Vulnerability Reportbitnamilegacy/valkey-sentinel:8.1.3

bitnamilegacy/valkey-sentinel:8.1.3-debian-12-r0bitnamilegacy/valkey-sentinel:8.1.3

DIGESTsha256:f74f4d3b96f5bc0aeb08b5cc94627f9fc2c6f3d927a62409344d289f53208874

Executive Summary

Threat ScoreCAUTION• 128 exposed vulnerabilities found, 26 with severity ≥6.0, indicating a large attack surface.• One high-severity CVE (CVE-2019-9192, CVSS 7.5) enables network-based denial of service via glibc recursion in regex parsing.• Multiple TLS library flaws (e.g., CVE-2025-32990 in GnuTLS) allow potential remote compromise under non-default configurations.• Image from unverified community publisher 'bitnamilegacy' with low trust score (55) and no official backing.

60/100CAUTION

ReputationCOMMUNITY• Community Image with low/unknown reputation• Pinned by digest (Immutable)

UNVERIFIED

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. The most impactful vulnerability (CVE-2019-9192) allows remote denial of service through a crafted regex pattern, while several GnuTLS and OpenSSL issues could enable authentication bypass or code execution if non-default features (e.g., RSA-PSK cipher suites, DANE TLSA) are enabled. Notably, CVE-2026-42010 only applies when RSA-PSK is configured, which is not the default for Valkey Sentinel. Remediation should focus on updating the base image and disabling unused TLS features to reduce the attack surface.

