diff --git a/trivy_vexhub/index.json b/trivy_vexhub/index.json
index 6eac4f5..ca4bcd4 100644
--- a/trivy_vexhub/index.json
+++ b/trivy_vexhub/index.json
@@ -5,6 +5,11 @@
       "id": "pkg:generic/python@3.13.7",
       "location": "pkg/generic/python/vex.json",
       "format": "openvex"
+    },
+    {
+      "id": "pkg:golang/github.com/k3s-io/k3s@1.34.1+k3s1",
+      "location": "pkg/golang/github.com/k3s-io/k3s/vex.json",
+      "format": "openvex"
     }
   ]
 }
\ No newline at end of file
diff --git a/trivy_vexhub/pkg/golang/github.com/k3s-io/k3s/vex.json b/trivy_vexhub/pkg/golang/github.com/k3s-io/k3s/vex.json
new file mode 100644
index 0000000..a190b49
--- /dev/null
+++ b/trivy_vexhub/pkg/golang/github.com/k3s-io/k3s/vex.json
@@ -0,0 +1,51 @@
+{
+  "@context": "https://openvex.dev/ns/v0.2.0",
+  "@id": "https://activestate.com/security/advisories/k3s/1.34.1+k3s1"
+  "author": "ActiveState",
+  "timestamp": "2025-12-22T19:27:55.951188+00:00",
+  "last_updated": "2025-12-22T19:27:55.951645+00:00",
+  "version": 1,
+  "statements": [
+    {
+      "@id": "https://activestate.com/security/advisories/k3s/1.34.1+k3s1/CVE-2025-54410",
+      "vulnerabiliy": {
+        "name": "CVE-2025-54410"
+      },
+      "timestamp": "2025-12-22T19:27:55.951188+00:00",
+      "last_updated": "1970-01-01T00:00:00+00:00",
+      "products": [
+        {
+          "@id": "pkg:oci/k3s@sha256%3A52c7e9054dcdc490c3a54840f0d8f11d9c7a364d15c0c6fd9ad66b12f8265cda?repository_url=index.docker.io/activestate",
+          "identifiers": {
+            "purl": "pkg:golang/github.com/k3s-io/k3s@1.34.1+k3s1"
+          },
+          "subcomponents": [
+            {
+              "@id": "pkg:golang/github.com/docker/docker@v25.0.8%2Bincompatible",
+              "identifiers": {
+                "purl": "pkg:golang/github.com/docker/docker@v25.0.8%2Bincompatible"
+              }
+            }
+          ]
+        },
+        {
+          "@id": "pkg:oci/k3s@sha256%3A52c7e9054dcdc490c3a54840f0d8f11d9c7a364d15c0c6fd9ad66b12f8265cda?repository_url=docker-registry.activestate.build/org-activestate",
+          "identifiers": {
+            "purl": "pkg:golang/github.com/k3s-io/k3s@1.34.1+k3s1"
+          },
+          "subcomponents": [
+            {
+              "@id": "pkg:golang/github.com/docker/docker@v25.0.8%2Bincompatible",
+              "identifiers": {
+                "purl": "pkg:golang/github.com/docker/docker@v25.0.8%2Bincompatible"
+              }
+            }
+          ]
+        }
+      ],
+      "status": "not_affected",
+      "justification": "vulnerable_code_cannot_be_controlled_by_adversary",
+      "impact_statement": "For this vulnerability to be exploited, Docker needs to be run as a daemon.  However, k3s uses the client interface to Docker, and does not start a Docker daemon."
+    }
+  ]
+}
\ No newline at end of file