Vulnerability Reportapache/hive:4.1.0

apache/hive:4.1.0

DIGESTsha256:b957bb0e698e560d24e162b7549d79f191d58703e92899a886618c317f6e8f30

Executive Summary

Threat ScoreDANGEROUS• 491 exposed vulnerabilities, 98 with severity ≥7 and max 9.8, including critical RCE and auth bypass• CVE-2023-44487 (HTTP/2 Rapid Reset) enables high-impact DDoS with 0.99999 EPSS• Multiple Jackson databind CVEs (e.g., CVE-2019-16943) allow remote code execution via deserialization• CVE-2022-46337 in Derby can bypass LDAP authentication and execute malware• Unverified community image with low trust score (55) and no official/verified status

100/100DANGEROUS

ReputationCOMMUNITY• Community Image with low/unknown reputation• Pinned by digest (Immutable)

UNVERIFIED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit these vulnerabilities to execute arbitrary code, bypass authentication, or disrupt service availability via DDoS. Many vulnerabilities, such as CVE-2022-46337, require specific configurations (e.g., LDAP) but remain highly dangerous when applicable. The combination of high severity count, low trust, and active exploitation likelihood (CVE-2023-44487) makes this image unacceptable for any production workload.

Vulnerabilities

Vulnerability Log

696 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2019-16943	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3	4.9% Low-Moderate Risk	Directly Exposed
CVE-2019-17267	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10, 2.8.11.5	4.6% Low-Moderate Risk	Directly Exposed
CVE-2019-17531	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3	5.3% Low-Moderate Risk	Directly Exposed
CVE-2019-20330	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2	8.6% Low-Moderate Risk	Directly Exposed
CVE-2022-46337	CRITICAL9.8	org.apache.derby:derby 10.14.2.0 fixed in 10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0	1.4% Low-Moderate Risk	Directly Exposed
CVE-2023-44487	CRITICAL9.75	org.eclipse.jetty.http2:http2-common 9.4.44.v20210927 fixed in 9.4.53, 10.0.17, 11.0.17	100.0% Actively Exploited	Directly Exposed
CVE-2020-35728	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	12.5% High Exploitation Risk	Directly Exposed
CVE-2020-36179	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	20.9% High Exploitation Risk	Directly Exposed
CVE-2020-36184	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	10.4% High Exploitation Risk	Directly Exposed
CVE-2020-36188	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	10.9% High Exploitation Risk	Directly Exposed
CVE-2019-20444	CRITICAL9.1	io.netty:netty 3.10.5.Final fixed in 4.0.0	8.7% Low-Moderate Risk	Directly Exposed
CVE-2020-10673	HIGH8.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.4, 2.6.7.4	8.0% Low-Moderate Risk	Directly Exposed
CVE-2025-48734	HIGH8.8	commons-beanutils:commons-beanutils 1.9.4 fixed in 1.11.0	1.5% Low-Moderate Risk	Directly Exposed
CVE-2024-47561	HIGH8.8	org.apache.avro:avro 1.9.2 fixed in 1.11.4	3.3% Low-Moderate Risk	Directly Exposed
CVE-2019-12086	HIGH8.62	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3	21.9% High Exploitation Risk	Directly Exposed
CVE-2019-14439	HIGH8.62	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3	10.8% High Exploitation Risk	Directly Exposed
CVE-2022-25647	HIGH8.62	com.google.code.gson:gson 2.8.5 fixed in 2.8.9	12.0% High Exploitation Risk	Directly Exposed
CVE-2026-45674	HIGH8.5	io.netty:netty-resolver-dns 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47691	HIGH8.5	io.netty:netty-resolver-dns 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45674	HIGH8.5	io.netty:netty-resolver-dns 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47691	HIGH8.5	io.netty:netty-resolver-dns 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45674	HIGH8.5	io.netty:netty-resolver-dns 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47691	HIGH8.5	io.netty:netty-resolver-dns 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2021-36749	HIGH8.45	org.apache.druid:druid-core 0.17.1 fixed in 0.22.0	81.0% Actively Exploited	Directly Exposed
CVE-2025-14087	HIGH8.33	glib2 2.68.4-16.el9_6.2 fixed in 2.68.4-19.el9_8.1	0.8% Theoretical Threat	Directly Exposed
CVE-2026-42010	HIGH8.33	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.8% Theoretical Threat	Directly Exposed
CVE-2026-31789	HIGH8.33	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.1.116.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-32988	HIGH8.2	gnutls 3.8.3-6.el9 fixed in 3.8.3-6.el9_6.2	1.2% Low-Moderate Risk	Directly Exposed
CVE-2026-45447	HIGH8.1	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	1.4% Low-Moderate Risk	Directly Exposed
CVE-2018-5968	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.8.11.1, 2.9.4, 2.7.9.5	7.0% Low-Moderate Risk	Directly Exposed
CVE-2020-10650	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.4	3.3% Low-Moderate Risk	Directly Exposed
CVE-2020-24616	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.6	9.3% Low-Moderate Risk	Directly Exposed
CVE-2020-24750	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.5, 2.9.10.6	7.3% Low-Moderate Risk	Directly Exposed
CVE-2020-35490	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	7.7% Low-Moderate Risk	Directly Exposed
CVE-2020-35491	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	9.5% Low-Moderate Risk	Directly Exposed
CVE-2020-36180	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	5.0% Low-Moderate Risk	Directly Exposed
CVE-2020-36181	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	5.0% Low-Moderate Risk	Directly Exposed
CVE-2020-36182	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	5.0% Low-Moderate Risk	Directly Exposed
CVE-2020-36183	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	4.9% Low-Moderate Risk	Directly Exposed
CVE-2020-36185	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	5.2% Low-Moderate Risk	Directly Exposed
CVE-2020-36186	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	5.2% Low-Moderate Risk	Directly Exposed
CVE-2020-36187	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	5.2% Low-Moderate Risk	Directly Exposed
CVE-2020-36189	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	4.9% Low-Moderate Risk	Directly Exposed
CVE-2021-20190	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.7, 2.6.7.5	7.5% Low-Moderate Risk	Directly Exposed
CVE-2017-17485	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.4, 2.8.11, 2.7.9.2	50.0% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2017-7525	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.1, 2.7.9.1, 2.8.9	37.9% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-14718	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3	12.7% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-19362	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3	10.6% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-7489	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5	20.5% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-14540	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10, 2.8.11.5, 2.6.7.3	10.7% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-8840	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3	26.6% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-9547	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7	18.7% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-9548	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7	18.3% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-20445	HIGH8	io.netty:netty 3.10.5.Final fixed in 4.0.0	13.5% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2017-15095	HIGH7.84	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2	8.4% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-11307	HIGH7.84	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.7.9.4, 2.8.11.2, 2.9.6	5.7% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-14719	HIGH7.84	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.7, 2.8.11.3, 2.7.9.5	9.7% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-14379	HIGH7.84	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6	8.0% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-16335	HIGH7.84	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10, 2.8.11.5, 2.6.7.3	4.9% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-16942	HIGH7.84	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3	5.7% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-14892	HIGH7.84	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.3, 2.8.11.5, 2.9.10	5.4% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-33845	HIGH7.73	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.6% Theoretical Threat	Directly Exposed
