Vulnerability Reportinfluxdb:2.9

influxdb:latestinfluxdb:2.9.1influxdb:2.9influxdb:2

DIGESTsha256:003e028b675205f6148e5f30369fd3e854993b385f1e5e4d2d85bc9f8701bf28

Executive Summary

Threat ScoreCAUTION• Official Docker image with 113 total exposed vulnerabilities, 13 of which score 6.0 or higher (max 6.38), all in Go stdlib.• Key CVEs: CVE-2026-32280 (DoS via certificate chain building), CVE-2026-32283 (TLS 1.3 key update deadlock), CVE-2026-33811 (DNS double-free crash).• All top findings are network-accessible (HTTPS/TLS) and require no special configuration, making InfluxDB directly targetable.• No post-exploit vulnerabilities found, limiting impact to denial of service rather than data theft or RCE.• Image is trusted (official, pinned by digest) but the vulnerability surface is significant.

50/100CAUTION

ReputationOFFICIAL• Official Docker Hub Image• Pinned by digest (Immutable)

TRUSTED

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause denial of service by sending crafted TLS handshakes, certificate chains, or DNS responses, exploiting vulnerabilities in Go's crypto/tls and net packages. Disabling TLS 1.3 would fully mitigate CVE-2026-32283, and disabling HTTP/2 would address CVE-2026-33814, but these may not be practical for InfluxDB's default HTTPS service. No post-exploit issues exist, so data confidentiality and integrity are not at risk.

