Vulnerability Reportapache/hive:standalone-metastore-4.2.0

apache/hive:standalone-metastore-4.2.0

DIGESTsha256:6ec027489678f06404c8e201010c10e6c67e507b77e41b7e69233d7652453fdf

Executive Summary

Threat ScoreDANGEROUS• Multiple critical exposed-surface vulnerabilities with remote code execution (CVE-2024-47561) and HTTP request smuggling (CVE-2026-42581, CVE-2026-2332), all with high context importance.• Image contains 278 exposed vulnerabilities, including 8 with severity ≥7.0 and 85 with severity ≥6.0, indicating a very broad attack surface.• Community-distributed image with low trust reputation (score 55), unverified and not official, increasing supply-chain risk.• Apache Hive's reliance on Avro deserialization and HTTP interfaces (Web UI, Thrift over HTTP) makes these vulnerabilities directly exploitable without special configuration.• Post-exploitation vulnerabilities exist (205 total) but none exceed severity 4.13, so primary risk is from pre-authentication exposure.

100/100DANGEROUS

ReputationCOMMUNITY• Community Image with low/unknown reputation• Pinned by digest (Immutable)

UNVERIFIED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could achieve remote code execution by providing a malicious Avro schema (CVE-2024-47561) or perform HTTP request smuggling via Netty (CVE-2026-42581) or Jetty (CVE-2026-2332) to intercept or redirect requests, potentially compromising the entire cluster. Disabling the HTTP interfaces (Hive Web UI and Thrift over HTTP) would eliminate the smuggling vulnerabilities, though the Avro RCE is still reachable through data ingestion. Note that the Jetty smuggling flaw (CVE-2026-2332) is only exploitable if the HTTP/1.1 listener is active, which is the default for Hive's Web UI.

Vulnerabilities

Vulnerability Log

489 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2024-47561	HIGH8.8	org.apache.avro:avro 1.9.2 fixed in 1.11.4	3.3% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-2332	HIGH7.73	org.eclipse.jetty:jetty-http 9.4.53.v20231009 fixed in 12.1.7, 12.0.33	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-2332	HIGH7.73	org.eclipse.jetty:jetty-http 9.4.57.v20241219 fixed in 12.1.7, 12.0.33	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-5121	HIGH7.5	libarchive 3.5.3-6.el9_6 fixed in 3.5.3-9.el9_7	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-33416	HIGH7.5	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.4	1.1% Low-Moderate Risk	Directly Exposed
CVE-2023-39410	HIGH7.5	org.apache.avro:avro 1.9.2 fixed in 1.11.3	1.8% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2026-24308	HIGH7.5	org.apache.zookeeper:zookeeper 3.8.4 fixed in 3.9.5, 3.8.6	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-42013	MEDIUM6.97	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-5260	MEDIUM6.97	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.7% Theoretical Threat	Directly Exposed
CVE-2026-0861	MEDIUM6.88	glibc 2.34-231.el9_7.2 fixed in 2.34-231.el9_7.10	0.4% Theoretical Threat	Directly Exposed
CVE-2026-25646	MEDIUM6.88	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.2	0.9% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM6.88	openssl-libs 1:3.5.1-4.el9_7 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44249	MEDIUM6.88	io.netty:netty-handler 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-22801	MEDIUM6.63	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-48864	MEDIUM6.63	libsolv 0.7.24-3.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	systemd-libs 252-55.el9_7.2 fixed in 252-67.el9_8.2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	systemd-pam 252-55.el9_7.2 fixed in 252-67.el9_8.2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	systemd-rpm-macros 252-55.el9_7.2 fixed in 252-67.el9_8.2	0.1% Theoretical Threat	Directly Exposed
CVE-2025-13601	MEDIUM6.54	glib2 2.68.4-18.el9_7 fixed in 2.68.4-18.el9_7.1	0.3% Theoretical Threat	Directly Exposed
CVE-2024-8184	MEDIUM6.5	org.eclipse.jetty:jetty-server 9.4.53.v20231009 fixed in 12.0.9, 10.0.24, 11.0.24, 9.4.56	1.0% Low-Moderate Risk	Directly Exposed
CVE-2026-33636	MEDIUM6.46	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.3	0.6% Theoretical Threat	Directly Exposed
CVE-2026-45186	MEDIUM6.38	expat 2.5.0-5.el9_7.1 fixed in 2.5.0-6.el9_8.1	0.5% Theoretical Threat	Directly Exposed
CVE-2023-32636	MEDIUM6.38	glib2 2.68.4-18.el9_7 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-33846	MEDIUM6.38	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.9% Theoretical Threat	Directly Exposed
CVE-2026-42009	MEDIUM6.38	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.8% Theoretical Threat	Directly Exposed
CVE-2026-4111	MEDIUM6.38	libarchive 3.5.3-6.el9_6 fixed in 3.5.3-7.el9_7	0.7% Theoretical Threat	Directly Exposed
CVE-2026-4424	MEDIUM6.38	libarchive 3.5.3-6.el9_6 fixed in 3.5.3-9.el9_7	0.9% Theoretical Threat	Directly Exposed
CVE-2025-6176	MEDIUM6.38	libbrotli 1.0.9-7.el9_5 fixed in 1.0.9-9.el9_7	0.5% Theoretical Threat	Directly Exposed
CVE-2026-41989	MEDIUM6.38	libgcrypt 1.10.0-11.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-27135	MEDIUM6.38	libnghttp2 1.43.0-6.el9 fixed in 1.43.0-6.el9_7.1	0.6% Theoretical Threat	Directly Exposed
CVE-2026-6732	MEDIUM6.38	libxml2 2.9.13-12.el9_6 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-28390	MEDIUM6.38	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-3.el9_8	0.8% Theoretical Threat	Directly Exposed