CVE-2026-45445	HIGH7.73	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42579	HIGH7.73	io.netty:netty-codec-dns 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42579	HIGH7.73	io.netty:netty-codec-dns 4.1.116.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42579	HIGH7.73	io.netty:netty-codec-dns 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42584	HIGH7.73	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42584	HIGH7.73	io.netty:netty-codec-http 4.1.116.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42584	HIGH7.73	io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-2332	HIGH7.73	org.eclipse.jetty:jetty-http 9.4.53.v20231009 fixed in 12.1.7, 12.0.33	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2332	HIGH7.73	org.eclipse.jetty:jetty-http 9.4.57.v20241219 fixed in 12.1.7, 12.0.33	0.4% Theoretical Threat	Directly Exposed
CVE-2026-5121	HIGH7.5	libarchive 3.5.3-5.el9_6 fixed in 3.5.3-9.el9_7	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-33416	HIGH7.5	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.4	1.1% Low-Moderate Risk	Directly Exposed
CVE-2025-27113	HIGH7.5	libxml2 2.9.13-10.el9_6 No fix yet	1.0% Low-Moderate Risk	Directly Exposed
CVE-2026-2100	HIGH7.5	p11-kit 0.25.3-3.el9_5 fixed in 0.26.2-1.el9	1.0% Low-Moderate Risk	Directly Exposed
CVE-2026-2100	HIGH7.5	p11-kit-trust 0.25.3-3.el9_5 fixed in 0.26.2-1.el9	1.0% Low-Moderate Risk	Directly Exposed
CVE-2018-12022	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.7.9.4, 2.8.11.2, 2.9.6	7.3% Low-Moderate Risk	Directly Exposed
CVE-2020-36518	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.13.2.1, 2.12.6.1	4.9% Low-Moderate Risk	Directly Exposed
CVE-2022-42003	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.12.7.1, 2.13.4.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-42004	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.12.7.1, 2.13.4	2.7% Low-Moderate Risk	Directly Exposed
CVE-2024-7254	HIGH7.5	com.google.protobuf:protobuf-java 2.5.0 fixed in 3.25.5, 4.27.5, 4.28.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-3171	HIGH7.5	com.google.protobuf:protobuf-java 2.5.0 fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3	1.0% Low-Moderate Risk	Directly Exposed
CVE-2024-7254	HIGH7.5	com.google.protobuf:protobuf-java 3.21.12 fixed in 3.25.5, 4.27.5, 4.28.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2021-37136	HIGH7.5	io.netty:netty 3.10.5.Final fixed in 4.0.0	5.7% Low-Moderate Risk	Directly Exposed
CVE-2021-37137	HIGH7.5	io.netty:netty 3.10.5.Final fixed in 4.0.0	6.3% Low-Moderate Risk	Directly Exposed
CVE-2025-24970	HIGH7.5	io.netty:netty-handler 4.1.100.Final fixed in 4.1.118.Final	2.0% Low-Moderate Risk	Directly Exposed
CVE-2025-24970	HIGH7.5	io.netty:netty-handler 4.1.105.Final fixed in 4.1.118.Final	2.0% Low-Moderate Risk	Directly Exposed
CVE-2025-24970	HIGH7.5	io.netty:netty-handler 4.1.94.Final fixed in 4.1.118.Final	2.0% Low-Moderate Risk	Directly Exposed
CVE-2023-39410	HIGH7.5	org.apache.avro:avro 1.9.2 fixed in 1.11.3	1.8% Low-Moderate Risk	Directly Exposed
CVE-2023-50298	HIGH7.5	org.apache.solr:solr-solrj 8.11.2 fixed in 9.4.1, 8.11.3	1.6% Low-Moderate Risk	Directly Exposed
CVE-2026-24308	HIGH7.5	org.apache.zookeeper:zookeeper 3.8.4 fixed in 3.9.5, 3.8.6	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-22201	HIGH7.5	org.eclipse.jetty.http2:http2-common 9.4.44.v20210927 fixed in 9.4.54, 10.0.20, 11.0.20	1.4% Low-Moderate Risk	Directly Exposed
CVE-2025-5115	HIGH7.5	org.eclipse.jetty.http2:http2-common 9.4.44.v20210927 fixed in 9.4.58, 10.0.26, 11.0.26	1.6% Low-Moderate Risk	Directly Exposed
CVE-2023-36478	HIGH7.5	org.eclipse.jetty.http2:http2-hpack 9.4.44.v20210927 fixed in 10.0.16, 11.0.16, 9.4.53	3.8% Low-Moderate Risk	Directly Exposed
CVE-2022-41404	HIGH7.5	org.ini4j:ini4j 0.5.4 No fix yet	1.3% Low-Moderate Risk	Directly Exposed
CVE-2025-32990	MEDIUM6.97	gnutls 3.8.3-6.el9 fixed in 3.8.3-6.el9_6.2	0.7% Theoretical Threat	Directly Exposed
CVE-2026-42013	MEDIUM6.97	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-5260	MEDIUM6.97	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.7% Theoretical Threat	Directly Exposed
CVE-2026-0861	MEDIUM6.88	glibc 2.34-168.el9_6.20 fixed in 2.34-231.el9_7.10	0.4% Theoretical Threat	Directly Exposed
CVE-2026-25646	MEDIUM6.88	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.2	0.9% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM6.88	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44249	MEDIUM6.88	io.netty:netty-handler 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-44249	MEDIUM6.88	io.netty:netty-handler 4.1.105.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-44249	MEDIUM6.88	io.netty:netty-handler 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2024-53990	MEDIUM6.88	org.asynchttpclient:async-http-client 2.5.3 fixed in 2.12.4, 3.0.1	0.6% Theoretical Threat	Directly Exposed
CVE-2019-12384	MEDIUM6.79	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	45.2% High Exploitation Risk	Directly Exposed
CVE-2019-12814	MEDIUM6.79	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	11.0% High Exploitation Risk	Directly Exposed
CVE-2021-21295	MEDIUM6.79	io.netty:netty 3.10.5.Final fixed in 4.0.0	18.9% High Exploitation Risk	Directly Exposed
CVE-2025-5914	MEDIUM6.63	libarchive 3.5.3-5.el9_6 fixed in 3.5.3-6.el9_6	0.3% Theoretical Threat	Directly Exposed
CVE-2026-22801	MEDIUM6.63	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-48864	MEDIUM6.63	libsolv 0.7.24-3.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-7425	MEDIUM6.63	libxml2 2.9.13-10.el9_6 fixed in 2.9.13-11.el9_6	0.3% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	systemd-libs 252-51.el9_6.1 fixed in 252-67.el9_8.2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	systemd-pam 252-51.el9_6.1 fixed in 252-67.el9_8.2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	systemd-rpm-macros 252-51.el9_6.1 fixed in 252-67.el9_8.2	0.1% Theoretical Threat	Directly Exposed
CVE-2025-13601	MEDIUM6.54	glib2 2.68.4-16.el9_6.2 fixed in 2.68.4-18.el9_7.1	0.3% Theoretical Threat	Directly Exposed
CVE-2021-43797	MEDIUM6.5	io.netty:netty 3.10.5.Final fixed in 4.0.0	2.7% Low-Moderate Risk	Directly Exposed
CVE-2021-26920	MEDIUM6.5	org.apache.druid:druid-core 0.17.1 fixed in 0.21.0	9.5% Low-Moderate Risk	Directly Exposed
CVE-2024-8184	MEDIUM6.5	org.eclipse.jetty:jetty-server 9.4.53.v20231009 fixed in 12.0.9, 10.0.24, 11.0.24, 9.4.56	1.0% Low-Moderate Risk	Directly Exposed
CVE-2026-33636	MEDIUM6.46	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.3	0.6% Theoretical Threat	Directly Exposed
CVE-2026-45186	MEDIUM6.38	expat 2.5.0-5.el9_6 fixed in 2.5.0-6.el9_8.1	0.5% Theoretical Threat	Directly Exposed
CVE-2023-32636	MEDIUM6.38	glib2 2.68.4-16.el9_6.2 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-33846	MEDIUM6.38	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.9% Theoretical Threat	Directly Exposed
CVE-2026-42009	MEDIUM6.38	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.8% Theoretical Threat	Directly Exposed
CVE-2026-4111	MEDIUM6.38	libarchive 3.5.3-5.el9_6 fixed in 3.5.3-7.el9_7	0.7% Theoretical Threat	Directly Exposed
