diff --git a/.cargo/audit.toml b/.cargo/audit.toml
index 6699365..0a9b444 100644
--- a/.cargo/audit.toml
+++ b/.cargo/audit.toml
@@ -27,6 +27,13 @@ ignore = [
 	# threads are unaffected. Only if shared memories are created across threads might an
 	# embedding be affected."
 	# We fall in the case where we don't use wasm threads at all.
+	"RUSTSEC-2026-0002", # coming from indirect dependency in smoldot-light@v0.9.0 and libp2p-identify@0.43.1.
+	# For smoldot-light@v0.9.0, we looked into the code at https://github.com/smol-dot/smoldot.git@light-js-deno-v1.0.17;
+	# all the usage of `lru::LruCache` don't use `iter_mut()` or iterate over `&mut` cache reference.
+	# For the libp2p-identify@0.43.1, we looked into the code at https://github.com/libp2p/rust-libp2p.git@libp2p-identify-v0.43.1
+	# and in protocols/identify/src/behaviour.rs we can see that there isn't any mutable iterator used for
+	# `lru::LruCache`.
+	# We can conclude that the unsound code is never exercised.
 ]
 informational_warnings = ["unmaintained", "yanked"]