Last scanned:
This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could achieve data exfiltration via XXE in the Tika PDF parser or redirect cluster traffic via DNS cache poisoning. Disabling the ingest attachment plugin would eliminate the Tika XXE risk. Note that CVE-2025-66516 only applies if the ingest attachment plugin is enabled. Immediate remediation (upgrading Tika and Netty) is strongly advised.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2025-66516 | CRITICAL10 | org.apache.tika:tika-core 2.9.3 fixed in 3.2.2 | 79.8% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2025-66516 | CRITICAL10 | org.apache.tika:tika-parser-pdf-module 2.9.3 fixed in 3.2.2 | 79.8% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2025-54988 | CRITICAL9.4 | org.apache.tika:tika-parser-pdf-module 2.9.3 fixed in 3.2.2 | 3.0% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2026-45674 | HIGH8.5 | io.netty:netty-resolver-dns 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.2% Theoretical Threat | Directly ExposedContext importance: HIGH |
| CVE-2026-47691 | HIGH8.5 | io.netty:netty-resolver-dns 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly ExposedContext importance: HIGH |
| CVE-2026-42581 | HIGH8.33 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.6% Theoretical Threat | Directly ExposedContext importance: HIGH |
| CVE-2026-58016 | HIGH7.73 | glib2 2.68.4-16.el9 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42579 | HIGH7.73 | io.netty:netty-codec-dns 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.9% Theoretical Threat | Directly ExposedContext importance: HIGH |
| CVE-2026-33846 | HIGH7.5 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2026-42009 | HIGH7.5 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2026-5121 | HIGH7.5 | libarchive 3.5.3-5.el9_6 fixed in 3.5.3-9.el9_7 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2025-6021 | HIGH7.5 | libxml2 2.9.13-9.el9_6 fixed in 2.9.13-10.el9_6 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2025-27113 | HIGH7.5 | libxml2 2.9.13-9.el9_6 No fix yet | 1.0% Low-Moderate Risk | Directly Exposed |
| CVE-2026-2100 | HIGH7.5 | p11-kit 0.25.3-3.el9_5 fixed in 0.26.2-1.el9 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2026-2100 | HIGH7.5 | p11-kit-trust 0.25.3-3.el9_5 fixed in 0.26.2-1.el9 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2026-33871 | HIGH7.5 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.1.132.Final, 4.2.11.Final | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-58014 | HIGH7.31 | glib2 2.68.4-16.el9 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-49796 | HIGH7.28 | libxml2 2.9.13-9.el9_6 fixed in 2.9.13-10.el9_6 | 1.4% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2024-52533 | HIGH7 | glib2 2.68.4-16.el9 fixed in 2.68.4-16.el9_6.2 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2026-58010 | MEDIUM6.97 | glib2 2.68.4-16.el9 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-58012 | MEDIUM6.97 | glib2 2.68.4-16.el9 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-58013 | MEDIUM6.97 | glib2 2.68.4-16.el9 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-32990 | MEDIUM6.97 | gnutls 3.8.3-6.el9 fixed in 3.8.3-6.el9_6.2 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-42013 | MEDIUM6.97 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-5260 | MEDIUM6.97 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-0861 | MEDIUM6.88 | glibc 2.34-168.el9_6.20 fixed in 2.34-231.el9_7.10 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-28387 | MEDIUM6.88 | openssl-libs 1:3.2.2-6.el9_5.1 No fix yet | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-54512 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 2.18.8, 3.1.4, 2.21.4 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-54513 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-44249 | MEDIUM6.88 | io.netty:netty-handler 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-6653 | MEDIUM6.66 | libxml2 2.9.13-9.el9_6 No fix yet | 0.3% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2025-5914 | MEDIUM6.63 | libarchive 3.5.3-5.el9_6 fixed in 3.5.3-6.el9_6 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-48864 | MEDIUM6.63 | libsolv 0.7.24-3.el9 fixed in 0.7.24-6.el9_8 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-7425 | MEDIUM6.63 | libxml2 2.9.13-9.el9_6 fixed in 2.9.13-11.el9_6 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-11979 | MEDIUM6.63 | libxml2 2.9.13-9.el9_6 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-29111 | MEDIUM6.63 | systemd-libs 252-51.el9_6.1 fixed in 252-67.el9_8.2 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-13601 | MEDIUM6.54 | glib2 2.68.4-16.el9 fixed in 2.68.4-18.el9_7.