Vulnerabilities

Vulnerability Log

269 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-32280	MEDIUM6.38	stdlib v1.25.8 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-32281	MEDIUM6.38	stdlib v1.25.8 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-32283	MEDIUM6.38	stdlib v1.25.8 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Directly Exposed
CVE-2026-33811	MEDIUM6.38	stdlib v1.25.8 fixed in 1.25.10, 1.26.3	0.5% Theoretical Threat	Directly Exposed
CVE-2026-33814	MEDIUM6.38	stdlib v1.25.8 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Directly Exposed
CVE-2026-39820	MEDIUM6.38	stdlib v1.25.8 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-39836	MEDIUM6.38	stdlib v1.25.8 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33811	MEDIUM6.38	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.5% Theoretical Threat	Directly Exposed
CVE-2026-33814	MEDIUM6.38	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Directly Exposed
CVE-2026-39820	MEDIUM6.38	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-39836	MEDIUM6.38	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Directly Exposed
CVE-2026-32285	MEDIUM6.38	github.com/buger/jsonparser v1.1.1 fixed in 1.1.2	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34986	MEDIUM6.38	github.com/go-jose/go-jose/v4 v4.1.3 fixed in 4.1.4	0.3% Theoretical Threat	Directly Exposed
CVE-2026-39883	MEDIUM5.95	go.opentelemetry.io/otel/sdk v1.40.0 fixed in 1.43.0	0.2% Theoretical Threat	Directly Exposed
CVE-2024-2236	MEDIUM5.9	libgcrypt20 1.10.1-3+deb12u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libgssapi-krb5-2 1.20.1-2+deb12u5 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libk5crypto3 1.20.1-2+deb12u5 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libkrb5-3 1.20.1-2+deb12u5 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libkrb5support0 1.20.1-2+deb12u5 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2025-13151	MEDIUM5.9	libtasn1-6 4.19.0-2+deb12u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-22185	MEDIUM5.78	libldap-2.5-0 2.5.13+dfsg-5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2011-3389	MEDIUM5.59	libgnutls30 3.7.9-2+deb12u7 No fix yet	73.3% Actively Exploited	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc-bin 2.36-9+deb12u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.36-9+deb12u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-32282	MEDIUM5.44	stdlib v1.25.8 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc-bin 2.36-9+deb12u14 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc-bin 2.36-9+deb12u14 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc6 2.36-9+deb12u14 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc6 2.36-9+deb12u14 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-32289	MEDIUM5.18	stdlib v1.25.8 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-29181	MEDIUM5.1	go.opentelemetry.io/otel v1.40.0 fixed in 1.41.0	0.3% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-5435	MEDIUM5.02	libc-bin 2.36-9+deb12u14 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.36-9+deb12u14 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libgssapi-krb5-2 1.20.1-2+deb12u5 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libk5crypto3 1.20.1-2+deb12u5 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5-3 1.20.1-2+deb12u5 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5support0 1.20.1-2+deb12u5 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libblkid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc-s1 12.2.0-14+deb12u1 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libmount1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-29088	MEDIUM4.67	libsqlite3-0 3.40.1-2+deb12u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libstdc++6 12.2.0-14+deb12u1 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libuuid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.2.13.dfsg-1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-32288	MEDIUM4.67	stdlib v1.25.8 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Directly Exposed
CVE-2024-6104	MEDIUM4.67	github.com/hashicorp/go-retryablehttp v0.6.4 fixed in 0.7.7	0.4% Theoretical Threat	Directly Exposed
CVE-2026-39826	MEDIUM4.59	stdlib v1.25.8 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-39826	MEDIUM4.59	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libblkid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.4.1-1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libmount1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libssl3 3.0.20-1~deb12u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libsystemd0 252.39-1~deb12u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libsystemd0 252.39-1~deb12u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libsystemd0 252.39-1~deb12u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libudev1 252.39-1~deb12u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libudev1 252.39-1~deb12u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libudev1 252.39-1~deb12u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libuuid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2021-45346	MEDIUM4.3	libsqlite3-0 3.40.1-2+deb12u2 No fix yet	1.6% Low-Moderate Risk	Directly Exposed
CVE-2024-28180	MEDIUM4.3	gopkg.in/square/go-jose.v2 v2.5.1 No fix yet	2.0% Low-Moderate Risk	Directly Exposed
CVE-2026-42250	MEDIUM4.25	libbz2-1.0 1.0.8-5+b1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc-bin 2.36-9+deb12u14 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc-bin 2.36-9+deb12u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc6 2.36-9+deb12u14 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc6 2.36-9+deb12u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libgssapi-krb5-2 1.20.1-2+deb12u5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libk5crypto3 1.20.1-2+deb12u5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libkrb5-3 1.20.1-2+deb12u5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libkrb5support0 1.20.1-2+deb12u5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2020-15719	MEDIUM4.2	libldap-2.5-0 2.5.13+dfsg-5 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2017-14159	MEDIUM4	libldap-2.5-0 2.5.13+dfsg-5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	MEDIUM4	libc-bin 2.36-9+deb12u14 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2010-4756	MEDIUM4	libc6 2.36-9+deb12u14 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2026-48962	LOW3.98	perl-base 5.36.0-7+deb12u3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW3.82	curl 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW3.82	libcurl4 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW3.82	perl-base 5.36.0-7+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW3.7	libapt-pkg6.0 2.6.1 No fix yet	1.2% Low-Moderate Risk	Directly Exposed
