diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 0000000..df0a0bf
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1,20 @@
+# Accepted vulnerabilities — reviewed, justified, and tracked.
+# Format: one CVE/GHSA ID per line. Re-evaluate each at the review date below.
+#
+# ---------------------------------------------------------------------------
+# cryptography is pinned to 43.0.3 because sshkey-tools 0.11.3 (SSH CA cert
+# signing) requires cryptography <44. The two findings below are only fixed in
+# cryptography >=44/48, which we cannot adopt until sshkey-tools relaxes its pin.
+#
+# Reviewed: 2026-06-23  |  Next review: 2026-09-23
+# Action to remove: bump sshkey-tools to a release allowing cryptography>=48,
+#                   then set cryptography>=48.0.1 and delete these lines.
+# ---------------------------------------------------------------------------
+
+# SECT (binary-field) curve subgroup attack. Not reachable: Gatehouse uses only
+# RSA / NIST P-256 / Ed25519 (JWT, x509, SSH CA). No SECT curves anywhere.
+CVE-2026-26007
+
+# Vulnerable OpenSSL statically bundled in the cryptography manylinux wheel.
+# Blocked by the same sshkey-tools <44 cap. Tracked for removal at next review.
+GHSA-537c-gmf6-5ccf