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-58011 | MEDIUM6.38 | glib2 2.68.4-16.el9 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-58015 | MEDIUM6.38 | glib2 2.68.4-16.el9 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2023-32636 | MEDIUM6.38 | glib2 2.68.4-16.el9 No fix yet | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-40355 | MEDIUM6.38 | krb5-libs 1.21.1-8.el9_6 fixed in 1.21.1-10.el9_8 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-40356 | MEDIUM6.38 | krb5-libs 1.21.1-8.el9_6 fixed in 1.21.1-10.el9_8 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-4111 | MEDIUM6.38 | libarchive 3.5.3-5.el9_6 fixed in 3.5.3-7.el9_7 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-4424 | MEDIUM6.38 | libarchive 3.5.3-5.el9_6 fixed in 3.5.3-9.el9_7 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-14164 | MEDIUM6.38 | libarchive 3.5.3-5.el9_6 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-41989 | MEDIUM6.38 | libgcrypt 1.10.0-11.el9 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27135 | MEDIUM6.38 | libnghttp2 1.43.0-6.el9 fixed in 1.43.0-6.el9_7.1 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-32414 | MEDIUM6.38 | libxml2 2.9.13-9.el9_6 fixed in 2.9.13-12.el9_6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-32415 | MEDIUM6.38 | libxml2 2.9.13-9.el9_6 fixed in 2.9.13-12.el9_6 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-6732 | MEDIUM6.38 | libxml2 2.9.13-9.el9_6 No fix yet | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-3.el9_8 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34183 | MEDIUM6.38 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-69421 | MEDIUM6.38 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM6.38 | openssl-libs 1:3.2.2-6.el9_5.1 No fix yet | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | openssl-libs 1:3.2.2-6.el9_5.1 No fix yet | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2022-41409 | MEDIUM6.38 | pcre2 10.40-6.el9 No fix yet | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2022-41409 | MEDIUM6.38 | pcre2-syntax 10.40-6.el9 No fix yet | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2025-7962 | MEDIUM6.38 | com.sun.mail:jakarta.mail 1.6.3 fixed in 1.6.8, 2.0.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-7962 | MEDIUM6.38 | com.sun.mail:jakarta.mail 1.6.4 fixed in 1.6.8, 2.0.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-42583 | MEDIUM6.38 | io.netty:netty-codec 4.1.118.Final fixed in 4.1.133.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-58057 | MEDIUM6.38 | io.netty:netty-codec 4.1.118.Final fixed in 4.1.125.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33870 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.1.132.Final, 4.2.10.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42587 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-42585 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-58056 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.1.125.Final, 4.2.5.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-55163 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.2.4.Final, 4.1.124.Final | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42587 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-48043 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.1.135.Final, 4.2.15.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-45416 | MEDIUM6.38 | io.netty:netty-handler 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-50010 | MEDIUM6.38 | io.netty:netty-handler 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42578 | MEDIUM6.38 | io.netty:netty-handler-proxy 4.1.118.Final fixed in 4.1.133.Final, 4.2.13.Final | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-45292 | MEDIUM6.38 | io.opentelemetry:opentelemetry-api 1.31.0 fixed in 1.62.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34479 | MEDIUM6.38 | org.apache.logging.log4j:log4j-1.2-api 2.19.0 fixed in 2.25.