diff --git a/.trivyignore b/.trivyignore
index a4acafd48..fc7effd2b 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -11,6 +11,9 @@ CVE-2025-68973 exp:2026-06-15
 # gnutls DoS vulnerability via crafted ClientHello - not impactful as gnutls is not used by our Java service
 # See: UID2-6655
 CVE-2026-1584 exp:2026-08-27
+# gnutls DoS vulnerability via DTLS zero-length record - not impactful as gnutls is not used by our Java service
+# See: UID2-7008
+CVE-2026-33845 exp:2026-11-04
 
 # jackson-core async parser DoS - not exploitable, services only use synchronous ObjectMapper API
 # See: UID2-6670