CVE-2026-34183	MEDIUM6.38	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2025-69421	MEDIUM6.38	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Directly Exposed
CVE-2026-28388	MEDIUM6.38	openssl-libs 1:3.5.1-4.el9_7 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-28389	MEDIUM6.38	openssl-libs 1:3.5.1-4.el9_7 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-41409	MEDIUM6.38	pcre2 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2022-41409	MEDIUM6.38	pcre2-syntax 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2025-52999	MEDIUM6.38	com.fasterxml.jackson.core:jackson-core 2.12.7 fixed in 2.15.0	0.6% Theoretical Threat	Directly Exposed
CVE-2025-67721	MEDIUM6.38	io.airlift:aircompressor 2.0.2 fixed in 2.0.3	0.4% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.grpc:grpc-netty-shaded 1.72.0 fixed in 1.75.0	0.9% Theoretical Threat	Directly Exposed
CVE-2025-58057	MEDIUM6.38	io.netty:netty-codec 4.1.100.Final fixed in 4.1.125.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44893	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48059	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.1.100.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-58056	MEDIUM6.38	io.netty:netty-codec-http 4.1.100.Final fixed in 4.1.125.Final, 4.2.5.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.2.4.Final, 4.1.124.Final	0.9% Theoretical Threat	Directly Exposed
CVE-2026-33871	MEDIUM6.38	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.1.132.Final, 4.2.11.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-48043	MEDIUM6.38	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.1.135.Final, 4.2.15.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44248	MEDIUM6.38	io.netty:netty-codec-mqtt 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-44250	MEDIUM6.38	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44890	MEDIUM6.38	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48006	MEDIUM6.38	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50011	MEDIUM6.38	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42578	MEDIUM6.38	io.netty:netty-handler-proxy 4.1.100.Final fixed in 4.1.133.Final, 4.2.13.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-46340	MEDIUM6.38	io.netty:netty-transport-sctp 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-45292	MEDIUM6.38	io.opentelemetry:opentelemetry-api 1.42.0 fixed in 1.62.0	0.5% Theoretical Threat	Directly Exposed
CVE-2024-57699	MEDIUM6.38	net.minidev:json-smart 2.5.0 fixed in 2.5.2	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34479	MEDIUM6.38	org.apache.logging.log4j:log4j-1.2-api 2.24.3 fixed in 2.25.4	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34478	MEDIUM6.38	org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.4	0.8% Theoretical Threat	Directly Exposed
CVE-2026-34480	MEDIUM6.38	org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.4	0.9% Theoretical Threat	Directly Exposed
CVE-2026-5598	MEDIUM6.38	org.bouncycastle:bcprov-jdk18on 1.78.1 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2025-41249	MEDIUM6.38	org.springframework:spring-core 5.3.39 fixed in 6.2.11	0.5% Theoretical Threat	Directly Exposed
CVE-2026-3833	MEDIUM6.29	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42011	MEDIUM6.29	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2025-69419	MEDIUM6.29	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34182	MEDIUM6.29	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-24281	MEDIUM6.29	org.apache.zookeeper:zookeeper 3.8.4 fixed in 3.8.6, 3.9.5	0.3% Theoretical Threat	Directly Exposed
CVE-2026-43869	MEDIUM6.21	org.apache.thrift:libthrift 0.16.0 fixed in 0.23.0	0.3% Theoretical Threat	Directly Exposed
CVE-2024-13009	MEDIUM6.12	org.eclipse.jetty:jetty-server 9.4.53.v20231009 fixed in 9.4.57.v20241219	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42012	MEDIUM6.03	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2025-64720	MEDIUM6.03	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.1	0.3% Theoretical Threat	Directly Exposed
CVE-2025-65018	MEDIUM6.03	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.1	0.2% Theoretical Threat	Directly Exposed
CVE-2025-66293	MEDIUM6.03	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.1	0.3% Theoretical Threat	Directly Exposed
CVE-2026-22695	MEDIUM6.03	libpng 2:1.6.37-12.el9 fixed in 2:1.6.37-12.el9_7.2	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 22.0 fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 27.0-jre fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42586	MEDIUM6.03	io.netty:netty-codec-redis 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-24970	MEDIUM6	io.netty:netty-handler 4.1.100.Final fixed in 4.1.118.Final	2.0% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-4878	MEDIUM5.95	libcap 2.48-10.el9 fixed in 2.48-10.el9_8.1	0.2% Theoretical Threat	Directly Exposed
CVE-2026-44604	MEDIUM5.95	rpm-libs 4.16.1.3-39.el9 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2025-13151	MEDIUM5.9	libtasn1 4.16.0-9.el9 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-41996	MEDIUM5.9	openssl-libs 1:3.5.1-4.el9_7 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2018-10237	MEDIUM5.9	com.google.guava:guava 22.0 fixed in 24.1.1-android	5.1% Low-Moderate Risk	Directly Exposed
