This image carries significant risk; production deployment is highly discouraged without strict compensating controls. The image contains 20 exposed vulnerabilities of medium severity (max 6.38), all denial-of-service issues in OpenSSL and Go crypto libraries. Exploitation requires non-default configurations (e.g., enabling delta CRL processing or QUIC) and is unlikely in typical kube-bench scanner usage. An attacker could cause service disruption, but no remote code execution or data exposure is possible. Compensating controls such as network segmentation and disabling unused TLS features can reduce risk. Note that CVE-2026-28388 only applies if delta CRL processing is enabled, which is not the default.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-28388 | MEDIUM6.38 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34183 | MEDIUM6.38 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM6.38 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34183 | MEDIUM6.38 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-32280 | MEDIUM6.38 | stdlib v1.25.5 fixed in 1.25.9, 1.26.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-32281 | MEDIUM6.38 | stdlib v1.25.5 fixed in 1.25.9, 1.26.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-32283 | MEDIUM6.38 | stdlib v1.25.5 fixed in 1.25.9, 1.26.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-33811 | MEDIUM6.38 | stdlib v1.25.5 fixed in 1.25.10, 1.26.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-33814 | MEDIUM6.38 | stdlib v1.25.5 fixed in 1.25.10, 1.26.3 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-39820 | MEDIUM6.38 | stdlib v1.25.5 fixed in 1.25.10, 1.26.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-39836 | MEDIUM6.38 | stdlib v1.25.5 fixed in 1.25.10, 1.26.3 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-29181 | MEDIUM6.38 | go.opentelemetry.io/otel v1.36.0 fixed in 1.41.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-35469 | MEDIUM5.52 | github.com/moby/spdystream v0.5.0 fixed in 0.5.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-32282 | MEDIUM5.44 | stdlib v1.25.5 fixed in 1.25.9, 1.26.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-11187 | MEDIUM5.18 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-11187 | MEDIUM5.18 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-32289 | MEDIUM5.18 | stdlib v1.25.5 fixed in 1.25.9, 1.26.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-15469 | MEDIUM4.67 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-15469 | MEDIUM4.67 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6042 | MEDIUM4.67 | musl 1.2.5-r21 fixed in 1.2.5-r22 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27171 | MEDIUM4.67 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-32288 | MEDIUM4.67 | stdlib v1.25.5 fixed in 1.25.9, 1.26.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-27142 | MEDIUM4.59 | stdlib v1.25.5 fixed in 1.25.8, 1.26.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-39826 | MEDIUM4.59 | stdlib v1.25.5 fixed in 1.25.10, 1.26.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-61730 | MEDIUM4.5 | stdlib v1.25.5 fixed in 1.24.12, 1.25.6 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-15467 | MEDIUM4.06 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 48.7% High Exploitation Risk | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 48.7% High Exploitation Risk | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 48.7% High Exploitation Risk | Post-Exploit |
| CVE-2025-68160 | MEDIUM4 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-68160 | MEDIUM4 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | LOW3.77 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-34182 | LOW3.77 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-69418 | LOW3.4 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | LOW3.31 | openssl 3.5.4-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-34181 | LOW3.21 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-42768 | LOW3.21 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-45446 | LOW3.15 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-11187 | LOW3.11 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-68121 | LOW3.06 | stdlib v1.25.5 fixed in 1.24.13, 1.25.7, 1.26.0-rc.3 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-31790 | LOW3.01 | openssl 3.5.4-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Post-Exploit |
| CVE-2026-42764 | LOW3.01 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2025-15468 | LOW3.01 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2025-66199 | LOW3.01 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-69420 | LOW3.01 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-22796 | LOW3.01 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-42769 | LOW3.01 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42770 | LOW3.01 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-9076 | LOW3.01 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | openssl 3.5.4-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-41889 | LOW3 | github.com/jackc/pgx/v5 v5.6.0 fixed in 5.9.2 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2025-15469 | LOW2.8 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-22795 | LOW2.8 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-7383 | LOW2.8 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42766 | LOW2.7 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-42767 | LOW2.7 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-34180 | LOW2.55 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-33816 | LOW2.54 | github.com/jackc/pgx/v5 v5.6.0 fixed in 5.9.0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | openssl 3.5.4-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-68160 | LOW2.4 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-40200 | LOW2.39 | musl 1.2.5-r21 fixed in 1.2.5-r23 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-22184 | LOW2.39 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW2.29 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW2.29 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW2.29 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28388 | LOW2.29 | openssl 3.5.4-r0 fixed in 3.5.6-r0 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW2.29 | openssl 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28390 | LOW2.29 | openssl 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-34183 | LOW2.29 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-61726 | LOW2.29 | stdlib v1.25.5 fixed in 1.24.12, 1.25.6 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-25679 | LOW2.29 | stdlib v1.25.5 fixed in 1.25.8, 1.26.1 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-61728 | LOW2.29 | stdlib v1.25.5 fixed in 1.24.12, 1.25.6 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-27139 | LOW2.12 | stdlib v1.25.5 fixed in 1.25.8, 1.26.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW2.04 | openssl 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-45446 | LOW1.89 | openssl 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-40200 | NONE0 | musl-utils 1.2.5-r21 fixed in 1.2.5-r23 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-6042 | NONE0 | musl-utils 1.2.5-r21 fixed in 1.2.5-r22 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-39823 | NONE0 | stdlib v1.25.5 fixed in 1.25.10, 1.26.3 | 0.3% Theoretical Threat | Not Applicable |
| CVE-2026-39825 | NONE0 | stdlib v1.25.5 fixed in 1.25.10, 1.26.3 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-42499 | NONE0 | stdlib v1.25.5 fixed in 1.25.10, 1.26.3 | 0.6% Theoretical Threat | Not Applicable |
| CVE-2026-42504 | NONE0 | stdlib v1.25.5 fixed in 1.25.11, 1.26.4 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-27145 | NONE0 | stdlib v1.25.5 fixed in 1.25.11, 1.26.4 | 0.3% Theoretical Threat | Not Applicable |
| CVE-2026-42507 | NONE0 | stdlib v1.25.5 fixed in 1.25.11, 1.26.4 | 0.3% Theoretical Threat | Not Applicable |