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34480 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.4 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-34480 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.4 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-5588 | MEDIUM6.38 | org.bouncycastle:bcpkix-jdk18on 1.78.1 fixed in 1.84 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-14813 | MEDIUM6.38 | org.bouncycastle:bcprov-jdk18on 1.78.1 fixed in 1.80.2, 1.81.1, 1.84 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-66566 | MEDIUM6.38 | org.lz4:lz4-java 1.8.0 No fix yet | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-3833 | MEDIUM6.29 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42011 | MEDIUM6.29 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-37731 | MEDIUM6.29 | org.elasticsearch:elasticsearch 9.0.2 fixed in 8.19.8, 9.1.8, 9.2.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-49794 | MEDIUM6.18 | libxml2 2.9.13-9.el9_6 fixed in 2.9.13-10.el9_6 | 0.7% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-42012 | MEDIUM6.03 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-54369 | MEDIUM6.03 | libacl 2.3.1-4.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-4878 | MEDIUM5.95 | libcap 2.48-9.el9_2 fixed in 2.48-10.el9_8.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-44604 | MEDIUM5.95 | rpm-libs 4.16.1.3-37.el9 No fix yet | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-13151 | MEDIUM5.9 | libtasn1 4.16.0-9.el9 fixed in 4.16.0-10.el9_8 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-41996 | MEDIUM5.9 | openssl-libs 1:3.2.2-6.el9_5.1 No fix yet | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-22185 | MEDIUM5.78 | openldap 2.6.8-4.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-45673 | MEDIUM5.78 | io.netty:netty-resolver-dns 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-4105 | MEDIUM5.7 | systemd-libs 252-51.el9_6.1 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-42014 | MEDIUM5.61 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-5915 | MEDIUM5.61 | libarchive 3.5.3-5.el9_6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-5918 | MEDIUM5.61 | libarchive 3.5.3-5.el9_6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-9230 | MEDIUM5.6 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-4.el9_7 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2025-14512 | MEDIUM5.52 | glib2 2.68.4-16.el9 fixed in 2.68.4-19.el9_8.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-4437 | MEDIUM5.52 | glibc 2.34-168.el9_6.20 fixed in 2.34-270.el9_8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6238 | MEDIUM5.52 | glibc 2.34-168.el9_6.20 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-4437 | MEDIUM5.52 | glibc-common 2.34-168.el9_6.20 fixed in 2.34-270.el9_8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6238 | MEDIUM5.52 | glibc-common 2.34-168.el9_6.20 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-4437 | MEDIUM5.52 | glibc-minimal-langpack 2.34-168.el9_6.20 fixed in 2.34-270.el9_8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6238 | MEDIUM5.52 | glibc-minimal-langpack 2.34-168.el9_6.20 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-6395 | MEDIUM5.52 | gnutls 3.8.3-6.el9 fixed in 3.8.3-6.el9_6.2 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-4426 | MEDIUM5.52 | libarchive 3.5.3-5.el9_6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9149 | MEDIUM5.52 | libsolv 0.7.24-3.el9 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9150 | MEDIUM5.52 | libsolv 0.7.24-3.el9 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2023-45322 | MEDIUM5.52 | libxml2 2.9.13-9.el9_6 No fix yet | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | openssl-fips-provider 3.0.7-6.el9_5 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | openssl-fips-provider-so 3.0.7-6.el9_5 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | openssl-libs 1:3.2.2-6.el9_5.1 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-67735 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.8.Final, 4.1.129.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-41417 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.1.133.Final, 4.2.13.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42580 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-0636 | MEDIUM5.52 | org.bouncycastle:bcprov-jdk18on 1.78.1 fixed in 1.84 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-68384 | MEDIUM5.52 | org.elasticsearch.plugin:x-pack-security 9.0.2 fixed in 8.19.9, 9.1.9, 9.2.3 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-12183 | MEDIUM5.52 | org.lz4:lz4-java 1.8.0 fixed in 1.8.1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2024-34459 | MEDIUM5.5 | libxml2 2.9.13-9.el9_6 fixed in 2.9.13-14.el9_8.1 | 2.3% Low-Moderate Risk | Directly Exposed |