CVE-2026-22185	MEDIUM5.78	openldap 2.6.8-4.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-45673	MEDIUM5.78	io.netty:netty-resolver-dns 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	systemd-libs 252-55.el9_7.2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	systemd-pam 252-55.el9_7.2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	systemd-rpm-macros 252-55.el9_7.2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-42014	MEDIUM5.61	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5915	MEDIUM5.61	libarchive 3.5.3-6.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5918	MEDIUM5.61	libarchive 3.5.3-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-14512	MEDIUM5.52	glib2 2.68.4-18.el9_7 fixed in 2.68.4-19.el9_8.1	0.5% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc 2.34-231.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-common 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-common 2.34-231.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-langpack-en 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-langpack-en 2.34-231.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-minimal-langpack 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-minimal-langpack 2.34-231.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4426	MEDIUM5.52	libarchive 3.5.3-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-9149	MEDIUM5.52	libsolv 0.7.24-3.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-9150	MEDIUM5.52	libsolv 0.7.24-3.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-45322	MEDIUM5.52	libxml2 2.9.13-12.el9_6 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-fips-provider 3.0.7-8.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-fips-provider-so 3.0.7-8.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-libs 1:3.5.1-4.el9_7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-67735	MEDIUM5.52	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.8.Final, 4.1.129.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.1.100.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0636	MEDIUM5.52	org.bouncycastle:bcprov-jdk18on 1.78.1 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2025-11143	MEDIUM5.52	org.eclipse.jetty:jetty-http 9.4.53.v20231009 fixed in 12.0.31, 12.1.5	0.2% Theoretical Threat	Directly Exposed
CVE-2025-11143	MEDIUM5.52	org.eclipse.jetty:jetty-http 9.4.57.v20241219 fixed in 12.0.31, 12.1.5	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40458	MEDIUM5.52	org.pac4j:pac4j-core 4.5.8 fixed in 5.7.10, 6.4.1	0.2% Theoretical Threat	Directly Exposed
CVE-2024-34459	MEDIUM5.5	libxml2 2.9.13-12.el9_6 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2026-34181	MEDIUM5.35	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2024-29025	MEDIUM5.3	io.netty:netty-codec-http 4.1.100.Final fixed in 4.1.108.Final	1.4% Low-Moderate Risk	Directly Exposed
CVE-2025-59419	MEDIUM5.3	io.netty:netty-codec-smtp 4.1.100.Final fixed in 4.2.7.Final, 4.1.128.Final	1.6% Low-Moderate Risk	Directly Exposed
CVE-2026-1757	MEDIUM5.27	libxml2 2.9.13-12.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libfdisk 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-64506	MEDIUM5.18	libpng 2:1.6.37-12.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libsmartcols 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-11187	MEDIUM5.18	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50219	MEDIUM5.02	expat 2.5.0-5.el9_7.1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc 2.34-231.el9_7.2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-15281	MEDIUM5.02	glibc 2.34-231.el9_7.2 fixed in 2.34-231.el9_7.10	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-common 2.34-231.el9_7.2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-langpack-en 2.34-231.el9_7.2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-minimal-langpack 2.34-231.el9_7.2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	krb5-libs 1.21.1-8.el9_6 fixed in 1.21.1-10.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	krb5-libs 1.21.1-8.el9_6 fixed in 1.21.1-10.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0990	MEDIUM5.02	libxml2 2.9.13-12.el9_6 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-fips-provider 3.0.7-8.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-fips-provider-so 3.0.7-8.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-2.el9_8	1.0% Theoretical Threat	Directly Exposed
CVE-2026-42764	MEDIUM5.02	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.7% Theoretical Threat	Directly Exposed
CVE-2025-15468	MEDIUM5.02	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.7% Theoretical Threat	Directly Exposed
CVE-2025-66199	MEDIUM5.02	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Directly Exposed
CVE-2025-69420	MEDIUM5.02	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Directly Exposed
CVE-2026-22796	MEDIUM5.02	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42769	MEDIUM5.02	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34477	MEDIUM5.02	org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.4	0.4% Theoretical Threat	Directly Exposed
CVE-2025-53864	MEDIUM4.93	com.nimbusds:nimbus-jose-jwt 9.37.2 fixed in 10.0.2, 9.37.4	0.8% Theoretical Threat	Directly Exposed
