DataDog · Kaycell · Dec 16, 2025 · Dec 15, 2025
@@ -29996,6 +29996,13 @@ components:
     Library:
       description: Vulnerability library.
       properties:
+        additional_names:
+          description: Related library or package names (such as child packages or
+            affected binary paths).
+          items:
+            example: linux-tools-common
+            type: string
+          type: array
         name:
           description: Vulnerability library name.
           example: linux-aws-5.15
@@ -57371,6 +57378,12 @@ components:
           type: array
         risks:
           $ref: '#/components/schemas/VulnerabilityRisks'
+        running_kernel:
+          description: "True if the vulnerability affects a package in the host\u2019s
+            running kernel, false if it affects a non-running kernel, and omit if
+            it is not kernel-related."
+          example: true
+          type: boolean
         status:
           $ref: '#/components/schemas/VulnerabilityStatus'
         title:
@@ -57431,10 +57444,15 @@ components:
       - RubyGems
       - Go
       - Packagist
-      - Ddeb
+      - Deb
       - Rpm
       - Apk
       - Windows
+      - Generic
+      - MacOs
+      - Oci
+      - BottleRocket
+      - None
       type: string
       x-enum-varnames:
       - PYPI
@@ -57444,10 +57462,15 @@ components:
       - RUBY_GEMS
       - GO
       - PACKAGIST
-      - D_DEB
+      - DEB
       - RPM
       - APK
       - WINDOWS
+      - GENERIC
+      - MAC_OS
+      - OCI
+      - BOTTLE_ROCKET
+      - NONE
     VulnerabilityRelationships:
       description: Related entities object.
       properties:
@@ -57548,12 +57571,14 @@ components:
       - IAST
       - SCA
       - Infra
+      - SAST
       example: SCA
       type: string
       x-enum-varnames:
       - IAST
       - SCA
       - INFRA
+      - SAST
     VulnerabilityType:
       description: The vulnerability type.
       enum:
@@ -80311,6 +80336,10 @@ paths:
       summary: List assets SBOMs
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -80382,6 +80411,10 @@ paths:
       summary: Get SBOM
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -80496,6 +80529,10 @@ paths:
       summary: List scanned assets metadata
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -80924,6 +80961,14 @@ paths:
         required: false
         schema:
           type: string
+      - description: Filter for whether the vulnerability affects a running kernel
+          (for vulnerabilities related to a `Host` asset).
+        example: true
+        in: query
+        name: filter[running_kernel]
+        required: false
+        schema:
+          type: boolean
       - description: Filter by asset name. This field supports the usage of wildcards
           (*).
         example: datadog-agent
@@ -81067,6 +81112,10 @@ paths:
       summary: List vulnerabilities
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -81425,6 +81474,10 @@ paths:
       summary: List vulnerable assets
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -84562,8 +84615,8 @@ paths:
       x-unstable: '**Note**: This endpoint may be subject to changes.'
   /api/v2/static-analysis/secrets/rules:
     get:
-      description: Returns list of Secrets rules with ID, Pattern, Description, Priority,
-        and SDS ID
+      description: Returns a list of Secrets rules with ID, Pattern, Description,
+        Priority, and SDS ID.
       operationId: GetSecretsRules
       responses:
         '200':
@@ -84579,7 +84632,7 @@ paths:
         appKeyAuth: []
       - AuthZ:
         - code_analysis_read
-      summary: Returns list of Secrets rules
+      summary: Returns a list of Secrets rules
       tags:
       - Security Monitoring
       x-unstable: '**Note**: This endpoint may be subject to changes.'