CVE-2026-4424	MEDIUM6.38	libarchive 3.5.3-5.el9_6 fixed in 3.5.3-9.el9_7	0.9% Theoretical Threat	Directly Exposed
CVE-2025-6176	MEDIUM6.38	libbrotli 1.0.9-7.el9_5 fixed in 1.0.9-9.el9_7	0.5% Theoretical Threat	Directly Exposed
CVE-2026-41989	MEDIUM6.38	libgcrypt 1.10.0-11.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-27135	MEDIUM6.38	libnghttp2 1.43.0-6.el9 fixed in 1.43.0-6.el9_7.1	0.6% Theoretical Threat	Directly Exposed
CVE-2025-32414	MEDIUM6.38	libxml2 2.9.13-10.el9_6 fixed in 2.9.13-12.el9_6	0.3% Theoretical Threat	Directly Exposed
CVE-2025-32415	MEDIUM6.38	libxml2 2.9.13-10.el9_6 fixed in 2.9.13-12.el9_6	0.5% Theoretical Threat	Directly Exposed
CVE-2026-6732	MEDIUM6.38	libxml2 2.9.13-10.el9_6 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-28390	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-3.el9_8	0.8% Theoretical Threat	Directly Exposed
CVE-2026-34183	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2025-69421	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Directly Exposed
CVE-2026-28388	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-28389	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-41409	MEDIUM6.38	pcre2 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2022-41409	MEDIUM6.38	pcre2-syntax 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2025-52999	MEDIUM6.38	com.fasterxml.jackson.core:jackson-core 2.12.7 fixed in 2.15.0	0.6% Theoretical Threat	Directly Exposed
CVE-2025-52999	MEDIUM6.38	com.fasterxml.jackson.core:jackson-core 2.4.0 fixed in 2.15.0	0.6% Theoretical Threat	Directly Exposed
CVE-2025-67721	MEDIUM6.38	io.airlift:aircompressor 2.0.2 fixed in 2.0.3	0.4% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.grpc:grpc-netty-shaded 1.72.0 fixed in 1.75.0	0.9% Theoretical Threat	Directly Exposed
CVE-2023-32731	MEDIUM6.38	io.grpc:grpc-protobuf 1.53.0 fixed in 1.53.1, 1.54.2	0.5% Theoretical Threat	Directly Exposed
CVE-2025-58057	MEDIUM6.38	io.netty:netty-codec 4.1.100.Final fixed in 4.1.125.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-58057	MEDIUM6.38	io.netty:netty-codec 4.1.116.Final fixed in 4.1.125.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-58057	MEDIUM6.38	io.netty:netty-codec 4.1.94.Final fixed in 4.1.125.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44893	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48059	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44893	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48059	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44893	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48059	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.1.100.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-58056	MEDIUM6.38	io.netty:netty-codec-http 4.1.100.Final fixed in 4.1.125.Final, 4.2.5.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.1.116.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.1.116.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.1.116.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-58056	MEDIUM6.38	io.netty:netty-codec-http 4.1.116.Final fixed in 4.1.125.Final, 4.2.5.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.1.94.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-58056	MEDIUM6.38	io.netty:netty-codec-http 4.1.94.Final fixed in 4.1.125.Final, 4.2.5.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.2.4.Final, 4.1.124.Final	0.9% Theoretical Threat	Directly Exposed
CVE-2026-33871	MEDIUM6.38	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.1.132.Final, 4.2.11.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-48043	MEDIUM6.38	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.1.135.Final, 4.2.15.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.netty:netty-codec-http2 4.1.116.Final fixed in 4.2.4.Final, 4.1.124.Final	0.9% Theoretical Threat	Directly Exposed
CVE-2026-33871	MEDIUM6.38	io.netty:netty-codec-http2 4.1.116.Final fixed in 4.1.132.Final, 4.2.11.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http2 4.1.116.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-48043	MEDIUM6.38	io.netty:netty-codec-http2 4.1.116.Final fixed in 4.1.135.Final, 4.2.15.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.netty:netty-codec-http2 4.1.94.Final fixed in 4.2.4.Final, 4.1.124.Final	0.9% Theoretical Threat	Directly Exposed
CVE-2026-33871	MEDIUM6.38	io.netty:netty-codec-http2 4.1.94.Final fixed in 4.1.132.Final, 4.2.11.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http2 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-48043	MEDIUM6.38	io.netty:netty-codec-http2 4.1.94.Final fixed in 4.1.135.Final, 4.2.15.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44248	MEDIUM6.38	io.netty:netty-codec-mqtt 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-44248	MEDIUM6.38	io.netty:netty-codec-mqtt 4.1.116.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-44248	MEDIUM6.38	io.netty:netty-codec-mqtt 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-44250	MEDIUM6.38	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44890	MEDIUM6.38	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48006	MEDIUM6.38	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50011	MEDIUM6.38	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-44250	MEDIUM6.38	io.netty:netty-codec-redis 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44890	MEDIUM6.38	io.netty:netty-codec-redis 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48006	MEDIUM6.38	io.netty:netty-codec-redis 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50011	MEDIUM6.38	io.netty:netty-codec-redis 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-44250	MEDIUM6.38	io.netty:netty-codec-redis 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44890	MEDIUM6.38	io.netty:netty-codec-redis 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48006	MEDIUM6.38	io.netty:netty-codec-redis 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50011	MEDIUM6.38	io.netty:netty-codec-redis 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.1.105.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.1.105.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42578	MEDIUM6.38	io.netty:netty-handler-proxy 4.1.100.Final fixed in 4.1.133.Final, 4.2.13.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42578	MEDIUM6.38	io.netty:netty-handler-proxy 4.1.116.Final fixed in 4.1.133.Final, 4.2.13.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42578	MEDIUM6.38	io.netty:netty-handler-proxy 4.1.94.Final fixed in 4.1.133.Final, 4.2.13.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-46340	MEDIUM6.38	io.netty:netty-transport-sctp 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-46340	MEDIUM6.38	io.netty:netty-transport-sctp 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-46340	MEDIUM6.38	io.netty:netty-transport-sctp 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-45292	MEDIUM6.38	io.opentelemetry:opentelemetry-api 1.42.0 fixed in 1.62.0	0.5% Theoretical Threat	Directly Exposed
CVE-2024-57699	MEDIUM6.38	net.minidev:json-smart 2.5.0 fixed in 2.5.2	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34479	MEDIUM6.38	org.apache.logging.log4j:log4j-1.2-api 2.24.3 fixed in 2.25.4	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34478	MEDIUM6.38	org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.4	0.8% Theoretical Threat	Directly Exposed
CVE-2026-34480	MEDIUM6.38	org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.4	0.9% Theoretical Threat	Directly Exposed
CVE-2026-5588	MEDIUM6.38	org.bouncycastle:bcpkix-jdk18on 1.78.1 fixed in 1.84	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5598	MEDIUM6.38	org.bouncycastle:bcprov-jdk18on 1.78 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5598	MEDIUM6.38	org.bouncycastle:bcprov-jdk18on 1.78.1 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2025-66566	MEDIUM6.38	org.lz4:lz4-java 1.7.1 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2025-41249	MEDIUM6.38	org.springframework:spring-core 5.3.39 fixed in 6.2.11	0.5% Theoretical Threat	Directly Exposed