CVE-2025-5916	MEDIUM4.76	libarchive 3.5.3-6.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1371	MEDIUM4.67	elfutils-debuginfod-client 0.193-1.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-debuginfod-client 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1371	MEDIUM4.67	elfutils-default-yama-scope 0.193-1.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-default-yama-scope 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1371	MEDIUM4.67	elfutils-libelf 0.193-1.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-libelf 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1371	MEDIUM4.67	elfutils-libs 0.193-1.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-libs 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-32776	MEDIUM4.67	expat 2.5.0-5.el9_7.1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-32777	MEDIUM4.67	expat 2.5.0-5.el9_7.1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-32778	MEDIUM4.67	expat 2.5.0-5.el9_7.1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-66382	MEDIUM4.67	expat 2.5.0-5.el9_7.1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-60753	MEDIUM4.67	libarchive 3.5.3-6.el9_6 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5745	MEDIUM4.67	libarchive 3.5.3-6.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1632	MEDIUM4.67	libarchive 3.5.3-6.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libgcc 11.5.0-11.el9 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc 11.5.0-11.el9 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libgomp 11.5.0-11.el9 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgomp 11.5.0-11.el9 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libstdc++ 11.5.0-11.el9 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libstdc++ 11.5.0-11.el9 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2025-9714	MEDIUM4.67	libxml2 2.9.13-12.el9_6 fixed in 2.9.13-14.el9_7	0.1% Theoretical Threat	Directly Exposed
CVE-2025-15469	MEDIUM4.67	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2026-22795	MEDIUM4.67	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2024-0232	MEDIUM4.67	sqlite-libs 3.34.1-9.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib 1.2.11-40.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2024-47535	MEDIUM4.67	io.netty:netty-common 4.1.100.Final fixed in 4.1.115.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-25193	MEDIUM4.67	io.netty:netty-common 4.1.100.Final fixed in 4.1.118.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-1489	MEDIUM4.59	glib2 2.68.4-18.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-23865	MEDIUM4.5	freetype 2.10.4-10.el9_5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-0915	MEDIUM4.5	glibc 2.34-231.el9_7.2 fixed in 2.34-231.el9_7.10	0.6% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-common 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-langpack-en 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-minimal-langpack 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2025-14831	MEDIUM4.5	gnutls 3.8.3-9.el9 fixed in 3.8.3-10.el9_7	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42015	MEDIUM4.5	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.7% Theoretical Threat	Directly Exposed
CVE-2026-22693	MEDIUM4.5	harfbuzz 2.7.4-10.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-30571	MEDIUM4.5	libarchive 3.5.3-6.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	xz-libs 5.2.5-8.el9_0 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47244	MEDIUM4.5	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50560	MEDIUM4.5	io.netty:netty-codec-http2 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2024-6763	MEDIUM4.5	org.eclipse.jetty:jetty-http 9.4.53.v20231009 fixed in 12.0.12	1.0% Theoretical Threat	Directly Exposed
CVE-2024-6763	MEDIUM4.5	org.eclipse.jetty:jetty-http 9.4.57.v20241219 fixed in 12.0.12	1.0% Theoretical Threat	Directly Exposed
CVE-2024-47554	MEDIUM4.3	commons-io:commons-io 2.8.0 fixed in 2.14.0	1.2% Low-Moderate Risk	Directly Exposed
CVE-2026-42250	MEDIUM4.25	bzip2-libs 1.0.8-10.el9_5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc 2.34-231.el9_7.2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc 2.34-231.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-common 2.34-231.el9_7.2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-common 2.34-231.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-langpack-en 2.34-231.el9_7.2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-langpack-en 2.34-231.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-minimal-langpack 2.34-231.el9_7.2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-minimal-langpack 2.34-231.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	krb5-libs 1.21.1-8.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-5917	MEDIUM4.25	libarchive 3.5.3-6.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-28164	MEDIUM4.25	libpng 2:1.6.37-12.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2025-15079	MEDIUM4.13	libcurl-minimal 7.76.1-34.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-28387	MEDIUM4.13	openssl 1:3.5.1-4.el9_7 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-45674	MEDIUM4.08	io.netty:netty-resolver-dns 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Post-ExploitContext importance: MEDIUM
