{"id":"ECHO-3af7-0bd3-2a49","modified":"2026-03-17T14:15:09.570462Z","published":"2026-03-17T10:15:05.230073Z","upstream":["CVE-2026-32778"],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-32778"},{"type":"WEB","url":"https://www.cve.org/CVERecord?id=CVE-2026-32778"}],"affected":[{"package":{"name":"expat","ecosystem":"Echo","purl":"pkg:deb/echo/expat"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.4-1+e2"}]}],"database_specific":{"source":"https://advisory.echohq.com/osv/ECHO-3af7-0bd3-2a49.json"}}],"schema_version":"1.7.5"}