CVE-2026-3833	MEDIUM6.29	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42011	MEDIUM6.29	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2025-69419	MEDIUM6.29	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34182	MEDIUM6.29	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-24281	MEDIUM6.29	org.apache.zookeeper:zookeeper 3.8.4 fixed in 3.8.6, 3.9.5	0.3% Theoretical Threat	Directly Exposed
CVE-2026-43869	MEDIUM6.21	org.apache.thrift:libthrift 0.16.0 fixed in 0.23.0	0.3% Theoretical Threat	Directly Exposed
CVE-2024-13009	MEDIUM6.12	org.eclipse.jetty:jetty-server 9.4.53.v20231009 fixed in 9.4.57.v20241219	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42012	MEDIUM6.03	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2025-64720	MEDIUM6.03	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.1	0.3% Theoretical Threat	Directly Exposed
CVE-2025-65018	MEDIUM6.03	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.1	0.2% Theoretical Threat	Directly Exposed
CVE-2025-66293	MEDIUM6.03	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.1	0.3% Theoretical Threat	Directly Exposed
CVE-2026-22695	MEDIUM6.03	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.2	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 12.0.1 fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 16.0.1 fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 22.0 fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 27.0-jre fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42586	MEDIUM6.03	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42586	MEDIUM6.03	io.netty:netty-codec-redis 4.1.116.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42586	MEDIUM6.03	io.netty:netty-codec-redis 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4878	MEDIUM5.95	libcap 2.48-9.el9_2 fixed in 2.48-10.el9_8.1	0.2% Theoretical Threat	Directly Exposed
CVE-2026-44604	MEDIUM5.95	rpm-libs 4.16.1.3-37.el9 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2025-13151	MEDIUM5.9	libtasn1 4.16.0-9.el9 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-41996	MEDIUM5.9	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2018-10237	MEDIUM5.9	com.google.guava:guava 12.0.1 fixed in 24.1.1-android	5.1% Low-Moderate Risk	Directly Exposed
CVE-2018-10237	MEDIUM5.9	com.google.guava:guava 16.0.1 fixed in 24.1.1-android	5.1% Low-Moderate Risk	Directly Exposed
CVE-2018-10237	MEDIUM5.9	com.google.guava:guava 22.0 fixed in 24.1.1-android	5.1% Low-Moderate Risk	Directly Exposed
CVE-2021-21409	MEDIUM5.9	io.netty:netty 3.10.5.Final fixed in 4.0.0	4.9% Low-Moderate Risk	Directly Exposed
CVE-2021-38153	MEDIUM5.9	org.apache.kafka:kafka-clients 2.5.0 fixed in 2.6.3, 2.7.2, 2.8.1	5.8% Low-Moderate Risk	Directly Exposed
CVE-2026-22185	MEDIUM5.78	openldap 2.6.8-4.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-45673	MEDIUM5.78	io.netty:netty-resolver-dns 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45673	MEDIUM5.78	io.netty:netty-resolver-dns 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45673	MEDIUM5.78	io.netty:netty-resolver-dns 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-35554	MEDIUM5.78	org.apache.kafka:kafka-clients 3.4.0 fixed in 3.9.2, 4.0.2, 4.1.2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-40490	MEDIUM5.78	org.asynchttpclient:async-http-client 2.12.4 fixed in 3.0.9, 2.14.5	0.3% Theoretical Threat	Directly Exposed
CVE-2026-40490	MEDIUM5.78	org.asynchttpclient:async-http-client 2.5.3 fixed in 3.0.9, 2.14.5	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	systemd-libs 252-51.el9_6.1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	systemd-pam 252-51.el9_6.1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	systemd-rpm-macros 252-51.el9_6.1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-42014	MEDIUM5.61	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5915	MEDIUM5.61	libarchive 3.5.3-5.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5918	MEDIUM5.61	libarchive 3.5.3-5.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-9230	MEDIUM5.6	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-4.el9_7	1.8% Low-Moderate Risk	Directly Exposed
CVE-2025-14512	MEDIUM5.52	glib2 2.68.4-16.el9_6.2 fixed in 2.68.4-19.el9_8.1	0.5% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc 2.34-168.el9_6.20 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-common 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-common 2.34-168.el9_6.20 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-langpack-en 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-langpack-en 2.34-168.el9_6.20 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-minimal-langpack 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-minimal-langpack 2.34-168.el9_6.20 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-6395	MEDIUM5.52	gnutls 3.8.3-6.el9 fixed in 3.8.3-6.el9_6.2	0.6% Theoretical Threat	Directly Exposed
CVE-2026-4426	MEDIUM5.52	libarchive 3.5.3-5.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-9149	MEDIUM5.52	libsolv 0.7.24-3.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-9150	MEDIUM5.52	libsolv 0.7.24-3.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-45322	MEDIUM5.52	libxml2 2.9.13-10.el9_6 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-fips-provider 3.0.7-6.el9_5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-fips-provider-so 3.0.7-6.el9_5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-67735	MEDIUM5.52	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.8.Final, 4.1.129.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.1.100.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-67735	MEDIUM5.52	io.netty:netty-codec-http 4.1.116.Final fixed in 4.2.8.Final, 4.1.129.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.1.116.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.1.116.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-67735	MEDIUM5.52	io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.8.Final, 4.1.129.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.1.94.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0636	MEDIUM5.52	org.bouncycastle:bcprov-jdk18on 1.78 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0636	MEDIUM5.52	org.bouncycastle:bcprov-jdk18on 1.78.1 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2025-11143	MEDIUM5.52	org.eclipse.jetty:jetty-http 9.4.53.v20231009 fixed in 12.0.31, 12.1.5	0.2% Theoretical Threat	Directly Exposed
CVE-2025-11143	MEDIUM5.52	org.eclipse.jetty:jetty-http 9.4.57.v20241219 fixed in 12.0.31, 12.1.5	0.2% Theoretical Threat	Directly Exposed
CVE-2025-12183	MEDIUM5.52	org.lz4:lz4-java 1.7.1 fixed in 1.8.1	0.7% Theoretical Threat	Directly Exposed
CVE-2026-40458	MEDIUM5.52	org.pac4j:pac4j-core 4.5.8 fixed in 5.7.10, 6.4.1	0.2% Theoretical Threat	Directly Exposed
CVE-2024-34459	MEDIUM5.5	libxml2 2.9.13-10.el9_6 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2021-22569	MEDIUM5.5	com.google.protobuf:protobuf-java 2.5.0 fixed in 3.16.1, 3.18.2, 3.19.2	1.7% Low-Moderate Risk	Directly Exposed
CVE-2021-21290	MEDIUM5.5	io.netty:netty 3.10.5.Final fixed in 4.0.0	1.8% Low-Moderate Risk	Directly Exposed
CVE-2026-34181	MEDIUM5.35	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2025-59375	MEDIUM5.3	expat 2.5.0-5.el9_6 fixed in 2.5.0-5.el9_7.1	1.2% Low-Moderate Risk	Directly Exposed
CVE-2025-32989	MEDIUM5.3	gnutls 3.8.3-6.el9 fixed in 3.8.3-6.el9_6.2	1.2% Low-Moderate Risk	Directly Exposed
CVE-2024-29025	MEDIUM5.3	io.netty:netty-codec-http 4.1.100.Final fixed in 4.1.108.Final	1.4% Low-Moderate Risk	Directly Exposed
CVE-2024-29025	MEDIUM5.3	io.netty:netty-codec-http 4.1.94.Final fixed in 4.1.108.Final	1.4% Low-Moderate Risk	Directly Exposed