CVE-2026-47691	MEDIUM4.08	io.netty:netty-resolver-dns 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Post-ExploitContext importance: MEDIUM
CVE-2026-54411	MEDIUM4.08	pam 1.5.1-26.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-68161	MEDIUM4.08	org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.3	0.7% Theoretical Threat	Directly Exposed
CVE-2025-15467	MEDIUM4.06	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	48.7% High Exploitation Risk	Post-Exploit
CVE-2025-15467	MEDIUM4.06	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	48.7% High Exploitation Risk	Post-Exploit
CVE-2025-1376	MEDIUM4	elfutils-debuginfod-client 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1376	MEDIUM4	elfutils-default-yama-scope 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1376	MEDIUM4	elfutils-libelf 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1376	MEDIUM4	elfutils-libs 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libfdisk 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2024-13176	MEDIUM4	openssl-libs 1:3.5.1-4.el9_7 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-68160	MEDIUM4	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-4598	MEDIUM4	systemd-libs 252-55.el9_7.2 fixed in 252-55.el9_7.7	0.6% Theoretical Threat	Directly Exposed
CVE-2025-4598	MEDIUM4	systemd-pam 252-55.el9_7.2 fixed in 252-55.el9_7.7	0.6% Theoretical Threat	Directly Exposed
CVE-2025-4598	MEDIUM4	systemd-rpm-macros 252-55.el9_7.2 fixed in 252-55.el9_7.7	0.6% Theoretical Threat	Directly Exposed
CVE-2025-11082	LOW3.98	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11083	LOW3.98	binutils 2.35.2-67.el9 fixed in 2.35.2-67.el9_7.1	0.2% Theoretical Threat	Post-Exploit
CVE-2025-5245	LOW3.98	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-7545	LOW3.98	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-44840	LOW3.98	binutils 2.35.2-67.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-11082	LOW3.98	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11083	LOW3.98	binutils-gold 2.35.2-67.el9 fixed in 2.35.2-67.el9_7.1	0.2% Theoretical Threat	Post-Exploit
CVE-2025-5245	LOW3.98	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-7545	LOW3.98	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-44840	LOW3.98	binutils-gold 2.35.2-67.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2021-3826	LOW3.9	binutils 2.35.2-67.el9 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2021-3826	LOW3.9	binutils-gold 2.35.2-67.el9 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2024-9681	LOW3.9	curl-minimal 7.76.1-34.el9 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2024-9681	LOW3.9	libcurl-minimal 7.76.1-34.el9 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2024-10524	LOW3.9	wget 1.21.1-8.el9_4 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2025-66864	LOW3.82	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-66866	LOW3.82	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69649	LOW3.82	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69650	LOW3.82	binutils 2.35.2-67.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-66864	LOW3.82	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-66866	LOW3.82	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69649	LOW3.82	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69650	LOW3.82	binutils-gold 2.35.2-67.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-5773	LOW3.82	curl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW3.82	curl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5773	LOW3.82	libcurl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW3.82	libcurl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-28390	LOW3.82	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-3.el9_8	0.8% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW3.82	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Post-Exploit
CVE-2025-69421	LOW3.82	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28388	LOW3.82	openssl 1:3.5.1-4.el9_7 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-28389	LOW3.82	openssl 1:3.5.1-4.el9_7 No fix yet	0.8% Theoretical Threat	Post-Exploit
CVE-2025-69419	LOW3.77	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW3.77	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Post-Exploit
CVE-2025-64505	LOW3.74	libpng 2:1.6.37-12.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-34757	LOW3.74	libpng 2:1.6.37-12.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42579	LOW3.71	io.netty:netty-codec-dns 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Post-ExploitContext importance: MEDIUM
CVE-2026-42584	LOW3.71	io.netty:netty-codec-http 4.1.100.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Post-ExploitContext importance: MEDIUM
CVE-2025-48924	LOW3.7	org.apache.commons:commons-lang3 3.12.0 fixed in 3.18.0	2.2% Low-Moderate Risk	Directly Exposed
CVE-2025-48924	LOW3.7	org.apache.commons:commons-lang3 3.14.0 fixed in 3.18.0	2.2% Low-Moderate Risk	Directly Exposed
CVE-2021-31879	LOW3.66	wget 1.21.1-8.el9_4 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2023-4156	LOW3.62	gawk 5.1.0-6.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2005-2541	LOW3.6	tar 2:1.34-7.el9 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2025-68973	LOW3.57	gnupg2 2.3.3-4.el9 fixed in 2.3.3-5.el9_7	0.1% Theoretical Threat	Post-Exploit