CVE-2005-2541	LOW3.6	tar 1.34+dfsg-1.2+deb12u1 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2019-1010022	LOW3.53	libc-bin 2.36-9+deb12u14 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2019-1010022	LOW3.53	libc6 2.36-9+deb12u14 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2023-45853	LOW3.53	zlib1g 1:1.2.13.dfsg-1 No fix yet	2.9% Low-Moderate Risk	Post-Exploit
CVE-2026-1965	LOW3.47	curl 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-14819	LOW3.47	curl 7.88.1-10+deb12u14 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	libcurl4 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-14819	LOW3.47	libcurl4 7.88.1-10+deb12u14 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2016-2781	LOW3.31	coreutils 9.1-1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3784	LOW3.31	curl 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	curl 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	curl 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	curl 7.88.1-10+deb12u14 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-3784	LOW3.31	libcurl4 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	libcurl4 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	libcurl4 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	libcurl4 7.88.1-10+deb12u14 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2024-2379	LOW3.24	curl 7.88.1-10+deb12u14 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2024-2379	LOW3.24	libcurl4 7.88.1-10+deb12u14 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2019-1010023	LOW3.17	libc-bin 2.36-9+deb12u14 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2019-1010023	LOW3.17	libc6 2.36-9+deb12u14 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2025-14104	LOW3.11	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-10966	LOW3.01	curl 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-10966	LOW3.01	libcurl4 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl-base 5.36.0-7+deb12u3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2023-31486	LOW2.92	perl-base 5.36.0-7+deb12u3 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2026-3783	LOW2.91	curl 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-3783	LOW2.91	libcurl4 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-27943	LOW2.8	gcc-12-base 12.2.0-14+deb12u1 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.34+dfsg-1.2+deb12u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-70873	LOW2.8	libsqlite3-0 3.40.1-2+deb12u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libsystemd0 252.39-1~deb12u2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 252.39-1~deb12u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libudev1 252.39-1~deb12u2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 252.39-1~deb12u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-7458	LOW2.78	libsqlite3-0 3.40.1-2+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-7598	LOW2.78	libssh2-1 1.10.0-3+b1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42496	LOW2.78	perl-base 5.36.0-7+deb12u3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2018-20796	LOW2.7	libc-bin 2.36-9+deb12u14 No fix yet	5.8% Low-Moderate Risk	Post-Exploit
CVE-2019-9192	LOW2.7	libc-bin 2.36-9+deb12u14 No fix yet	2.4% Low-Moderate Risk	Post-Exploit
CVE-2018-20796	LOW2.7	libc6 2.36-9+deb12u14 No fix yet	5.8% Low-Moderate Risk	Post-Exploit
CVE-2019-9192	LOW2.7	libc6 2.36-9+deb12u14 No fix yet	2.4% Low-Moderate Risk	Post-Exploit
CVE-2018-6829	LOW2.7	libgcrypt20 1.10.1-3+deb12u1 No fix yet	1.8% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libgssapi-krb5-2 1.20.1-2+deb12u5 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libk5crypto3 1.20.1-2+deb12u5 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libkrb5-3 1.20.1-2+deb12u5 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libkrb5support0 1.20.1-2+deb12u5 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2023-2953	LOW2.7	libldap-2.5-0 2.5.13+dfsg-5 No fix yet	1.9% Low-Moderate Risk	Post-Exploit
CVE-2015-3276	LOW2.7	libldap-2.5-0 2.5.13+dfsg-5 No fix yet	5.3% Low-Moderate Risk	Post-Exploit
CVE-2017-17740	LOW2.7	libldap-2.5-0 2.5.13+dfsg-5 No fix yet	7.0% Low-Moderate Risk	Post-Exploit
CVE-2026-3184	LOW2.7	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-4873	LOW2.7	curl 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	curl 7.88.1-10+deb12u14 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	curl 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-4873	LOW2.7	libcurl4 7.88.1-10+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	libcurl4 7.88.1-10+deb12u14 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	libcurl4 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	mount 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42767	LOW2.7	openssl 3.0.20-1~deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-12087	LOW2.7	perl-base 5.36.0-7+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	login 1:4.13+dfsg1-1+deb12u2 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	passwd 1:4.13+dfsg1-1+deb12u2 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2025-15079	LOW2.48	curl 7.88.1-10+deb12u14 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-15079	LOW2.48	libcurl4 7.88.1-10+deb12u14 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-10148	LOW2.45	curl 7.88.1-10+deb12u14 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-14017	LOW2.45	curl 7.88.1-10+deb12u14 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-10148	LOW2.45	libcurl4 7.88.1-10+deb12u14 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-14017	LOW2.45	libcurl4 7.88.1-10+deb12u14 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 9.1-1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	curl 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	dirmngr 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	dirmngr 