CVE-2025-59419	MEDIUM5.3	io.netty:netty-codec-smtp 4.1.100.Final fixed in 4.2.7.Final, 4.1.128.Final	1.6% Low-Moderate Risk	Directly Exposed
CVE-2025-59419	MEDIUM5.3	io.netty:netty-codec-smtp 4.1.116.Final fixed in 4.2.7.Final, 4.1.128.Final	1.6% Low-Moderate Risk	Directly Exposed
CVE-2025-59419	MEDIUM5.3	io.netty:netty-codec-smtp 4.1.94.Final fixed in 4.2.7.Final, 4.1.128.Final	1.6% Low-Moderate Risk	Directly Exposed
CVE-2025-27553	MEDIUM5.3	org.apache.commons:commons-vfs2 2.3 fixed in 2.10.0	1.2% Low-Moderate Risk	Directly Exposed
CVE-2024-31141	MEDIUM5.3	org.apache.kafka:kafka-clients 2.5.0 fixed in 3.7.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-31141	MEDIUM5.3	org.apache.kafka:kafka-clients 3.4.0 fixed in 3.7.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-1757	MEDIUM5.27	libxml2 2.9.13-10.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libfdisk 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-64506	MEDIUM5.18	libpng 2:1.6.37-12.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libsmartcols 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-11187	MEDIUM5.18	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50219	MEDIUM5.02	expat 2.5.0-5.el9_6 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc 2.34-168.el9_6.20 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-15281	MEDIUM5.02	glibc 2.34-168.el9_6.20 fixed in 2.34-231.el9_7.10	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-common 2.34-168.el9_6.20 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-langpack-en 2.34-168.el9_6.20 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-minimal-langpack 2.34-168.el9_6.20 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	krb5-libs 1.21.1-8.el9_6 fixed in 1.21.1-10.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	krb5-libs 1.21.1-8.el9_6 fixed in 1.21.1-10.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0990	MEDIUM5.02	libxml2 2.9.13-10.el9_6 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-fips-provider 3.0.7-6.el9_5 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-fips-provider-so 3.0.7-6.el9_5 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-2.el9_8	1.0% Theoretical Threat	Directly Exposed
CVE-2026-42764	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.7% Theoretical Threat	Directly Exposed
CVE-2025-15468	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.7% Theoretical Threat	Directly Exposed
CVE-2025-66199	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Directly Exposed
CVE-2025-69420	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Directly Exposed
CVE-2026-22796	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42769	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34477	MEDIUM5.02	org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.4	0.4% Theoretical Threat	Directly Exposed
CVE-2025-53864	MEDIUM4.93	com.nimbusds:nimbus-jose-jwt 9.37.2 fixed in 10.0.2, 9.37.4	0.8% Theoretical Threat	Directly Exposed
CVE-2025-53864	MEDIUM4.93	com.nimbusds:nimbus-jose-jwt 9.37.3 fixed in 10.0.2, 9.37.4	0.8% Theoretical Threat	Directly Exposed
CVE-2025-5916	MEDIUM4.76	libarchive 3.5.3-5.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1371	MEDIUM4.67	elfutils-debuginfod-client 0.192-6.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-debuginfod-client 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1371	MEDIUM4.67	elfutils-default-yama-scope 0.192-6.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-default-yama-scope 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1371	MEDIUM4.67	elfutils-libelf 0.192-6.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-libelf 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1371	MEDIUM4.67	elfutils-libs 0.192-6.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-libs 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-32776	MEDIUM4.67	expat 2.5.0-5.el9_6 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-32777	MEDIUM4.67	expat 2.5.0-5.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-32778	MEDIUM4.67	expat 2.5.0-5.el9_6 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-66382	MEDIUM4.67	expat 2.5.0-5.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-60753	MEDIUM4.67	libarchive 3.5.3-5.el9_6 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5745	MEDIUM4.67	libarchive 3.5.3-5.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1632	MEDIUM4.67	libarchive 3.5.3-5.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libgcc 11.5.0-5.el9_5 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc 11.5.0-5.el9_5 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libstdc++ 11.5.0-5.el9_5 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libstdc++ 11.5.0-5.el9_5 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2025-9714	MEDIUM4.67	libxml2 2.9.13-10.el9_6 fixed in 2.9.13-14.el9_7	0.1% Theoretical Threat	Directly Exposed
CVE-2025-15469	MEDIUM4.67	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2026-22795	MEDIUM4.67	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2024-0232	MEDIUM4.67	sqlite-libs 3.34.1-8.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib 1.2.11-40.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2024-47535	MEDIUM4.67	io.netty:netty-common 4.1.100.Final fixed in 4.1.115.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-25193	MEDIUM4.67	io.netty:netty-common 4.1.100.Final fixed in 4.1.118.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-25193	MEDIUM4.67	io.netty:netty-common 4.1.116.Final fixed in 4.1.118.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2024-47535	MEDIUM4.67	io.netty:netty-common 4.1.94.Final fixed in 4.1.115.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-25193	MEDIUM4.67	io.netty:netty-common 4.1.94.Final fixed in 4.1.118.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-1489	MEDIUM4.59	glib2 2.68.4-16.el9_6.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-6965	MEDIUM4.58	sqlite-libs 3.34.1-8.el9_6 fixed in 3.34.1-9.el9_7	64.9% Actively Exploited	Post-Exploit
CVE-2026-23865	MEDIUM4.5	freetype 2.10.4-10.el9_5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-0915	MEDIUM4.5	glibc 2.34-168.el9_6.20 fixed in 2.34-231.el9_7.10	0.6% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-common 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-langpack-en 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-minimal-langpack 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2025-14831	MEDIUM4.5	gnutls 3.8.3-6.el9 fixed in 3.8.3-10.el9_7	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42015	MEDIUM4.5	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.7% Theoretical Threat	Directly Exposed
CVE-2026-22693	MEDIUM4.5	harfbuzz 2.7.4-10.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-30571	MEDIUM4.5	libarchive 3.5.3-5.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	xz-libs 5.2.5-8.el9_0 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-32732	MEDIUM4.5	io.grpc:grpc-protobuf 1.53.0 fixed in 1.53.1, 1.54.2	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47244	MEDIUM4.5	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50560	MEDIUM4.5	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-47244	MEDIUM4.5	io.netty:netty-codec-http2 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50560	MEDIUM4.5	io.netty:netty-codec-http2 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-47244	MEDIUM4.5	io.netty:netty-codec-http2 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50560	MEDIUM4.5	io.netty:netty-codec-http2 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2025-8916	MEDIUM4.5	org.bouncycastle:bcpkix-jdk18on 1.78.1 fixed in 1.79	0.4% Theoretical Threat	Directly Exposed
CVE-2024-6763	MEDIUM4.5	org.eclipse.jetty:jetty-http 9.4.53.v20231009 fixed in 12.0.12	1.0% Theoretical Threat	Directly Exposed
CVE-2024-6763	MEDIUM4.5	org.eclipse.jetty:jetty-http 9.4.57.v20241219 fixed in 12.0.12	1.0% Theoretical Threat	Directly Exposed