CVE-2026-44604	LOW3.57	rpm 4.16.1.3-39.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-1484	LOW3.57	glib2 2.68.4-18.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1153	LOW3.54	binutils 2.35.2-67.el9 No fix yet	1.3% Low-Moderate Risk	Post-Exploit
CVE-2025-1153	LOW3.54	binutils-gold 2.35.2-67.el9 No fix yet	1.3% Low-Moderate Risk	Post-Exploit
CVE-2024-11053	LOW3.54	curl-minimal 7.76.1-34.el9 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2024-11053	LOW3.54	libcurl-minimal 7.76.1-34.el9 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2024-41996	LOW3.54	openssl 1:3.5.1-4.el9_7 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2025-13034	LOW3.47	curl-minimal 7.76.1-34.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	curl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-13034	LOW3.47	libcurl-minimal 7.76.1-34.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	libcurl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2024-25260	LOW3.4	elfutils-debuginfod-client 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-25260	LOW3.4	elfutils-default-yama-scope 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-25260	LOW3.4	elfutils-libelf 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-25260	LOW3.4	elfutils-libs 0.193-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-common 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-langpack-en 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-minimal-langpack 2.34-231.el9_7.2 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-9820	LOW3.4	gnutls 3.8.3-9.el9 fixed in 3.8.3-10.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW3.4	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Directly Exposed
CVE-2025-49128	LOW3.4	com.fasterxml.jackson.core:jackson-core 2.12.7 fixed in 2.13.0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-kqueue 4.1.100.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2023-1972	LOW3.31	binutils 2.35.2-67.el9 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2023-1972	LOW3.31	binutils-gold 2.35.2-67.el9 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-3784	LOW3.31	curl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	curl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	curl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	curl-minimal 7.76.1-34.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-3784	LOW3.31	libcurl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	libcurl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	libcurl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	libcurl-minimal 7.76.1-34.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-2673	LOW3.31	openssl 1:3.5.1-4.el9_7 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-33056	LOW3.31	tar 2:1.34-7.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-46392	LOW3.3	commons-configuration:commons-configuration 1.10 No fix yet	1.7% Low-Moderate Risk	Directly Exposed
CVE-2021-20197	LOW3.21	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2021-20197	LOW3.21	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-3805	LOW3.21	curl-minimal 7.76.1-34.el9 No fix yet	0.7% Theoretical Threat	Post-Exploit
CVE-2026-3805	LOW3.21	libcurl-minimal 7.76.1-34.el9 No fix yet	0.7% Theoretical Threat	Post-Exploit
CVE-2026-34181	LOW3.21	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Post-Exploit
CVE-2026-42768	LOW3.21	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5958	LOW3.21	sed 4.8-9.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-9086	LOW3.18	curl-minimal 7.76.1-34.el9 fixed in 7.76.1-35.el9_7.3	1.3% Low-Moderate Risk	Post-Exploit
CVE-2025-9086	LOW3.18	libcurl-minimal 7.76.1-34.el9 fixed in 7.76.1-35.el9_7.3	1.3% Low-Moderate Risk	Post-Exploit
CVE-2025-48734	LOW3.17	commons-beanutils:commons-beanutils 1.9.4 fixed in 1.11.0	1.5% Low-Moderate Risk	Post-Exploit
CVE-2026-41080	LOW3.15	expat 2.5.0-5.el9_7.1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-3360	LOW3.15	glib2 2.68.4-18.el9_7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-7039	LOW3.15	glib2 2.68.4-18.el9_7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0988	LOW3.15	glib2 2.68.4-18.el9_7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3832	LOW3.15	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5419	LOW3.15	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0989	LOW3.15	libxml2 2.9.13-12.el9_6 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4647	LOW3.11	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-4647	LOW3.11	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11187	LOW3.11	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux-core 2.37.4-21.el9 fixed in 2.37.4-21.el9_7	0.2% Theoretical Threat	Post-Exploit
CVE-2025-9232	LOW3.1	openssl-libs 1:3.5.1-4.el9_7 No fix yet	2.0% Low-Moderate Risk	Directly Exposed
CVE-2026-31790	LOW3.01	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-2.el9_8	1.0% Theoretical Threat	Post-Exploit
CVE-2026-42764	LOW3.01	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.7% Theoretical Threat	Post-Exploit
CVE-2025-15468	LOW3.01	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.7% Theoretical Threat	Post-Exploit
CVE-2025-66199	LOW3.01	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Post-Exploit
