{"id":"ECHO-d166-5c0f-238b","modified":"2026-03-16T10:00:05.563318Z","published":"2026-03-13T04:09:18.808814Z","upstream":["CVE-2026-3950"],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-3950"}],"affected":[{"package":{"name":"libheif","ecosystem":"Echo","purl":"pkg:deb/echo/libheif"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1"}]}],"database_specific":{"source":"https://advisory.echohq.com/osv/ECHO-d166-5c0f-238b.json"}}],"schema_version":"1.7.5"}