@@ -1,4 +1,4 @@
-// Returns list of Secrets rules returns "OK" response
+// Returns a list of Secrets rules returns "OK" response
 
 import com.datadog.api.client.ApiClient;
 import com.datadog.api.client.ApiException;

@@ -4879,7 +4879,7 @@ public CompletableFuture<ApiResponse<GetSBOMResponse>> getSBOMWithHttpInfoAsync(
   }
 
   /**
-   * Returns list of Secrets rules.
+   * Returns a list of Secrets rules.
    *
    * <p>See {@link #getSecretsRulesWithHttpInfo}.
    *
@@ -4891,7 +4891,7 @@ public SecretRuleArray getSecretsRules() throws ApiException {
   }
 
   /**
-   * Returns list of Secrets rules.
+   * Returns a list of Secrets rules.
    *
    * <p>See {@link #getSecretsRulesWithHttpInfoAsync}.
    *
@@ -4906,7 +4906,7 @@ public CompletableFuture<SecretRuleArray> getSecretsRulesAsync() {
   }
 
   /**
-   * Returns list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID
+   * Returns a list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID.
    *
    * @return ApiResponse&lt;SecretRuleArray&gt;
    * @throws ApiException if fails to make API call
@@ -4953,7 +4953,7 @@ public ApiResponse<SecretRuleArray> getSecretsRulesWithHttpInfo() throws ApiExce
   }
 
   /**
-   * Returns list of Secrets rules.
+   * Returns a list of Secrets rules.
    *
    * <p>See {@link #getSecretsRulesWithHttpInfo}.
    *
@@ -9689,6 +9689,7 @@ public static class ListVulnerabilitiesOptionalParameters {
     private Boolean filterFixAvailable;
     private String filterRepoDigests;
     private String filterOrigin;
+    private Boolean filterRunningKernel;
     private String filterAssetName;
     private AssetType filterAssetType;
     private String filterAssetVersionFirst;
@@ -10022,6 +10023,18 @@ public ListVulnerabilitiesOptionalParameters filterOrigin(String filterOrigin) {
       return this;
     }
 
+    /**
+     * Set filterRunningKernel.
+     *
+     * @param filterRunningKernel Filter for whether the vulnerability affects a running kernel (for
+     *     vulnerabilities related to a <code>Host</code> asset). (optional)
+     * @return ListVulnerabilitiesOptionalParameters
+     */
+    public ListVulnerabilitiesOptionalParameters filterRunningKernel(Boolean filterRunningKernel) {
+      this.filterRunningKernel = filterRunningKernel;
+      return this;
+    }
+
     /**
      * Set filterAssetName.
      *
@@ -10431,6 +10444,7 @@ public ApiResponse<ListVulnerabilitiesResponse> listVulnerabilitiesWithHttpInfo(
     Boolean filterFixAvailable = parameters.filterFixAvailable;
     String filterRepoDigests = parameters.filterRepoDigests;
     String filterOrigin = parameters.filterOrigin;
+    Boolean filterRunningKernel = parameters.filterRunningKernel;
     String filterAssetName = parameters.filterAssetName;
     AssetType filterAssetType = parameters.filterAssetType;
     String filterAssetVersionFirst = parameters.filterAssetVersionFirst;
@@ -10506,6 +10520,8 @@ public ApiResponse<ListVulnerabilitiesResponse> listVulnerabilitiesWithHttpInfo(
     localVarQueryParams.addAll(
         apiClient.parameterToPairs("", "filter[repo_digests]", filterRepoDigests));
     localVarQueryParams.addAll(apiClient.parameterToPairs("", "filter[origin]", filterOrigin));
+    localVarQueryParams.addAll(
+        apiClient.parameterToPairs("", "filter[running_kernel]", filterRunningKernel));
     localVarQueryParams.addAll(
         apiClient.parameterToPairs("", "filter[asset.name]", filterAssetName));
     localVarQueryParams.addAll(
@@ -10617,6 +10633,7 @@ public ApiResponse<ListVulnerabilitiesResponse> listVulnerabilitiesWithHttpInfo(
     Boolean filterFixAvailable = parameters.filterFixAvailable;
     String filterRepoDigests = parameters.filterRepoDigests;
     String filterOrigin = parameters.filterOrigin;
+    Boolean filterRunningKernel = parameters.filterRunningKernel;
     String filterAssetName = parameters.filterAssetName;
     AssetType filterAssetType = parameters.filterAssetType;
     String filterAssetVersionFirst = parameters.filterAssetVersionFirst;
@@ -10692,6 +10709,8 @@ public ApiResponse<ListVulnerabilitiesResponse> listVulnerabilitiesWithHttpInfo(
     localVarQueryParams.addAll(
         apiClient.parameterToPairs("", "filter[repo_digests]", filterRepoDigests));
     localVarQueryParams.addAll(apiClient.parameterToPairs("", "filter[origin]", filterOrigin));
+    localVarQueryParams.addAll(
+        apiClient.parameterToPairs("", "filter[running_kernel]", filterRunningKernel));
     localVarQueryParams.addAll(
         apiClient.parameterToPairs("", "filter[asset.name]", filterAssetName));
     localVarQueryParams.addAll(

