diff --git a/.trivyignore b/.trivyignore
index ba684ed7..378a143d 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -13,6 +13,9 @@ CVE-2025-1686
 # gnutls DoS vulnerability via crafted ClientHello - not impactful as gnutls is not used by our Java service
 # See: UID2-6655
 CVE-2026-1584 exp:2026-08-27
+# gnutls DoS vulnerability via DTLS zero-length record - not impactful as gnutls is not used by our Java service
+# See: UID2-7008
+CVE-2026-33845 exp:2026-11-04
 
 # jackson-core async parser DoS - not exploitable, services only use synchronous ObjectMapper API
 # See: UID2-6670