CVE-2025-69420	LOW3.01	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Post-Exploit
CVE-2026-22796	LOW3.01	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Post-Exploit
CVE-2026-42769	LOW3.01	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW3.01	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW3.01	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2025-14087	LOW3	glib2 2.68.4-18.el9_7 fixed in 2.68.4-19.el9_8.1	0.8% Theoretical Threat	Post-Exploit
CVE-2026-42010	LOW3	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.8% Theoretical Threat	Post-Exploit
CVE-2026-31789	LOW3	openssl 1:3.5.1-4.el9_7 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-31789	LOW3	openssl-libs 1:3.5.1-4.el9_7 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-45447	LOW2.92	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45447	LOW2.92	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-3783	LOW2.91	curl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-3783	LOW2.91	libcurl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-45582	LOW2.86	tar 2:1.34-7.el9 fixed in 2:1.34-9.el9_7	0.4% Theoretical Threat	Post-Exploit
CVE-2021-45078	LOW2.81	binutils 2.35.2-67.el9 No fix yet	1.3% Low-Moderate Risk	Post-Exploit
CVE-2021-45078	LOW2.81	binutils-gold 2.35.2-67.el9 No fix yet	1.3% Low-Moderate Risk	Post-Exploit
CVE-2025-11081	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-6844	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2022-38533	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-47007	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47008	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47010	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47011	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-11412	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11413	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11414	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11494	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11495	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11839	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-11840	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-3198	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69651	LOW2.8	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11081	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-6844	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2022-38533	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-47007	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47008	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47010	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-47011	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-11412	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11413	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11414	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11494	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11495	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-11839	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-11840	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-3198	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69651	LOW2.8	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-24883	LOW2.8	gnupg2 2.3.3-4.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-15469	LOW2.8	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Post-Exploit
CVE-2026-22795	LOW2.8	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Post-Exploit
CVE-2026-7383	LOW2.8	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 2:1.34-7.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-41990	LOW2.8	libgcrypt 1.10.0-11.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-70873	LOW2.8	sqlite-libs 3.34.1-9.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 22.0 fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 27.0-jre fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2026-33845	LOW2.78	gnutls 3.8.3-9.el9 fixed in 3.8.10-4.el9_8	0.6% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	openssl-libs 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2025-27113	LOW2.7	libxml2 2.9.13-12.el9_6 No fix yet	1.0% Low-Moderate Risk	Post-Exploit
CVE-2026-2100	LOW2.7	p11-kit 0.25.3-3.el9_5 fixed in 0.26.2-1.el9	1.0% Low-Moderate Risk	Post-Exploit
CVE-2026-2100	LOW2.7	p11-kit-trust 0.25.3-3.el9_5 fixed in 0.26.2-1.el9	1.0% Low-Moderate Risk	Post-Exploit
CVE-2026-4873	LOW2.7	curl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	curl-minimal 7.76.1-34.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	curl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-4873	LOW2.7	libcurl-minimal 7.76.1-34.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	libcurl-minimal 7.76.1-34.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	libcurl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42766	LOW2.7	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.6% Theoretical Threat	Post-Exploit
CVE-2026-42767	LOW2.7	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Post-Exploit
CVE-2024-7264	LOW2.69	curl-minimal 7.76.1-34.el9 No fix yet	16.2% High Exploitation Risk	Post-Exploit
CVE-2024-7264	LOW2.69	libcurl-minimal 7.76.1-34.el9 No fix yet	16.2% High Exploitation Risk	Post-Exploit