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gnupg 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gnupg 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gnupg-utils 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gnupg-utils 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpg 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpg 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpg-agent 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpg-agent 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpg-wks-client 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpg-wks-client 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpg-wks-server 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpg-wks-server 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpgconf 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgconf 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpgsm 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgsm 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpgv 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgv 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	libcurl4 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-0725	LOW2.4	curl 7.88.1-10+deb12u14 No fix yet	1.2% Low-Moderate Risk	Post-Exploit
CVE-2025-0725	LOW2.4	libcurl4 7.88.1-10+deb12u14 No fix yet	1.2% Low-Moderate Risk	Post-Exploit
CVE-2026-5773	LOW2.29	curl 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5773	LOW2.29	libcurl4 7.88.1-10+deb12u14 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW2.29	perl-base 5.36.0-7+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 9.1-1 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 2.6.1 No fix yet	1.2% Low-Moderate Risk	Post-Exploit
CVE-2024-56433	LOW1.84	login 1:4.13+dfsg1-1+deb12u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	passwd 1:4.13+dfsg1-1+deb12u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	dirmngr 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gnupg 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gnupg-utils 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpg 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpg-agent 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpg-wks-client 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpg-wks-server 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgconf 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgsm 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgv 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.36.0-7+deb12u3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-69720	NONE0	libncursesw6 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libtinfo6 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-bin 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libncursesw6 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libtinfo6 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-bin 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2025-30258	NONE0	gnupg-l10n 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-68972	NONE0	gnupg-l10n 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-modules 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-modules-bin 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-runtime 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam0g 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2022-3219	NONE0	gnupg-l10n 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libncursesw6 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-bin 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.2.15-2+b13 No fix yet	—	Not Applicable
CVE-2026-54411	NONE0	libpam-modules 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-modules-bin 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-runtime 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam0g 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-11822	NONE0	libsqlite3-0 3.40.1-2+deb12u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-11824	NONE0	libsqlite3-0 3.40.1-2+deb12u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-7709	NONE0	libsqlite3-0 3.40.1-2+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-27587	NONE0	libssl3 3.0.20-1~deb12u2 No fix yet	0.4% Theoretical Threat	Not Applicable
TEMP-0628843-DBAD28	NONE0	login 1:4.13+dfsg1-1+deb12u2 No fix yet	—	Not Applicable
CVE-2025-27587	NONE0	openssl 3.0.20-1~deb12u2 No fix yet	0.4% Theoretical Threat	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.13+dfsg1-1+deb12u2 No fix yet	—	Not Applicable
CVE-2026-48959	NONE0	perl-base 5.36.0-7+deb12u3 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-15649	NONE0	perl-base 5.36.0-7+deb12u3 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-7010	NONE0	perl-base 5.36.0-7+deb12u3 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-48961	NONE0	perl-base 5.36.0-7+deb12u3 No fix yet	0.3% Theoretical Threat	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 3.06-4 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.34+dfsg-1.2+deb12u1 No fix yet	—	Not Applicable
CVE-2026-46377	NONE0	github.com/tomwright/dasel/v3 v3.4.1 No fix yet	—	Not Applicable
CVE-2026-46378	NONE0	github.com/tomwright/dasel/v3 v3.4.1 fixed in 3.10.1	—	Not Applicable
CVE-2026-39823	NONE0	stdlib v1.25.8 fixed in 1.25.10, 1.26.3	0.3% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.25.8 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.25.8 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.25.8 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.25.8 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.25.8 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-39823	NONE0	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.3% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.25.9 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.25.9 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.25.9 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
GHSA-xmrv-pmrh-hhx2	NONE0	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 fixed in 1.7.8	—	Not Applicable
GHSA-xmrv-pmrh-hhx2	NONE0	github.com/aws/aws-sdk-go-v2/service/s3 v1.54.4 fixed in 1.97.3	—	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.25.10 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.25.10 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.25.10 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable