Vulnerability Reportchromadb/chroma:latest

chromadb/chroma:latest

DIGESTsha256:1e0b73a187a28757c572acba508c46f48c9e8b0acaf5c20e6d95cdedce1acdf6

Executive Summary

Threat ScoreNEEDS ATTENTION• Image has 52 exposed vulnerabilities with a maximum severity of 6.0, 4 of which are at severity 6.0.• Two distinct glibc regex vulnerabilities (CVE-2018-20796 and CVE-2019-9192) could cause denial of service if the application processes user-supplied regex patterns.• Trust score is high (90) and image is pinned by digest, reducing supply chain risk.

30/100NEEDS ATTENTION

ReputationPOPULAR COMMUNITY• High Reputation Community Image (5M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. The most notable risks are two glibc denial-of-service vulnerabilities (CVE-2018-20796 and CVE-2019-9192) that require the application to process malicious regex patterns. If Chroma does not allow user-supplied regex in queries, these vulnerabilities may have no practical impact. No high-severity (7+) or post-exploit vulnerabilities exist, and the image is built from a reliable community source.

Vulnerabilities

Vulnerability Log

223 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2018-20796	MEDIUM6	libc-bin 2.41-12+deb13u2 No fix yet	5.8% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-9192	MEDIUM6	libc-bin 2.41-12+deb13u2 No fix yet	2.4% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-20796	MEDIUM6	libc6 2.41-12+deb13u2 No fix yet	5.8% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-9192	MEDIUM6	libc6 2.41-12+deb13u2 No fix yet	2.4% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-4878	MEDIUM5.95	libcap2 1:2.75-10+b8 fixed in 1:2.75-10+deb13u1	0.2% Theoretical Threat	Directly Exposed
CVE-2026-34181	MEDIUM5.35	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34181	MEDIUM5.35	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.4% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc-bin 2.41-12+deb13u2 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc-bin 2.41-12+deb13u2 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc6 2.41-12+deb13u2 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc6 2.41-12+deb13u2 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc-bin 2.41-12+deb13u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.41-12+deb13u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42764	MEDIUM5.02	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.7% Theoretical Threat	Directly Exposed
CVE-2026-42769	MEDIUM5.02	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42764	MEDIUM5.02	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.7% Theoretical Threat	Directly Exposed
CVE-2026-42769	MEDIUM5.02	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.3.dfsg+really1.3.1-1+b1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc-bin 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc6 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.8.1-1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM4.42	libc-bin 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	0.3% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-4437	MEDIUM4.42	libc6 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	0.3% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2021-45346	MEDIUM4.3	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	1.6% Low-Moderate Risk	Directly Exposed
CVE-2026-42250	MEDIUM4.25	libbz2-1.0 1.0.8-6 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc-bin 2.41-12+deb13u2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc-bin 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc6 2.41-12+deb13u2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc6 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.5% Theoretical Threat	Directly Exposed
CVE-2010-4756	MEDIUM4	libc-bin 2.41-12+deb13u2 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2010-4756	MEDIUM4	libc6 2.41-12+deb13u2 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2026-48962	LOW3.98	perl-base 5.40.1-6 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2005-2541	LOW3.6	tar 1.35+dfsg-3.1 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2019-1010022	LOW3.53	libc-bin 2.41-12+deb13u2 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2019-1010022	LOW3.53	libc6 2.41-12+deb13u2 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2026-4438	LOW3.4	libc-bin 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	libc6 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	0.2% Theoretical Threat	Directly Exposed
CVE-2026-34181	LOW3.21	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Post-Exploit
CVE-2026-42768	LOW3.21	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.4% Theoretical Threat	Post-Exploit
CVE-2019-1010023	LOW3.17	libc-bin 2.41-12+deb13u2 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2019-1010023	LOW3.17	libc6 2.41-12+deb13u2 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2026-45446	LOW3.15	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	LOW3.11	bsdutils 1:2.41-5 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.41-5 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.41-5 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-42764	LOW3.01	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.7% Theoretical Threat	Post-Exploit
CVE-2026-42769	LOW3.01	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW3.01	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW3.01	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl-base 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-45447	LOW2.92	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45447	LOW2.92	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45447	LOW2.92	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	1.4% Low-Moderate Risk	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-7383	LOW2.8	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.35+dfsg-3.1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-70873	LOW2.8	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-45445	LOW2.78	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42496	LOW2.78	perl-base 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	bsdutils 1:2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	mount 2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42766	LOW2.7	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.6% Theoretical Threat	Post-Exploit
CVE-2026-42767	LOW2.7	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-12087	LOW2.7	perl-base 5.40.1-6 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux 2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-34180	LOW2.55	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.5% Theoretical Threat	Post-Exploit
CVE-2026-48959	LOW2.55	perl-base 5.40.1-6 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-48961	LOW2.55	perl-base 5.40.1-6 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	passwd 1:4.17.4-2 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.41-5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 9.7-3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.41-5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.41-5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW2.29	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.5% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW2.29	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.5% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW2.29	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.5% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW2.29	perl-base 5.40.1-6 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW2.29	perl-base 5.40.1-6 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW2.26	libssl3t64 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW2.26	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW2.26	openssl-provider-legacy 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 9.7-3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 3.0.3 No fix yet	1.2% Low-Moderate Risk	Post-Exploit
CVE-2026-6238	LOW1.99	libc-bin 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW1.99	libc6 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-15649	LOW1.99	perl-base 5.40.1-6 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-45446	LOW1.89	openssl 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	passwd 1:4.17.4-2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-45445	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Not Applicable
