of protobufjs."
      },
      "affects": [
        {
          "ref": "pkg:npm/protobufjs@7.4.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bfb7192d-f57f-58ca-8680-b64c49364b0b",
      "id": "CVE-2026-44292",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-44292 affects version 7.4.0 of protobufjs."
      },
      "affects": [
        {
          "ref": "pkg:npm/protobufjs@7.4.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1ca3c780-c0a8-57ff-904a-f5b9f83fd31c",
      "id": "CVE-2026-44293",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-44293 affects version 7.4.0 of protobufjs."
      },
      "affects": [
        {
          "ref": "pkg:npm/protobufjs@7.4.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:19dfba57-eaa7-5fc7-a459-e13ece7b07b8",
      "id": "CVE-2026-44294",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-44294 affects version 7.4.0 of protobufjs."
      },
      "affects": [
        {
          "ref": "pkg:npm/protobufjs@7.4.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f4680856-7949-58d7-bd50-54fcba7d1158",
      "id": "CVE-2026-45740",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-45740 affects version 7.4.0 of protobufjs."
      },
      "affects": [
        {
          "ref": "pkg:npm/protobufjs@7.4.0"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:npm/protobufjs@7.4.0"
    }
  ]
}