CVE-2025-3588	MEDIUM4.5	org.jsonschema2pojo:jsonschema2pojo-core 1.0.2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2024-47554	MEDIUM4.3	commons-io:commons-io 2.8.0 fixed in 2.14.0	1.2% Low-Moderate Risk	Directly Exposed
CVE-2026-42250	MEDIUM4.25	bzip2-libs 1.0.8-10.el9_5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc 2.34-168.el9_6.20 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc 2.34-168.el9_6.20 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-common 2.34-168.el9_6.20 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-common 2.34-168.el9_6.20 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-langpack-en 2.34-168.el9_6.20 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-langpack-en 2.34-168.el9_6.20 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-minimal-langpack 2.34-168.el9_6.20 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-minimal-langpack 2.34-168.el9_6.20 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	krb5-libs 1.21.1-8.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-5917	MEDIUM4.25	libarchive 3.5.3-5.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-28164	MEDIUM4.25	libpng 2:1.6.37-12.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2025-15079	MEDIUM4.13	libcurl-minimal 7.76.1-31.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-28387	MEDIUM4.13	openssl 1:3.2.2-6.el9_5.1 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-68161	MEDIUM4.08	org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.3	0.7% Theoretical Threat	Directly Exposed
CVE-2025-15467	MEDIUM4.06	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	48.7% High Exploitation Risk	Post-Exploit
CVE-2025-15467	MEDIUM4.06	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	48.7% High Exploitation Risk	Post-Exploit
CVE-2025-1376	MEDIUM4	elfutils-debuginfod-client 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1376	MEDIUM4	elfutils-default-yama-scope 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1376	MEDIUM4	elfutils-libelf 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1376	MEDIUM4	elfutils-libs 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libfdisk 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2024-13176	MEDIUM4	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-68160	MEDIUM4	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-4598	MEDIUM4	systemd-libs 252-51.el9_6.1 fixed in 252-55.el9_7.7	0.6% Theoretical Threat	Directly Exposed
CVE-2025-4598	MEDIUM4	systemd-pam 252-51.el9_6.1 fixed in 252-55.el9_7.7	0.6% Theoretical Threat	Directly Exposed
CVE-2025-4598	MEDIUM4	systemd-rpm-macros 252-51.el9_6.1 fixed in 252-55.el9_7.7	0.6% Theoretical Threat	Directly Exposed
CVE-2025-11082	LOW3.98	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11083	LOW3.98	binutils 2.35.2-63.el9 fixed in 2.35.2-67.el9_7.1	0.2% Theoretical Threat	Post-Exploit
CVE-2025-5245	LOW3.98	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-7545	LOW3.98	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-44840	LOW3.98	binutils 2.35.2-63.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-11082	LOW3.98	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11083	LOW3.98	binutils-gold 2.35.2-63.el9 fixed in 2.35.2-67.el9_7.1	0.2% Theoretical Threat	Post-Exploit
CVE-2025-5245	LOW3.98	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-7545	LOW3.98	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-44840	LOW3.98	binutils-gold 2.35.2-63.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2021-3826	LOW3.9	binutils 2.35.2-63.el9 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2021-3826	LOW3.9	binutils-gold 2.35.2-63.el9 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2024-9681	LOW3.9	curl-minimal 7.76.1-31.el9 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2024-9681	LOW3.9	libcurl-minimal 7.76.1-31.el9 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2024-10524	LOW3.9	wget 1.21.1-8.el9_4 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2025-66864	LOW3.82	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-66866	LOW3.82	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69649	LOW3.82	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69650	LOW3.82	binutils 2.35.2-63.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-66864	LOW3.82	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-66866	LOW3.82	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69649	LOW3.82	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69650	LOW3.82	binutils-gold 2.35.2-63.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-5773	LOW3.82	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW3.82	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5773	LOW3.82	libcurl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW3.82	libcurl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-28390	LOW3.82	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-3.el9_8	0.8% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW3.82	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Post-Exploit
CVE-2025-69421	LOW3.82	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28388	LOW3.82	openssl 1:3.2.2-6.el9_5.1 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-28389	LOW3.82	openssl 1:3.2.2-6.el9_5.1 No fix yet	0.8% Theoretical Threat	Post-Exploit
CVE-2025-27817	LOW3.79	org.apache.kafka:kafka-clients 3.4.0 fixed in 3.9.1	60.8% Actively Exploited	Post-Exploit
CVE-2025-69419	LOW3.77	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW3.77	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW3.74	coreutils-single 8.32-39.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-64505	LOW3.74	libpng 2:1.6.37-12.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-34757	LOW3.74	libpng 2:1.6.37-12.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-48924	LOW3.7	org.apache.commons:commons-lang3 3.12.0 fixed in 3.18.0	2.2% Low-Moderate Risk	Directly Exposed
CVE-2021-31879	LOW3.66	wget 1.21.1-8.el9_4 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2023-4156	LOW3.62	gawk 5.1.0-6.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2005-2541	LOW3.6	tar 2:1.34-7.el9 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2025-68973	LOW3.57	gnupg2 2.3.3-4.el9 fixed in 2.3.3-5.el9_7	0.1% Theoretical Threat	Post-Exploit
CVE-2026-44604	LOW3.57	rpm 4.16.1.3-37.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-1484	LOW3.57	glib2 2.68.4-16.el9_6.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-8058	LOW3.57	glibc 2.34-168.el9_6.20 fixed in 2.34-168.el9_6.23	0.2% Theoretical Threat	Directly Exposed
CVE-2025-8058	LOW3.57	glibc-common 2.34-168.el9_6.20 fixed in 2.34-168.el9_6.23	0.2% Theoretical Threat	Directly Exposed
CVE-2025-8058	LOW3.57	glibc-langpack-en 2.34-168.el9_6.20 fixed in 2.34-168.el9_6.23	0.2% Theoretical Threat	Directly Exposed
CVE-2025-8058	LOW3.57	glibc-minimal-langpack 2.34-168.el9_6.20 fixed in 2.34-168.el9_6.23	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1153	LOW3.54	binutils 2.35.2-63.el9 No fix yet	1.3% Low-Moderate Risk	Post-Exploit
CVE-2025-1153	LOW3.54	binutils-gold 2.35.2-63.el9 No fix yet	1.3% Low-Moderate Risk	Post-Exploit
CVE-2024-11053	LOW3.54	curl-minimal 7.76.1-31.el9 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2024-11053	LOW3.54	libcurl-minimal 7.76.1-31.el9 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2024-41996	LOW3.54	openssl 1:3.2.2-6.el9_5.1 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2025-13034	LOW3.47	curl-minimal 7.76.1-31.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-13034	LOW3.47	libcurl-minimal 7.76.1-31.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	libcurl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2024-25260	LOW3.4	elfutils-debuginfod-client 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-25260	LOW3.4	elfutils-default-yama-scope 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-25260	LOW3.4	elfutils-libelf 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-25260	LOW3.4	elfutils-libs 0.192-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-common 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-langpack-en 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-minimal-langpack 2.34-168.el9_6.20 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-9820	LOW3.4	gnutls 3.8.3-6.el9 fixed in 3.8.3-10.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW3.4	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Directly Exposed
