diff --git a/ci_cd/security_scans.sh b/ci_cd/security_scans.sh
index 2db72ae5c6..b60e7ec523 100755
--- a/ci_cd/security_scans.sh
+++ b/ci_cd/security_scans.sh
@@ -158,6 +158,8 @@ run_grype_scans() {
         "CVE-2025-11468" # No fix available yet
         "CVE-2026-1299" # Python 3.13 email module header injection - not applicable, LiteLLM doesn't use BytesGenerator for email serialization
         "CVE-2026-0775" # npm cli incorrect permission assignment - no fix available yet, npm is only used at build/prisma-generate time
+        "GHSA-3ppc-4f35-3m26" # minimatch ReDoS via repeated wildcards - from nodejs_wheel bundled npm, not used in application runtime code
+        "GHSA-83g3-92jg-28cx" # tar arbitrary file read/write via hardlink - from nodejs_wheel bundled npm, not used in application runtime code
     )
 
     # Build JSON array of allowlisted CVE IDs for jq
diff --git a/docs/my-website/package.json b/docs/my-website/package.json
index 7b226bd88e..c4fa04c96a 100644
--- a/docs/my-website/package.json
+++ b/docs/my-website/package.json
@@ -61,7 +61,7 @@
     "mermaid": ">=11.10.0",
     "gray-matter": "4.0.3",
     "glob": ">=11.1.0",
-    "tar": ">=7.5.7",
+    "tar": ">=7.5.8",
     "@isaacs/brace-expansion": ">=5.0.1",
     "node-forge": ">=1.3.2",
     "mdast-util-to-hast": ">=13.2.1",