| CVE-2026-44605 | MEDIUM5.5 | rpm-libs 4.16.1.3-37.el9 No fix yet | — | Directly Exposed |
| CVE-2026-54370 | MEDIUM5.35 | libacl 2.3.1-4.el9 No fix yet | <0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-54371 | MEDIUM5.35 | libattr 2.5.1-3.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-32989 | MEDIUM5.3 | gnutls 3.8.3-6.el9 fixed in 3.8.3-6.el9_6.2 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2026-1757 | MEDIUM5.27 | libxml2 2.9.13-9.el9_6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-13757 | MEDIUM5.27 | p11-kit 0.25.3-3.el9_5 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-13757 | MEDIUM5.27 | p11-kit-trust 0.25.3-3.el9_5 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-14104 | MEDIUM5.18 | libblkid 2.37.4-21.el9 fixed in 2.37.4-21.el9_7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-14104 | MEDIUM5.18 | libmount 2.37.4-21.el9 fixed in 2.37.4-21.el9_7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-14104 | MEDIUM5.18 | libsmartcols 2.37.4-21.el9 fixed in 2.37.4-21.el9_7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-14104 | MEDIUM5.18 | libuuid 2.37.4-21.el9 fixed in 2.37.4-21.el9_7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-11187 | MEDIUM5.18 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-22227 | MEDIUM5.18 | io.projectreactor.netty:reactor-netty-http 1.0.45 fixed in 1.3.0-M5, 1.2.8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | glibc 2.34-168.el9_6.20 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-15281 | MEDIUM5.02 | glibc 2.34-168.el9_6.20 fixed in 2.34-231.el9_7.10 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | glibc-common 2.34-168.el9_6.20 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | glibc-minimal-langpack 2.34-168.el9_6.20 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-0990 | MEDIUM5.02 | libxml2 2.9.13-9.el9_6 No fix yet | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | openssl-fips-provider 3.0.7-6.el9_5 fixed in 3.0.7-11.el9_8 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | openssl-fips-provider-so 3.0.7-6.el9_5 fixed in 3.0.7-11.el9_8 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-2.el9_8 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34477 | MEDIUM5.02 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34477 | MEDIUM5.02 | org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-37727 | MEDIUM4.84 | org.elasticsearch:elasticsearch 9.0.2 fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-5916 | MEDIUM4.76 | libarchive 3.5.3-5.el9_6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-60753 | MEDIUM4.67 | libarchive 3.5.3-5.el9_6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-5745 | MEDIUM4.67 | libarchive 3.5.3-5.el9_6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-1632 | MEDIUM4.67 | libarchive 3.5.3-5.el9_6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2021-46195 | MEDIUM4.67 | libgcc 11.5.0-5.el9_5 No fix yet | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2022-27943 | MEDIUM4.67 | libgcc 11.5.0-5.el9_5 No fix yet | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2021-46195 | MEDIUM4.67 | libstdc++ 11.5.0-5.el9_5 No fix yet | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2022-27943 | MEDIUM4.67 | libstdc++ 11.5.0-5.el9_5 No fix yet | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2025-9714 | MEDIUM4.67 | libxml2 2.9.13-9.el9_6 fixed in 2.9.13-14.el9_7 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-15469 | MEDIUM4.67 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-0232 | MEDIUM4.67 | sqlite-libs 3.34.1-7.el9_3 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-27171 | MEDIUM4.67 | zlib 1.2.11-40.el9 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-1489 | MEDIUM4.59 | glib2 2.68.4-16.el9 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-0915 | MEDIUM4.5 | glibc 2.34-168.el9_6.20 fixed in 2.34-231.el9_7.10 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | glibc 2.34-168.el9_6.20 fixed in 2.34-270.el9_8 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | glibc-common 2.34-168.el9_6.20 fixed in 2.34-270.el9_8 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | glibc-minimal-langpack 2.34-168.el9_6.20 fixed in 2.34-270.el9_8 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-14831 | MEDIUM4.5 | gnutls 3.8.3-6.el9 fixed in 3.8.3-10.el9_7 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42015 | MEDIUM4.5 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2023-30571 | MEDIUM4.5 | libarchive 3.5.3-5.el9_6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-13595 | MEDIUM4.5 | libblkid 2.37.4-21.