@@ -13,16 +13,25 @@
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 
 /** Vulnerability library. */
-@JsonPropertyOrder({Library.JSON_PROPERTY_NAME, Library.JSON_PROPERTY_VERSION})
+@JsonPropertyOrder({
+  Library.JSON_PROPERTY_ADDITIONAL_NAMES,
+  Library.JSON_PROPERTY_NAME,
+  Library.JSON_PROPERTY_VERSION
+})
 @jakarta.annotation.Generated(
     value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator")
 public class Library {
   @JsonIgnore public boolean unparsed = false;
+  public static final String JSON_PROPERTY_ADDITIONAL_NAMES = "additional_names";
+  private List<String> additionalNames = null;
+
   public static final String JSON_PROPERTY_NAME = "name";
   private String name;
 
@@ -36,6 +45,35 @@ public Library(@JsonProperty(required = true, value = JSON_PROPERTY_NAME) String
     this.name = name;
   }
 
+  public Library additionalNames(List<String> additionalNames) {
+    this.additionalNames = additionalNames;
+    return this;
+  }
+
+  public Library addAdditionalNamesItem(String additionalNamesItem) {
+    if (this.additionalNames == null) {
+      this.additionalNames = new ArrayList<>();
+    }
+    this.additionalNames.add(additionalNamesItem);
+    return this;
+  }
+
+  /**
+   * Related library or package names (such as child packages or affected binary paths).
+   *
+   * @return additionalNames
+   */
+  @jakarta.annotation.Nullable
+  @JsonProperty(JSON_PROPERTY_ADDITIONAL_NAMES)
+  @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
+  public List<String> getAdditionalNames() {
+    return additionalNames;
+  }
+
+  public void setAdditionalNames(List<String> additionalNames) {
+    this.additionalNames = additionalNames;
+  }
+
   public Library name(String name) {
     this.name = name;
     return this;
@@ -133,20 +171,22 @@ public boolean equals(Object o) {
       return false;
     }
     Library library = (Library) o;
-    return Objects.equals(this.name, library.name)
+    return Objects.equals(this.additionalNames, library.additionalNames)
+        && Objects.equals(this.name, library.name)
         && Objects.equals(this.version, library.version)
         && Objects.equals(this.additionalProperties, library.additionalProperties);
   }
 
   @Override
   public int hashCode() {
-    return Objects.hash(name, version, additionalProperties);
+    return Objects.hash(additionalNames, name, version, additionalProperties);
   }
 
   @Override
   public String toString() {
     StringBuilder sb = new StringBuilder();
     sb.append("class Library {\n");
+    sb.append("    additionalNames: ").append(toIndentedString(additionalNames)).append("\n");
     sb.append("    name: ").append(toIndentedString(name)).append("\n");
     sb.append("    version: ").append(toIndentedString(version)).append("\n");
     sb.append("    additionalProperties: ")