{"id":"ECHO-3d92-841b-34e6","upstream":["CVE-2026-2903"],"severity":[],"modified":"2026-03-26T10:49:59.206Z","affected":[{"package":{"ecosystem":"Echo","name":"re2c"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.1-1+e1"}]}]}],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-2903"},{"type":"WEB","url":"https://www.cve.org/CVERecord?id=CVE-2026-2903"}]}