CVE-2025-49128	LOW3.4	com.fasterxml.jackson.core:jackson-core 2.12.7 fixed in 2.13.0	0.3% Theoretical Threat	Directly Exposed
CVE-2025-49128	LOW3.4	com.fasterxml.jackson.core:jackson-core 2.4.0 fixed in 2.13.0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.1.105.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-kqueue 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-kqueue 4.1.116.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-kqueue 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-9230	LOW3.36	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-4.el9_7	1.8% Low-Moderate Risk	Post-Exploit
CVE-2023-1972	LOW3.31	binutils 2.35.2-63.el9 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2023-1972	LOW3.31	binutils-gold 2.35.2-63.el9 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-3784	LOW3.31	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	curl-minimal 7.76.1-31.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-3784	LOW3.31	libcurl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	libcurl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	libcurl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	libcurl-minimal 7.76.1-31.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-2673	LOW3.31	openssl 1:3.2.2-6.el9_5.1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-33056	LOW3.31	tar 2:1.34-7.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2021-20197	LOW3.21	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2021-20197	LOW3.21	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-3805	LOW3.21	curl-minimal 7.76.1-31.el9 No fix yet	0.7% Theoretical Threat	Post-Exploit
CVE-2026-3805	LOW3.21	libcurl-minimal 7.76.1-31.el9 No fix yet	0.7% Theoretical Threat	Post-Exploit
CVE-2026-34181	LOW3.21	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Post-Exploit
CVE-2026-42768	LOW3.21	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5958	LOW3.21	sed 4.8-9.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-9086	LOW3.18	curl-minimal 7.76.1-31.el9 fixed in 7.76.1-35.el9_7.3	1.3% Low-Moderate Risk	Post-Exploit
CVE-2025-9086	LOW3.18	libcurl-minimal 7.76.1-31.el9 fixed in 7.76.1-35.el9_7.3	1.3% Low-Moderate Risk	Post-Exploit
CVE-2026-41080	LOW3.15	expat 2.5.0-5.el9_6 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-3360	LOW3.15	glib2 2.68.4-16.el9_6.2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-7039	LOW3.15	glib2 2.68.4-16.el9_6.2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0988	LOW3.15	glib2 2.68.4-16.el9_6.2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3832	LOW3.15	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5419	LOW3.15	gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0989	LOW3.15	libxml2 2.9.13-10.el9_6 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4647	LOW3.11	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-4647	LOW3.11	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11187	LOW3.11	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux-core 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Post-Exploit
CVE-2025-9232	LOW3.1	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	2.0% Low-Moderate Risk	Directly Exposed
CVE-2026-31790	LOW3.01	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-2.el9_8	1.0% Theoretical Threat	Post-Exploit
CVE-2026-42764	LOW3.01	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.7% Theoretical Threat	Post-Exploit
CVE-2025-15468	LOW3.01	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.7% Theoretical Threat	Post-Exploit
CVE-2025-66199	LOW3.01	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Post-Exploit
CVE-2025-69420	LOW3.01	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Post-Exploit
CVE-2026-22796	LOW3.01	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Post-Exploit
CVE-2026-42769	LOW3.01	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW3.01	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW3.01	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2026-31789	LOW3	openssl 1:3.2.2-6.el9_5.1 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-45447	LOW2.92	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-3783	LOW2.91	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-3783	LOW2.91	libcurl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-45582	LOW2.86	tar 2:1.34-7.el9 fixed in 2:1.34-9.el9_7	0.4% Theoretical Threat	Post-Exploit
CVE-2021-45078	LOW2.81	binutils 2.35.2-63.el9 No fix yet	1.3% Low-Moderate Risk	Post-Exploit
CVE-2021-45078	LOW2.81	binutils-gold 2.35.2-63.el9 No fix yet	1.3% Low-Moderate Risk	Post-Exploit
CVE-2025-11081	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-6844	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2022-38533	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-47007	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47008	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47010	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47011	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-11412	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11413	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11414	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11494	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11495	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11839	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-11840	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-3198	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69651	LOW2.8	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11081	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-6844	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2022-38533	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-47007	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47008	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47010	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47011	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-11412	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11413	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11414	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11494	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11495	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11839	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-11840	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-3198	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69651	LOW2.8	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-24883	LOW2.8	gnupg2 2.3.3-4.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-15469	LOW2.8	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Post-Exploit
CVE-2026-22795	LOW2.8	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Post-Exploit
CVE-2026-7383	LOW2.8	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 2:1.34-7.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-41990	LOW2.8	libgcrypt 1.10.0-11.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-70873	LOW2.8	sqlite-libs 3.34.1-8.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 12.0.1 fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 16.0.1 fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 22.0 fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 27.0-jre fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2026-45445	LOW2.78	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2026-4873	LOW2.7	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	curl-minimal 7.76.1-31.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-4873	LOW2.7	libcurl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	libcurl-minimal 7.76.1-31.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	libcurl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42766	LOW2.7	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.6% Theoretical Threat	Post-Exploit