CVE-2026-45447	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	1.4% Low-Moderate Risk	Not Applicable
CVE-2026-29111	NONE0	libsystemd0 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	0.1% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libtinfo6 6.5+20250216-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-29111	NONE0	libudev1 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	0.1% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.5+20250216-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-bin 6.5+20250216-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-34183	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.5% Theoretical Threat	Not Applicable
CVE-2026-34182	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Not Applicable
CVE-2026-4105	NONE0	libsystemd0 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	0.1% Theoretical Threat	Not Applicable
CVE-2026-4105	NONE0	libudev1 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	0.1% Theoretical Threat	Not Applicable
CVE-2026-40225	NONE0	libsystemd0 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	0.1% Theoretical Threat	Not Applicable
CVE-2026-40226	NONE0	libsystemd0 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Not Applicable
CVE-2026-40225	NONE0	libudev1 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	0.1% Theoretical Threat	Not Applicable
CVE-2026-40226	NONE0	libudev1 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Not Applicable
CVE-2026-34181	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Not Applicable
CVE-2026-42768	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.4% Theoretical Threat	Not Applicable
CVE-2026-5958	NONE0	sed 4.9-2 fixed in 4.9-2+deb13u1	0.1% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	libblkid1 2.41-5 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	liblastlog2-2 2.41-5 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	libmount1 2.41-5 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	libsmartcols1 2.41-5 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	libuuid1 2.41-5 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-42764	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.7% Theoretical Threat	Not Applicable
CVE-2026-42769	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Not Applicable
CVE-2026-42770	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Not Applicable
CVE-2026-9076	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	libblkid1 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	liblastlog2-2 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	libmount1 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	libsmartcols1 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-7383	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	libuuid1 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	libblkid1 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	liblastlog2-2 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	libmount1 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	libsmartcols1 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-42766	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.6% Theoretical Threat	Not Applicable
CVE-2026-42767	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.3% Theoretical Threat	Not Applicable
CVE-2023-31437	NONE0	libsystemd0 257.9-1~deb13u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2023-31438	NONE0	libsystemd0 257.9-1~deb13u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2023-31439	NONE0	libsystemd0 257.9-1~deb13u1 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2023-31437	NONE0	libudev1 257.9-1~deb13u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2023-31438	NONE0	libudev1 257.9-1~deb13u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2023-31439	NONE0	libudev1 257.9-1~deb13u1 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	libuuid1 2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-34180	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.5% Theoretical Threat	Not Applicable
CVE-2007-5686	NONE0	login.defs 1:4.17.4-2 No fix yet	0.9% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-modules 1.7.0-5 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-modules-bin 1.7.0-5 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-runtime 1.7.0-5 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam0g 1.7.0-5 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	libblkid1 2.41-5 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	liblastlog2-2 2.41-5 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	libmount1 2.41-5 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	libsmartcols1 2.41-5 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	libuuid1 2.41-5 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2011-3374	NONE0	libapt-pkg7.0 3.0.3 No fix yet	1.2% Low-Moderate Risk	Not Applicable
CVE-2026-45446	NONE0	libssl-dev 3.5.5-1~deb13u2 fixed in 3.5.6-1~deb13u2	0.2% Theoretical Threat	Not Applicable
CVE-2024-56433	NONE0	login.defs 1:4.17.4-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2013-4392	NONE0	libsystemd0 257.9-1~deb13u1 No fix yet	0.5% Theoretical Threat	Not Applicable
CVE-2026-40228	NONE0	libsystemd0 257.9-1~deb13u1 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.5+20250216-2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2013-4392	NONE0	libudev1 257.9-1~deb13u1 No fix yet	0.5% Theoretical Threat	Not Applicable
CVE-2026-40228	NONE0	libudev1 257.9-1~deb13u1 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.5+20250216-2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-bin 6.5+20250216-2 No fix yet	0.2% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.2.37-2+b8 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	bsdutils 1:2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	bsdutils 1:2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	bsdutils 1:2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	bsdutils 1:2.41-5 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	libblkid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libblkid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	libblkid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libblkid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	liblastlog2-2 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	liblastlog2-2 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	liblastlog2-2 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	liblastlog2-2 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	libmount1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libmount1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	libmount1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libmount1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	libsmartcols1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libsmartcols1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	libsmartcols1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libsmartcols1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-11822	NONE0	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-11824	NONE0	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-53612	NONE0	libuuid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libuuid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	libuuid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libuuid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	login.defs 1:4.17.4-2 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	mount 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	mount 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	mount 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	mount 2.41-5 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.17.4-2 No fix yet	—	Not Applicable
CVE-2026-7010	NONE0	perl-base 5.40.1-6 No fix yet	0.2% Theoretical Threat	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 3.14-4 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.35+dfsg-3.1 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	util-linux 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	util-linux 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	util-linux 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	util-linux 2.41-5 No fix yet	—	Not Applicable