Vulnerability Reportinstrumentisto/nmap:7.95

instrumentisto/nmap:7.95instrumentisto/nmap:7.95-r12

DIGESTsha256:3cca6ece8de5a571c956022ec6c2cf343da8c4416fa36e1891e8c33623cfc845

Executive Summary

Threat ScoreCAUTION• 57 exposed vulnerabilities, including 8 with severity 6.0 or higher.• Top findings: CVE-2026-31789 (6.66), CVE-2026-34183 (6.38), CVE-2025-69419 (6.29) – all in OpenSSL.• All exposed vulnerabilities are in libcrypto3/libssl3, used by nmap for TLS scanning.• Image is from a popular community publisher (8M+ pulls) and pinned by digest, indicating reliability.• No high-severity (>=7.0) vulnerabilities; maximum severity is 6.66.• Post-exploit vulnerabilities (18) are low severity (max 4.06) and not exploitable in normal nmap operation.

50/100CAUTION

ReputationPOPULAR COMMUNITY• High Reputation Community Image (8M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could potentially achieve remote code execution (on 32-bit) or denial of service via crafted network responses. CVE-2026-31789 is only exploitable on 32-bit platforms, which is not confirmed for this container; deploying on a 64-bit architecture would fully mitigate it. CVE-2026-34183 (QUIC memory exhaustion) may not be reachable if nmap does not actively use QUIC in scans. Other vulnerabilities like CVE-2025-69419 and CVE-2026-34182 require complex attack scenarios and have lower likelihood. Despite the reliable image source, the volume of exposed vulnerabilities (57 total, 8 above 6.0) warrants caution.

Vulnerabilities

Vulnerability Log

75 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-31789	MEDIUM6.66	libcrypto3 3.5.4-r0 fixed in 3.5.6-r0	0.2% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-31789	MEDIUM6.66	libssl3 3.5.4-r0 fixed in 3.5.6-r0	0.2% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-34183	MEDIUM6.38	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34183	MEDIUM6.38	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-69419	MEDIUM6.29	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34182	MEDIUM6.29	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69419	MEDIUM6.29	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34182	MEDIUM6.29	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	libcrypto3 3.5.4-r0 fixed in 3.5.6-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	libssl3 3.5.4-r0 fixed in 3.5.6-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34181	MEDIUM5.35	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34181	MEDIUM5.35	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2025-11187	MEDIUM5.18	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-11187	MEDIUM5.18	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-28388	MEDIUM5.1	libcrypto3 3.5.4-r0 fixed in 3.5.6-r0	0.9% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-28388	MEDIUM5.1	libssl3 3.5.4-r0 fixed in 3.5.6-r0	0.9% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-31790	MEDIUM5.02	libcrypto3 3.5.4-r0 fixed in 3.5.6-r0	1.0% Theoretical Threat	Directly Exposed
CVE-2026-42764	MEDIUM5.02	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.7% Theoretical Threat	Directly Exposed
CVE-2025-15468	MEDIUM5.02	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.7% Theoretical Threat	Directly Exposed
CVE-2025-66199	MEDIUM5.02	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2025-69420	MEDIUM5.02	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.8% Theoretical Threat	Directly Exposed
CVE-2026-22796	MEDIUM5.02	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42769	MEDIUM5.02	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	libssl3 3.5.4-r0 fixed in 3.5.6-r0	1.0% Theoretical Threat	Directly Exposed
CVE-2026-42764	MEDIUM5.02	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.7% Theoretical Threat	Directly Exposed
CVE-2025-15468	MEDIUM5.02	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.7% Theoretical Threat	Directly Exposed
CVE-2025-66199	MEDIUM5.02	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2025-69420	MEDIUM5.02	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.8% Theoretical Threat	Directly Exposed
CVE-2026-22796	MEDIUM5.02	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42769	MEDIUM5.02	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2025-15469	MEDIUM4.67	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-22795	MEDIUM4.67	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.1% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2025-15469	MEDIUM4.67	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-22795	MEDIUM4.67	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.1% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6042	MEDIUM4.67	musl 1.2.5-r21 fixed in 1.2.5-r22	0.2% Theoretical Threat	Directly Exposed
CVE-2026-6042	MEDIUM4.67	musl-utils 1.2.5-r21 fixed in 1.2.5-r22	0.2% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib 1.3.1-r2 fixed in 1.3.2-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-15467	MEDIUM4.06	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	48.7% High Exploitation Risk	Post-Exploit
CVE-2025-15467	MEDIUM4.06	libssl3 3.5.4-r0 fixed in 3.5.5-r0	48.7% High Exploitation Risk	Post-Exploit
CVE-2025-68160	MEDIUM4	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2025-68160	MEDIUM4	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW3.4	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.1% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW3.4	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.1% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45447	LOW2.92	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45447	LOW2.92	libssl3 3.5.4-r0 fixed in 3.5.7-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45445	LOW2.78	libcrypto3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-7598	LOW2.78	libssh2 1.11.1-r1 fixed in 1.11.1-r2	0.4% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	libssl3 3.5.4-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-28387	LOW2.48	libcrypto3 3.5.4-r0 fixed in 3.5.6-r0	0.6% Theoretical Threat	Post-Exploit
CVE-2026-28387	LOW2.48	libssl3 3.5.4-r0 fixed in 3.5.6-r0	0.6% Theoretical Threat	Post-Exploit
CVE-2026-40200	LOW2.39	musl 1.2.5-r21 fixed in 1.2.5-r23	0.1% Theoretical Threat	Post-Exploit
CVE-2026-40200	LOW2.39	musl-utils 1.2.5-r21 fixed in 1.2.5-r23	0.1% Theoretical Threat	Post-Exploit
CVE-2026-22184	LOW2.39	zlib 1.3.1-r2 fixed in 1.3.2-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69421	LOW2.29	libcrypto3 3.5.4-r0 fixed in 3.5.5-r0	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28389	LOW2.29	libcrypto3 3.5.4-r0 fixed in 3.5.6-r0	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28390	LOW2.29	libcrypto3 3.5.4-r0 fixed in 3.5.6-r0	0.8% Theoretical Threat	Post-Exploit
CVE-2025-69421	LOW2.29	libssl3 3.5.4-r0 fixed in 3.5.5-r0	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28389	LOW2.29	libssl3 3.5.4-r0 fixed in 3.5.6-r0	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28390	LOW2.29	libssl3 3.5.4-r0 fixed in 3.5.6-r0	0.8% Theoretical Threat	Post-Exploit