Vulnerabilities

Vulnerability Log

280 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2019-9192	HIGH7.5	libc6 2.36-9+deb12u10 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2025-32990	MEDIUM6.97	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u5	0.7% Theoretical Threat	Directly Exposed
CVE-2026-42013	MEDIUM6.97	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.4% Theoretical Threat	Directly Exposed
CVE-2026-5260	MEDIUM6.97	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.7% Theoretical Threat	Directly Exposed
CVE-2026-0861	MEDIUM6.88	libc-bin 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0861	MEDIUM6.88	libc6 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.4% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM6.88	libssl3 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42010	MEDIUM6.66	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.8% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-48962	MEDIUM6.63	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	libsystemd0 252.38-1~deb12u1 fixed in 252.39-1~deb12u2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	libudev1 252.38-1~deb12u1 fixed in 252.39-1~deb12u2	0.1% Theoretical Threat	Directly Exposed
CVE-2025-32988	MEDIUM6.56	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u5	1.2% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-41989	MEDIUM6.38	libgcrypt20 1.10.1-3 fixed in 1.10.1-3+deb12u1	0.2% Theoretical Threat	Directly Exposed
CVE-2026-33846	MEDIUM6.38	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.9% Theoretical Threat	Directly Exposed
CVE-2026-42009	MEDIUM6.38	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.8% Theoretical Threat	Directly Exposed
CVE-2026-42497	MEDIUM6.38	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-9538	MEDIUM6.38	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-69421	MEDIUM6.38	libssl3 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.8% Theoretical Threat	Directly Exposed
CVE-2026-28388	MEDIUM6.38	libssl3 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.9% Theoretical Threat	Directly Exposed
CVE-2026-28389	MEDIUM6.38	libssl3 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.8% Theoretical Threat	Directly Exposed
CVE-2026-28390	MEDIUM6.38	libssl3 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.8% Theoretical Threat	Directly Exposed
CVE-2026-3833	MEDIUM6.29	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42011	MEDIUM6.29	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.3% Theoretical Threat	Directly Exposed
CVE-2025-69419	MEDIUM6.29	libssl3 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34182	MEDIUM6.29	libssl3 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42012	MEDIUM6.03	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.3% Theoretical Threat	Directly Exposed
CVE-2025-4802	MEDIUM5.95	libc-bin 2.36-9+deb12u10 fixed in 2.36-9+deb12u11	0.4% Theoretical Threat	Directly Exposed
CVE-2025-4802	MEDIUM5.95	libc6 2.36-9+deb12u10 fixed in 2.36-9+deb12u11	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4878	MEDIUM5.95	libcap2 1:2.66-4+deb12u1 fixed in 1:2.66-4+deb12u3	0.2% Theoretical Threat	Directly Exposed
CVE-2024-2236	MEDIUM5.9	libgcrypt20 1.10.1-3 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2025-13151	MEDIUM5.9	libtasn1-6 4.19.0-2+deb12u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-4105	MEDIUM5.7	libsystemd0 252.38-1~deb12u1 fixed in 252.39-1~deb12u2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	libudev1 252.38-1~deb12u1 fixed in 252.39-1~deb12u2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-42014	MEDIUM5.61	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-9230	MEDIUM5.6	libssl3 3.0.16-1~deb12u1 fixed in 3.0.17-1~deb12u3	1.8% Low-Moderate Risk	Directly Exposed
CVE-2011-3389	MEDIUM5.59	libgnutls30 3.7.9-2+deb12u4 No fix yet	73.3% Actively Exploited	Directly Exposed
CVE-2026-4437	MEDIUM5.52	libc-bin 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc-bin 2.36-9+deb12u10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	libc6 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.36-9+deb12u10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-6395	MEDIUM5.52	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u5	0.6% Theoretical Threat	Directly Exposed
CVE-2026-40225	MEDIUM5.44	libsystemd0 252.38-1~deb12u1 fixed in 252.39-1~deb12u2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libsystemd0 252.38-1~deb12u1 fixed in 252.39-1~deb12u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40225	MEDIUM5.44	libudev1 252.38-1~deb12u1 fixed in 252.39-1~deb12u2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libudev1 252.38-1~deb12u1 fixed in 252.39-1~deb12u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc-bin 2.36-9+deb12u10 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc-bin 2.36-9+deb12u10 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc6 2.36-9+deb12u10 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc6 2.36-9+deb12u10 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2025-32989	MEDIUM5.3	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u5	1.2% Low-Moderate Risk	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc-bin 2.36-9+deb12u10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-15281	MEDIUM5.02	libc-bin 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.36-9+deb12u10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-15281	MEDIUM5.02	libc6 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.3% Theoretical Threat	Directly Exposed
CVE-2025-40909	MEDIUM5.02	libperl5.36 5.36.0-7+deb12u2 fixed in 5.36.0-7+deb12u3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	libssl3 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	1.0% Theoretical Threat	Directly Exposed