CVE-2026-6845	LOW2.55	binutils 2.35.2-67.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2024-57360	LOW2.55	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-6845	LOW2.55	binutils-gold 2.35.2-67.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2024-57360	LOW2.55	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-34180	LOW2.55	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Post-Exploit
CVE-2025-15079	LOW2.48	curl-minimal 7.76.1-34.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-0992	LOW2.46	libxml2 2.9.13-12.el9_6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-14017	LOW2.45	curl-minimal 7.76.1-34.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-14017	LOW2.45	libcurl-minimal 7.76.1-34.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	curl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gnupg2 2.3.3-4.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gnupg2 2.3.3-4.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	libcurl-minimal 7.76.1-34.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-13176	LOW2.4	openssl 1:3.5.1-4.el9_7 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-68160	LOW2.4	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Post-Exploit
CVE-2025-64118	LOW2.4	tar 2:1.34-7.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux-core 2.37.4-21.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-1485	LOW2.38	glib2 2.68.4-18.el9_7 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-5278	LOW2.24	coreutils-single 8.32-39.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-24515	LOW2.12	expat 2.5.0-5.el9_7.1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-6170	LOW2.12	libxml2 2.9.13-12.el9_6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW2.04	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Post-Exploit
CVE-2025-1152	LOW1.89	binutils 2.35.2-67.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1152	LOW1.89	binutils-gold 2.35.2-67.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-45446	LOW1.89	openssl 1:3.5.1-4.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Post-Exploit
CVE-2025-9232	LOW1.86	openssl 1:3.5.1-4.el9_7 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2025-66861	LOW1.68	binutils 2.35.2-67.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-66862	LOW1.68	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-66863	LOW1.68	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-66865	LOW1.68	binutils 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69647	LOW1.68	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69648	LOW1.68	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69652	LOW1.68	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-66861	LOW1.68	binutils-gold 2.35.2-67.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-66862	LOW1.68	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-66863	LOW1.68	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-66865	LOW1.68	binutils-gold 2.35.2-67.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69647	LOW1.68	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69648	LOW1.68	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69652	LOW1.68	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gnupg2 2.3.3-4.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2023-39804	LOW1.68	tar 2:1.34-7.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-1150	LOW1.58	binutils 2.35.2-67.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1151	LOW1.58	binutils 2.35.2-67.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1150	LOW1.58	binutils-gold 2.35.2-67.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1151	LOW1.58	binutils-gold 2.35.2-67.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-69644	LOW1.43	binutils 2.35.2-67.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-69645	LOW1.43	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69646	LOW1.43	binutils 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69644	LOW1.43	binutils-gold 2.35.2-67.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-69645	LOW1.43	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69646	LOW1.43	binutils-gold 2.35.2-67.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-29111	NONE0	systemd 252-55.el9_7.2 fixed in 252-67.el9_8.2	0.1% Theoretical Threat	Not Applicable
CVE-2026-4105	NONE0	systemd 252-55.el9_7.2 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.2-12.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-libs 6.2-12.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2025-4598	NONE0	systemd 252-55.el9_7.2 fixed in 252-55.el9_7.7	0.6% Theoretical Threat	Not Applicable
CVE-2025-48924	NONE0	commons-lang:commons-lang 2.6 No fix yet	2.2% Low-Moderate Risk	Not Applicable
CVE-2026-22020	NONE0	libpng 2:1.6.37-12.el9 No fix yet	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.12.7 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.16.1 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.18.1 fixed in 2.21.1, 2.18.6	—	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec 4.1.100.Final fixed in 4.1.133.Final	0.4% Theoretical Threat	Not Applicable
CVE-2026-45205	NONE0	org.apache.commons:commons-configuration2 2.10.1 fixed in 2.15.0	0.5% Theoretical Threat	Not Applicable
CVE-2025-27821	NONE0	org.apache.hadoop:hadoop-hdfs-native-client 3.4.1 fixed in 3.4.2	0.8% Theoretical Threat	Not Applicable