NHSDigital · JackSpagnoliNHS · Apr 24, 2026 · Apr 24, 2026 · Apr 27, 2026 · Apr 27, 2026
diff --git a/.grype.yaml b/.grype.yaml
@@ -38,6 +38,15 @@ ignore:
   - vulnerability: CVE-2026-6100
   - vulnerability: CVE-2026-4786
   - vulnerability: GHSA-pc3f-x583-g7j2
+  - vulnerability: CVE-2026-3298
+  - vulnerability: GHSA-q339-8rmv-2mhv
+    package:
+      name: erb
+      version: 4.0.3
+  - vulnerability: GHSA-mh2q-q3fh-2475
+    package:
+      name: go.opentelemetry.io/otel
+      version: v1.40.0
 # node_24 vulnerabilities
   - vulnerability: GHSA-c2c7-rcm5-vvqj
   - vulnerability: GHSA-7r86-cg39-jmmj
@@ -53,8 +62,24 @@ ignore:
   - vulnerability: GHSA-2599-h6xx-hpxp
 # eps-storage-terraform vulnerabilities
   - vulnerability: CVE-2025-68119
+  - vulnerability: GHSA-mh2q-q3fh-2475
+    package:
+      name: go.opentelemetry.io/otel
+      version: v1.38.0
+  - vulnerability: GHSA-mh2q-q3fh-2475
+    package:
+      name: go.opentelemetry.io/otel
+      version: v1.39.0
 # eps-data-extract vulnerabilities
   - vulnerability: GHSA-6fmv-xxpf-w3cw
+  - vulnerability: CVE-2026-34282
+    package:
+      name: openjdk
+      version: 17.0.18+8
+  - vulnerability: CVE-2026-22016
+    package:
+      name: openjdk
+      version: 17.0.18+8
 # fhir-facade vulnerabilities
   - vulnerability: CVE-2022-26485
   - vulnerability: CVE-2022-26486
@@ -70,10 +95,33 @@ ignore:
   - vulnerability: CVE-2025-53066
   - vulnerability: CVE-2026-21945
   - vulnerability: CVE-2026-21932
+    package:
+      name: openjdk
+      version: 20.0.2+9-78
+  - vulnerability: CVE-2026-22016
+    package:
+      name: openjdk
+      version: 20.0.2+9-78
+  - vulnerability: CVE-2026-34282
+    package:
+      name: jdk
+      version: 20.0.2+9-78
+  - vulnerability: CVE-2026-22016
+    package:
+      name: jdk
+      version: 20.0.2+9-78
 # node-24_python_3_14_java_24 vulnerabilities
   - vulnerability: GHSA-6fmv-xxpf-w3cw
   - vulnerability: CVE-2025-53066
   - vulnerability: CVE-2026-21945
   - vulnerability: CVE-2026-21932
   - vulnerability: CVE-2026-27143
   - vulnerability: CVE-2026-27144
+  - vulnerability: CVE-2026-34282
+    package:
+      name: openjdk
+      version: 24.0.2+12
+  - vulnerability: CVE-2026-22016
+    package:
+      name: openjdk
+      version: 24.0.2+12