CVE-2025-69420	MEDIUM5.02	libssl3 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.8% Theoretical Threat	Directly Exposed
CVE-2026-22796	MEDIUM5.02	libssl3 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	libssl3 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	libssl3 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-45447	MEDIUM4.86	openssl 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	1.4% Low-Moderate Risk	Post-Exploit
CVE-2023-31486	MEDIUM4.86	perl-base 5.36.0-7+deb12u2 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2023-31486	MEDIUM4.86	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2022-27943	MEDIUM4.67	gcc-12-base 12.2.0-14+deb12u1 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libblkid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc-s1 12.2.0-14+deb12u1 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libmount1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-22795	MEDIUM4.67	libssl3 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libssl3 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.3% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libstdc++6 12.2.0-14+deb12u1 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libuuid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.2.13.dfsg-1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45445	MEDIUM4.64	openssl 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42496	MEDIUM4.64	perl 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-42496	MEDIUM4.64	perl-base 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-42496	MEDIUM4.64	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-3184	MEDIUM4.5	libblkid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0915	MEDIUM4.5	libc-bin 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.6% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc-bin 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0915	MEDIUM4.5	libc6 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.6% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc6 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.4% Theoretical Threat	Directly Exposed
CVE-2025-14831	MEDIUM4.5	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u6	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42015	MEDIUM4.5	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.7% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.4.1-1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libmount1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-12087	MEDIUM4.5	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	libssl3 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libssl3 3.0.16-1~deb12u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libsystemd0 252.38-1~deb12u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libsystemd0 252.38-1~deb12u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libsystemd0 252.38-1~deb12u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libudev1 252.38-1~deb12u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libudev1 252.38-1~deb12u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libudev1 252.38-1~deb12u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libuuid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42250	MEDIUM4.25	libbz2-1.0 1.0.8-5+b1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc-bin 2.36-9+deb12u10 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc-bin 2.36-9+deb12u10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc6 2.36-9+deb12u10 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc6 2.36-9+deb12u10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libssl3 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.5% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM4.13	openssl 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.6% Theoretical Threat	Post-Exploit
CVE-2025-15467	MEDIUM4.06	libssl3 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	48.7% High Exploitation Risk	Post-Exploit
CVE-2025-15467	MEDIUM4.06	openssl 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	48.7% High Exploitation Risk	Post-Exploit
CVE-2026-27456	MEDIUM4	libblkid1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-68160	MEDIUM4	libssl3 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.2% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	MEDIUM4	libc-bin 2.36-9+deb12u10 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2010-4756	MEDIUM4	libc6 2.36-9+deb12u10 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2026-48962	LOW3.98	perl 5.36.0-7+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-48962	LOW3.98	perl-base 5.36.0-7+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-48962	LOW3.98	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69421	LOW3.82	openssl 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28388	LOW3.82	openssl 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.9% Theoretical Threat	Post-Exploit
CVE-2026-28389	LOW3.82	openssl 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28390	LOW3.82	openssl 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.8% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW3.82	perl 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW3.82	perl 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW3.82	perl-base 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW3.82	perl-base 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW3.82	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW3.82	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-69419	LOW3.77	openssl 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.4% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW3.77	openssl 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.2% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW3.7	libapt-pkg6.0 2.6.1 No fix yet	1.2% Low-Moderate Risk	Directly Exposed
CVE-2005-2541	LOW3.6	tar 1.34+dfsg-1.2+deb12u1 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2025-8058	LOW3.57	libc-bin 2.36-9+deb12u10 fixed in 2.36-9+deb12u13	0.2% Theoretical Threat	Directly Exposed
CVE-2025-8058	LOW3.57	libc6 2.36-9+deb12u10 fixed in 2.36-9+deb12u13	0.2% Theoretical Threat	Directly Exposed
CVE-2019-1010022	LOW3.53	libc-bin 2.36-9+deb12u10 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2019-1010022	LOW3.53	libc6 2.36-9+deb12u10 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2023-45853	LOW3.53	zlib1g 1:1.2.13.dfsg-1 No fix yet	2.9% Low-Moderate Risk	Post-Exploit
CVE-2026-4438	LOW3.4	libc-bin 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	libc6 2.36-9+deb12u10 fixed in 2.36-9+deb12u14	0.2% Theoretical Threat	Directly Exposed
CVE-2025-9820	LOW3.4	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u6	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW3.4	libssl3 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.1% Theoretical Threat	Directly Exposed
CVE-2025-9230	LOW3.36	openssl 3.0.16-1~deb12u1 fixed in 3.0.17-1~deb12u3	1.8% Low-Moderate Risk	Post-Exploit
CVE-2016-2781	LOW3.31	coreutils 9.1-1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5958	LOW3.21	sed 4.9-1 fixed in 4.9-1+deb12u1	0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010023	LOW3.17	libc-bin 2.36-9+deb12u10 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2019-1010023	LOW3.17	libc6 2.36-9+deb12u10 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2026-5419	LOW3.15	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.5% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	libssl3 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	LOW3.11	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-9232	LOW3.1	libssl3 3.0.16-1~deb12u1 fixed in 3.0.17-1~deb12u3	2.0% Low-Moderate Risk	Directly Exposed
CVE-2026-31790	LOW3.01	openssl 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	1.0% Theoretical Threat	Post-Exploit
CVE-2025-69420	LOW3.01	openssl 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.8% Theoretical Threat	Post-Exploit
CVE-2026-22796	LOW3.01	openssl 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.5% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW3.01	openssl 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW3.01	openssl 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.3% Theoretical Threat	Post-Exploit
CVE-2025-40909	LOW3.01	perl 5.36.0-7+deb12u2 fixed in 5.36.0-7+deb12u3	0.4% Theoretical Threat	Post-Exploit
CVE-2025-40909	LOW3.01	perl-base 5.36.0-7+deb12u2 fixed in 5.36.0-7+deb12u3	0.4% Theoretical Threat	Post-Exploit
CVE-2025-40909	LOW3.01	perl-modules-5.36 5.36.0-7+deb12u2 fixed in 5.36.0-7+deb12u3	0.4% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-31789	LOW3	libssl3 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.2% Theoretical Threat	Post-Exploit
CVE-2026-31789	LOW3	openssl 3.0.16-1~deb12u1 fixed in 3.0.19-1~deb12u2	0.2% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl-base 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2023-31484	LOW2.92	libperl5.36 5.36.0-7+deb12u2 fixed in 5.36.0-7+deb12u3	1.6% Low-Moderate Risk	Post-Exploit
CVE-2023-31486	LOW2.92	libperl5.36 5.36.0-7+deb12u2 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2026-45447	LOW2.92	libssl3 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	1.4% Low-Moderate Risk	Post-Exploit
CVE-2023-31484	LOW2.92	perl 5.36.0-7+deb12u2 fixed in 5.36.0-7+deb12u3	1.6% Low-Moderate Risk	Post-Exploit
CVE-2023-31486	LOW2.92	perl 5.36.0-7+deb12u2 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2023-31484	LOW2.92	perl-base 5.36.0-7+deb12u2 fixed in 5.36.0-7+deb12u3	1.6% Low-Moderate Risk	Post-Exploit
CVE-2023-31484	LOW2.92	perl-modules-5.36 5.36.0-7+deb12u2 fixed in 5.36.0-7+deb12u3	1.6% Low-Moderate Risk	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-22795	LOW2.8	openssl 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.1% Theoretical Threat	Post-Exploit
CVE-2026-7383	LOW2.8	openssl 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.34+dfsg-1.2+deb12u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW2.8	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2023-4016	LOW2.8	libproc2-0 2:4.0.2-3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libsystemd0 252.38-1~deb12u1 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 252.38-1~deb12u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libudev1 252.38-1~deb12u1 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 252.38-1~deb12u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-33845	LOW2.78	libgnutls30 3.7.9-2+deb12u4 fixed in 3.7.9-2+deb12u7	0.6% Theoretical Threat	Post-Exploit
CVE-2026-42496	LOW2.78	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	libssl3 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.3% Theoretical Threat	Post-Exploit
CVE-2018-20796	LOW2.7	libc-bin 2.36-9+deb12u10 No fix yet	5.8% Low-Moderate Risk	Post-Exploit
CVE-2019-9192	LOW2.7	libc-bin 2.36-9+deb12u10 No fix yet	2.4% Low-Moderate Risk	Post-Exploit
CVE-2018-20796	LOW2.7	libc6 2.36-9+deb12u10 No fix yet	5.8% Low-Moderate Risk	Post-Exploit
CVE-2018-6829	LOW2.7	libgcrypt20 1.10.1-3 No fix yet	1.8% Low-Moderate Risk	Post-Exploit
CVE-2026-3184	LOW2.7	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	mount 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42766	LOW2.7	openssl 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.6% Theoretical Threat	Post-Exploit
CVE-2026-42767	LOW2.7	openssl 3.0.16-1~deb12u1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-12087	LOW2.7	perl 5.36.0-7+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-12087	LOW2.7	perl-base 5.36.0-7+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-12087	LOW2.7	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-34180	LOW2.55	openssl 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.5% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	login 1:4.13+dfsg1-1+deb12u1 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	passwd 1:4.13+dfsg1-1+deb12u1 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 9.1-1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-68160	LOW2.4	openssl 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.2% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 9.1-1 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 2.6.1 No fix yet	1.2% Low-Moderate Risk	Post-Exploit
CVE-2025-69418	LOW2.04	openssl 3.0.16-1~deb12u1 fixed in 3.0.18-1~deb12u2	0.1% Theoretical Threat	Post-Exploit
CVE-2026-45446	LOW1.89	openssl 3.0.16-1~deb12u1 fixed in 3.0.20-1~deb12u2	0.2% Theoretical Threat	Post-Exploit
CVE-2025-9232	LOW1.86	openssl 3.0.16-1~deb12u1 fixed in 3.0.17-1~deb12u3	2.0% Low-Moderate Risk	Post-Exploit
CVE-2024-56433	LOW1.84	login 1:4.13+dfsg1-1+deb12u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	passwd 1:4.13+dfsg1-1+deb12u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2023-4016	LOW1.68	procps 2:4.0.2-3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69720	NONE0	libncursesw6 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-6020	NONE0	libpam-modules 1.5.2-6+deb12u1 fixed in 1.5.2-6+deb12u2	0.4% Theoretical Threat	Not Applicable
CVE-2025-6020	NONE0	libpam-modules-bin 1.5.2-6+deb12u1 fixed in 1.5.2-6+deb12u2	0.4% Theoretical Threat	Not Applicable
CVE-2025-6020	NONE0	libpam-runtime 1.5.2-6+deb12u1 fixed in 1.5.2-6+deb12u2	0.4% Theoretical Threat	Not Applicable
CVE-2025-6020	NONE0	libpam0g 1.5.2-6+deb12u1 fixed in 1.5.2-6+deb12u2	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libtinfo6 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-68973	NONE0	gpgv 2.2.40-1.1 fixed in 2.2.40-1.1+deb12u2	0.1% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libncursesw6 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libtinfo6 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2024-22365	NONE0	libpam-modules 1.5.2-6+deb12u1 fixed in 1.5.2-6+deb12u2	0.5% Theoretical Threat	Not Applicable
CVE-2024-22365	NONE0	libpam-modules-bin 1.5.2-6+deb12u1 fixed in 1.5.2-6+deb12u2	0.5% Theoretical Threat	Not Applicable
CVE-2024-22365	NONE0	libpam-runtime 1.5.2-6+deb12u1 fixed in 1.5.2-6+deb12u2	0.5% Theoretical Threat	Not Applicable
CVE-2024-22365	NONE0	libpam0g 1.5.2-6+deb12u1 fixed in 1.5.2-6+deb12u2	0.5% Theoretical Threat	Not Applicable
CVE-2025-30258	NONE0	gpgv 2.2.40-1.1 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-68972	NONE0	gpgv 2.2.40-1.1 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-modules 1.5.2-6+deb12u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-modules-bin 1.5.2-6+deb12u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-runtime 1.5.2-6+deb12u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam0g 1.5.2-6+deb12u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2022-3219	NONE0	gpgv 2.2.40-1.1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libncursesw6 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.2.15-2+b8 No fix yet	—	Not Applicable
CVE-2026-2219	NONE0	dpkg 1.21.22 fixed in 1.21.23	0.4% Theoretical Threat	Not Applicable
CVE-2025-6297	NONE0	dpkg 1.21.22 fixed in 1.21.23	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-modules 1.5.2-6+deb12u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-modules-bin 1.5.2-6+deb12u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-runtime 1.5.2-6+deb12u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam0g 1.5.2-6+deb12u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-48959	NONE0	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-15649	NONE0	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-7010	NONE0	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-48961	NONE0	libperl5.36 5.36.0-7+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-27587	NONE0	libssl3 3.0.16-1~deb12u1 No fix yet	0.4% Theoretical Threat	Not Applicable
TEMP-0628843-DBAD28	NONE0	login 1:4.13+dfsg1-1+deb12u1 No fix yet	—	Not Applicable
CVE-2025-27587	NONE0	openssl 3.0.16-1~deb12u1 No fix yet	0.4% Theoretical Threat	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.13+dfsg1-1+deb12u1 No fix yet	—	Not Applicable
CVE-2026-48959	NONE0	perl 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-15649	NONE0	perl 5.36.0-7+deb12u2 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-7010	NONE0	perl 5.36.0-7+deb12u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-48961	NONE0	perl 5.36.0-7+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-48959	NONE0	perl-base 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-15649	NONE0	perl-base 5.36.0-7+deb12u2 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-7010	NONE0	perl-base 5.36.0-7+deb12u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-48961	NONE0	perl-base 5.36.0-7+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-48959	NONE0	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-15649	NONE0	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-7010	NONE0	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-48961	NONE0	perl-modules-5.36 5.36.0-7+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysv-rc 3.06-4 No fix yet	—	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 3.06-4 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.34+dfsg-1.2+deb12u1 No fix yet	—	Not Applicable