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-13595 | MEDIUM4.5 | libmount 2.37.4-21.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-13595 | MEDIUM4.5 | libsmartcols 2.37.4-21.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-13595 | MEDIUM4.5 | libuuid 2.37.4-21.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34743 | MEDIUM4.5 | xz-libs 5.2.5-8.el9_0 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-54514 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-54515 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-50020 | MEDIUM4.5 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-47244 | MEDIUM4.5 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-50560 | MEDIUM4.5 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-8885 | MEDIUM4.5 | org.bouncycastle:bc-fips 1.0.2.5 fixed in 1.0.2.6, 2.0.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-8916 | MEDIUM4.5 | org.bouncycastle:bcpkix-jdk18on 1.78.1 fixed in 1.79 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42250 | MEDIUM4.25 | bzip2-libs 1.0.8-10.el9_5 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-5450 | MEDIUM4.25 | glibc 2.34-168.el9_6.20 fixed in 2.34-272.el9_8 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-5928 | MEDIUM4.25 | glibc 2.34-168.el9_6.20 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-5450 | MEDIUM4.25 | glibc-common 2.34-168.el9_6.20 fixed in 2.34-272.el9_8 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-5928 | MEDIUM4.25 | glibc-common 2.34-168.el9_6.20 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-5450 | MEDIUM4.25 | glibc-minimal-langpack 2.34-168.el9_6.20 fixed in 2.34-272.el9_8 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-5928 | MEDIUM4.25 | glibc-minimal-langpack 2.34-168.el9_6.20 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-11850 | MEDIUM4.25 | krb5-libs 1.21.1-8.el9_6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-5917 | MEDIUM4.25 | libarchive 3.5.3-5.el9_6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-68390 | MEDIUM4.17 | org.elasticsearch.plugin:x-pack-core 9.0.2 fixed in 8.19.8, 9.1.8, 9.2.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-4373 | MEDIUM4.08 | glib2 2.68.4-16.el9 fixed in 2.68.4-16.el9_6.2 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-68161 | MEDIUM4.08 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-68161 | MEDIUM4.08 | org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15467 | MEDIUM4.06 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2026-27456 | MEDIUM4 | libblkid 2.37.4-21.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libmount 2.37.4-21.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libsmartcols 2.37.4-21.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libuuid 2.37.4-21.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2024-13176 | MEDIUM4 | openssl-libs 1:3.2.2-6.el9_5.1 No fix yet | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-68160 | MEDIUM4 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-4598 | MEDIUM4 | systemd-libs 252-51.el9_6.1 fixed in 252-55.el9_7.7 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-11856 | LOW3.9 | curl-minimal 7.76.1-31.el9 No fix yet | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2024-9681 | LOW3.9 | curl-minimal 7.76.1-31.el9 No fix yet | 2.0% Low-Moderate Risk | Post-Exploit |
| CVE-2026-11856 | LOW3.9 | libcurl-minimal 7.76.1-31.el9 No fix yet | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2024-9681 | LOW3.9 | libcurl-minimal 7.76.1-31.el9 No fix yet | 2.0% Low-Moderate Risk | Post-Exploit |
| CVE-2026-11586 | LOW3.82 | curl-minimal 7.76.1-31.el9 No fix yet | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-12064 | LOW3.82 | curl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW3.82 | curl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-6276 | LOW3.82 | curl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-11586 | LOW3.82 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-12064 | LOW3.82 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW3.82 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-6276 | LOW3.82 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-9547 | LOW3.77 | curl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-9547 | LOW3.77 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-48924 | LOW3.7 | org.apache.commons:commons-lang3 3.17.0 fixed in 3.18.0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-48924 | LOW3.7 | org.apache.commons:commons-lang3 3.9 fixed in 3.18.0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4156 | LOW3.62 | gawk 5.1.0-6.el9 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-6965 | LOW3.61 | sqlite-libs 3.34.1-7.el9_3 fixed in 3.34.1-9.el9_7 | 73.5% Actively Exploited | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gnupg2 2.3.3-4.el9 fixed in 2.3.3-5.el9_7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-44604 | LOW3.57 | rpm 4.16.1.3-37.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-1484 | LOW3.57 | glib2 2.68.4-16.el9 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-8058 | LOW3.57 | glibc 2.34-168.el9_6.20 fixed in 2.34-168.el9_6.23 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-8058 | LOW3.57 | glibc-common 2.34-168.el9_6.20 fixed in 2.34-168.el9_6.23 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-8058 | LOW3.57 | glibc-minimal-langpack 2.34-168.el9_6.20 fixed in 2.34-168.el9_6.23 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-11053 | LOW3.54 | curl-minimal 7.76.1-31.el9 No fix yet | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2024-11053 | LOW3.54 | libcurl-minimal 7.76.1-31.el9 No fix yet | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-42010 | LOW3.53 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2025-13034 | LOW3.47 | curl-minimal 7.76.1-31.el9 No fix yet | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-1965 | LOW3.47 | curl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-13034 | LOW3.47 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-1965 | LOW3.47 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-4438 | LOW3.4 | glibc 2.34-168.el9_6.20 fixed in 2.34-270.el9_8 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | glibc-common 2.34-168.el9_6.20 fixed in 2.34-270.el9_8 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | glibc-minimal-langpack 2.34-168.el9_6.20 fixed in 2.34-270.el9_8 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-9820 | LOW3.4 | gnutls 3.8.3-6.el9 fixed in 3.8.3-10.el9_7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-3784 | LOW3.31 | curl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-5545 | LOW3.31 | curl-minimal 7.76.1-31.el9 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW3.31 | curl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-8924 | LOW3.31 | curl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-14524 | LOW3.31 | curl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-3784 | LOW3.31 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-5545 | LOW3.31 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW3.31 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-8924 | LOW3.31 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-14524 | LOW3.31 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-58058 | LOW3.31 | nmap-ncat 3:7.92-3.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-15028 | LOW3.31 | libarchive 3.5.3-5.el9_6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-44605 | LOW3.3 | rpm 4.16.1.3-37.el9 No fix yet | — | Post-Exploit |
| CVE-2022-0529 | LOW3.3 | unzip 6.0-58.el9_5 No fix yet | 2.4% Low-Moderate Risk | Post-Exploit |
| CVE-2022-0530 | LOW3.3 | unzip 6.0-58.el9_5 No fix yet | 2.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-3805 | LOW3.21 | curl-minimal 7.76.1-31.el9 No fix yet | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-3805 | LOW3.21 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-5958 | LOW3.21 | sed 4.8-9.el9 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-9086 | LOW3.18 | curl-minimal 7.76.1-31.el9 fixed in 7.76.1-35.el9_7.3 | 1.3% Low-Moderate Risk | Post-Exploit |
| CVE-2025-9086 | LOW3.18 | libcurl-minimal 7.76.1-31.el9 fixed in 7.76.1-35.el9_7.3 | 1.3% Low-Moderate Risk | Post-Exploit |
| CVE-2025-3360 | LOW3.15 | glib2 2.68.4-16.el9 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-7039 | LOW3.15 | glib2 2.68.4-16.el9 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-0988 | LOW3.15 | glib2 2.68.4-16.el9 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-3832 | LOW3.15 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-5419 | LOW3.15 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-0989 | LOW3.15 | libxml2 2.9.13-9.el9_6 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-9232 | LOW3.1 | openssl-libs 1:3.2.2-6.el9_5.1 No fix yet | 2.0% Low-Moderate Risk | Directly Exposed |
| CVE-2025-14087 | LOW3 | glib2 2.68.4-16.el9 fixed in 2.68.4-19.el9_8.1 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | openssl-libs 1:3.2.2-6.el9_5.1 No fix yet | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-32988 | LOW2.95 | gnutls 3.8.3-6.el9 fixed in 3.8.3-6.el9_6.2 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2026-8925 | LOW2.92 | curl-minimal 7.76.1-31.el9 No fix yet | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-8925 | LOW2.92 | libcurl-minimal 7.76.1-31.el9 No fix yet | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-3783 | LOW2.91 | curl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-3783 | LOW2.91 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-24883 | LOW2.8 | gnupg2 2.3.3-4.el9 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-41990 | LOW2.8 | libgcrypt 1.10.0-11.el9 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-70873 | LOW2.8 | sqlite-libs 3.34.1-7.el9_3 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33845 | LOW2.78 | gnutls 3.8.3-6.el9 fixed in 3.8.10-4.el9_8 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42584 | LOW2.78 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-11352 | LOW2.7 | curl-minimal 7.76.1-31.el9 No fix yet | 1.0% Low-Moderate Risk | Post-Exploit |
| CVE-2026-11352 | LOW2.7 | libcurl-minimal 7.76.1-31.el9 No fix yet | 1.0% Low-Moderate Risk | Post-Exploit |
| CVE-2026-4873 | LOW2.7 | curl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | curl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | curl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-4873 | LOW2.7 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2024-7264 | LOW2.69 | curl-minimal 7.76.1-31.el9 No fix yet | 17.3% High Exploitation Risk | Post-Exploit |
| CVE-2024-7264 | LOW2.69 | libcurl-minimal 7.76.1-31.el9 No fix yet | 17.3% High Exploitation Risk | Post-Exploit |
| CVE-2026-8286 | LOW2.48 | curl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-15079 | LOW2.48 | curl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-8286 | LOW2.48 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-15079 | LOW2.48 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-0992 | LOW2.46 | libxml2 2.9.13-9.el9_6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-14017 | LOW2.45 | curl-minimal 7.76.1-31.el9 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-8926 | LOW2.45 | curl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-14017 | LOW2.45 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-8926 | LOW2.45 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-15224 | LOW2.4 | curl-minimal 7.76.1-31.el9 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gnupg2 2.3.3-4.el9 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-30258 | LOW2.4 | gnupg2 2.3.3-4.el9 No fix yet | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-15224 | LOW2.4 | libcurl-minimal 7.76.1-31.el9 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-1485 | LOW2.38 | glib2 2.68.4-16.el9 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-5278 | LOW2.24 | coreutils-single 8.32-39.el9 fixed in 8.32-41.el9_8 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-6170 | LOW2.12 | libxml2 2.9.13-9.el9_6 fixed in 2.9.13-14.el9_8.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-56433 | LOW1.84 | shadow-utils 2:4.9-12.el9 fixed in 2:4.9-15.el9 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2022-3219 | LOW1.68 | gnupg2 2.3.3-4.el9 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2021-4217 | LOW1.68 | unzip 6.0-58.el9_5 No fix yet | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-11961 | LOW1.61 | libpcap 14:1.10.0-4.el9 No fix yet | <0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-57062 | LOW1.48 | gnupg2 2.3.3-4.el9 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2022-29458 | NONE0 | ncurses-base 6.2-10.20210508.el9 fixed in 6.2-10.20210508.el9_6.2 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2022-29458 | NONE0 | ncurses-libs 6.2-10.20210508.el9 fixed in 6.2-10.20210508.el9_6.2 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2023-50495 | NONE0 | ncurses-base 6.2-10.20210508.el9 No fix yet | 1.0% Theoretical Threat | Not Applicable |
| CVE-2023-50495 | NONE0 | ncurses-libs 6.2-10.20210508.el9 No fix yet | 1.0% Theoretical Threat | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.15.0 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.17.2 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.