CVE-2026-42767	LOW2.7	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2024-7264	LOW2.69	curl-minimal 7.76.1-31.el9 No fix yet	16.2% High Exploitation Risk	Post-Exploit
CVE-2024-7264	LOW2.69	libcurl-minimal 7.76.1-31.el9 No fix yet	16.2% High Exploitation Risk	Post-Exploit
CVE-2026-6845	LOW2.55	binutils 2.35.2-63.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2024-57360	LOW2.55	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-6845	LOW2.55	binutils-gold 2.35.2-63.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2024-57360	LOW2.55	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-34180	LOW2.55	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Post-Exploit
CVE-2025-15079	LOW2.48	curl-minimal 7.76.1-31.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-0992	LOW2.46	libxml2 2.9.13-10.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-14017	LOW2.45	curl-minimal 7.76.1-31.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-14017	LOW2.45	libcurl-minimal 7.76.1-31.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gnupg2 2.3.3-4.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gnupg2 2.3.3-4.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	libcurl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-13176	LOW2.4	openssl 1:3.2.2-6.el9_5.1 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-68160	LOW2.4	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Post-Exploit
CVE-2025-64118	LOW2.4	tar 2:1.34-7.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux-core 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-1485	LOW2.38	glib2 2.68.4-16.el9_6.2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-24515	LOW2.12	expat 2.5.0-5.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-6170	LOW2.12	libxml2 2.9.13-10.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW2.04	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Post-Exploit
CVE-2025-1152	LOW1.89	binutils 2.35.2-63.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1152	LOW1.89	binutils-gold 2.35.2-63.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-45446	LOW1.89	openssl 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Post-Exploit
CVE-2025-9232	LOW1.86	openssl 1:3.2.2-6.el9_5.1 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2024-56433	LOW1.84	shadow-utils 2:4.9-12.el9 fixed in 2:4.9-15.el9	0.4% Theoretical Threat	Post-Exploit
CVE-2025-66861	LOW1.68	binutils 2.35.2-63.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-66862	LOW1.68	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-66863	LOW1.68	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-66865	LOW1.68	binutils 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69647	LOW1.68	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69648	LOW1.68	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69652	LOW1.68	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-66861	LOW1.68	binutils-gold 2.35.2-63.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-66862	LOW1.68	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-66863	LOW1.68	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-66865	LOW1.68	binutils-gold 2.35.2-63.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69647	LOW1.68	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69648	LOW1.68	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69652	LOW1.68	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gnupg2 2.3.3-4.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2023-39804	LOW1.68	tar 2:1.34-7.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-1150	LOW1.58	binutils 2.35.2-63.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1151	LOW1.58	binutils 2.35.2-63.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1150	LOW1.58	binutils-gold 2.35.2-63.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1151	LOW1.58	binutils-gold 2.35.2-63.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-69644	LOW1.43	binutils 2.35.2-63.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-69645	LOW1.43	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69646	LOW1.43	binutils 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69644	LOW1.43	binutils-gold 2.35.2-63.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-69645	LOW1.43	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69646	LOW1.43	binutils-gold 2.35.2-63.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-6020	NONE0	pam 1.5.1-25.el9_6 fixed in 1.5.1-26.el9_6	0.4% Theoretical Threat	Not Applicable
CVE-2025-8941	NONE0	pam 1.5.1-25.el9_6 fixed in 1.5.1-26.el9_6	0.3% Theoretical Threat	Not Applicable
CVE-2026-29111	NONE0	systemd 252-51.el9_6.1 fixed in 252-67.el9_8.2	0.1% Theoretical Threat	Not Applicable
CVE-2022-29458	NONE0	ncurses-base 6.2-10.20210508.el9 fixed in 6.2-10.20210508.el9_6.2	1.3% Low-Moderate Risk	Not Applicable
CVE-2022-29458	NONE0	ncurses-libs 6.2-10.20210508.el9 fixed in 6.2-10.20210508.el9_6.2	1.3% Low-Moderate Risk	Not Applicable
CVE-2026-4105	NONE0	systemd 252-51.el9_6.1 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.2-10.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-libs 6.2-10.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	pam 1.5.1-25.el9_6 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-4598	NONE0	systemd 252-51.el9_6.1 fixed in 252-55.el9_7.7	0.6% Theoretical Threat	Not Applicable
CVE-2025-48924	NONE0	commons-lang:commons-lang 2.6 No fix yet	2.2% Low-Moderate Risk	Not Applicable
CVE-2026-22020	NONE0	libpng 2:1.6.37-12.el9 No fix yet	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.12.7 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.16.1 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.18.1 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.4.0 fixed in 2.21.1, 2.18.6	—	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec 4.1.100.Final fixed in 4.1.133.Final	0.4% Theoretical Threat	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec 4.1.116.Final fixed in 4.1.133.Final	0.4% Theoretical Threat	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec 4.1.94.Final fixed in 4.1.133.Final	0.4% Theoretical Threat	Not Applicable
GHSA-xpw8-rcwv-8f8p	NONE0	io.netty:netty-codec-http2 4.1.94.Final fixed in 4.1.100.Final	—	Not Applicable
CVE-2026-45205	NONE0	org.apache.commons:commons-configuration2 2.10.1 fixed in 2.15.0	0.5% Theoretical Threat	Not Applicable
CVE-2025-30474	NONE0	org.apache.commons:commons-vfs2 2.3 fixed in 2.10.0	0.7% Theoretical Threat	Not Applicable
CVE-2025-27821	NONE0	org.apache.hadoop:hadoop-hdfs-native-client 3.4.1 fixed in 3.4.2	0.8% Theoretical Threat	Not Applicable
CVE-2025-62728	NONE0	org.apache.hive:hive-common 4.1.0 fixed in 4.2.0	0.3% Theoretical Threat	Not Applicable
CVE-2025-62728	NONE0	org.apache.hive:hive-metastore 4.1.0 fixed in 4.2.0	0.3% Theoretical Threat	Not Applicable
CVE-2026-33558	NONE0	org.apache.kafka:kafka-clients 2.5.0 fixed in 3.9.2, 4.0.1	0.5% Theoretical Threat	Not Applicable
CVE-2026-33558	NONE0	org.apache.kafka:kafka-clients 3.4.0 fixed in 3.9.2, 4.0.1	0.5% Theoretical Threat	Not Applicable
CVE-2026-45300	NONE0	org.asynchttpclient:async-http-client 2.12.4 fixed in 3.0.10, 2.15.0	0.3% Theoretical Threat	Not Applicable
CVE-2026-45300	NONE0	org.asynchttpclient:async-http-client 2.5.3 fixed in 3.0.10, 2.15.0	0.3% Theoretical Threat	Not Applicable
GHSA-443w-3rq3-5m5h	NONE0	software.amazon.awssdk:cloudfront 2.24.6 fixed in 2.41.30	—	Not Applicable