This image is safe for production use. Although 44 exposed and 67 post-exploit vulnerabilities were detected, all are low severity (maximum CVSS 5.5) and present no practical risk in typical deployments. The image is trusted, official, and immutable.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2017-13716 | MEDIUM5.5 | libbinutils 2.46-3ubuntu2 No fix yet | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2017-13716 | MEDIUM5.5 | libctf-nobfd0 2.46-3ubuntu2 No fix yet | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2017-13716 | MEDIUM5.5 | libctf0 2.46-3ubuntu2 No fix yet | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2017-13716 | MEDIUM5.5 | libgprofng0 2.46-3ubuntu2 No fix yet | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2017-13716 | MEDIUM5.5 | libsframe3 2.46-3ubuntu2 No fix yet | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | libc-bin 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | libc6 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-66382 | MEDIUM4.67 | libexpat1 2.7.4-1 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-3184 | MEDIUM4.5 | libblkid1 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc-bin 2.43-2ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc6 2.43-2ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-3184 | MEDIUM4.5 | libmount1 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-3184 | MEDIUM4.5 | libsmartcols1 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-3184 | MEDIUM4.5 | libuuid1 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libblkid1 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libmount1 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libsmartcols1 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libuuid1 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | libc-bin 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | libc6 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2017-13716 | LOW3.3 | binutils 2.46-3ubuntu2 No fix yet | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2017-13716 | LOW3.3 | binutils-common 2.46-3ubuntu2 No fix yet | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2017-13716 | LOW3.3 | binutils-x86-64-linux-gnu 2.46-3ubuntu2 No fix yet | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-34181 | LOW3.21 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-42768 | LOW3.21 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-5958 | LOW3.21 | sed 4.9-2build3 fixed in 4.9-2ubuntu1 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-45446 | LOW3.15 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45447 | LOW2.92 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2025-45582 | LOW2.86 | tar 1.35+dfsg-4 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-7383 | LOW2.8 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-35373 | LOW2.8 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-41990 | LOW2.8 | libgcrypt20 1.12.0-2 fixed in 1.12.0-2ubuntu0.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40228 | LOW2.8 | libsystemd0 259.5-0ubuntu3 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40228 | LOW2.8 | libudev1 259.5-0ubuntu3 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45445 | LOW2.78 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW2.7 | bsdutils 1:2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW2.7 | mount 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-42766 | LOW2.7 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-42767 | LOW2.7 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW2.7 | util-linux 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-34180 | LOW2.55 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | bsdutils 1:2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | mount 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | util-linux 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-41989 | LOW2.29 | libgcrypt20 1.12.0-2 fixed in 1.12.0-2ubuntu0.1 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-34183 | LOW2.29 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-34183 | LOW2.29 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-34183 | LOW2.29 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-34182 | LOW2.26 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-34182 | LOW2.26 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-34182 | LOW2.26 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2024-2236 | LOW2.12 | libgcrypt20 1.12.0-2 No fix yet | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-4437 | LOW1.99 | libc-bin 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6238 | LOW1.99 | libc-bin 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-4437 | LOW1.99 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6238 | LOW1.99 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-4437 | LOW1.99 | libc6 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6238 | LOW1.99 | libc6 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45446 | LOW1.89 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2024-56433 | LOW1.84 | passwd 1:4.17.4-2ubuntu3 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-42764 | LOW1.81 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-42769 | LOW1.81 | libssl3t64 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42764 | LOW1.81 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-42769 | LOW1.81 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42770 | LOW1.81 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-9076 | LOW1.81 | openssl 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42764 | LOW1.81 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-42769 | LOW1.81 | openssl-provider-legacy 3.5.5-1ubuntu3 fixed in 3.5.5-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-33811 | NONE0 | stdlib v1.26.2 fixed in 1.25.10, 1.26.3 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2026-33814 | NONE0 | stdlib v1.26.2 fixed in 1.25.10, 1.26.3 | 0.6% Theoretical Threat | Not Applicable |
| CVE-2026-39820 | NONE0 | stdlib v1.26.2 fixed in 1.25.10, 1.26.3 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-39836 | NONE0 | stdlib v1.26.2 fixed in 1.25.10, 1.26.3 | 0.6% Theoretical Threat | Not Applicable |
| CVE-2026-4437 | NONE0 | locales 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Not Applicable |
| CVE-2026-6238 | NONE0 | locales 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Not Applicable |
| CVE-2026-5435 | NONE0 | locales 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-39826 | NONE0 | stdlib v1.26.2 fixed in 1.25.10, 1.26.3 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-4046 | NONE0 | locales 2.43-2ubuntu2 No fix yet | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-3184 | NONE0 | login 1:4.16.0-2+really2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-27456 | NONE0 | login 1:4.16.0-2+really2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-4438 | NONE0 | locales 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| CVE-2024-56433 | NONE0 | login.defs 1:4.17.4-2ubuntu3 No fix yet | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-35341 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-35344 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35345 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35348 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35350 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35351 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35352 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35354 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35357 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35359 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35360 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35363 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-35364 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35367 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35368 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35370 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35371 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35374 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35377 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-39823 | NONE0 | stdlib v1.26.2 fixed in 1.25.10, 1.26.3 | 0.3% Theoretical Threat | Not Applicable |
| CVE-2026-39825 | NONE0 | stdlib v1.26.2 fixed in 1.25.10, 1.26.3 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-42499 | NONE0 | stdlib v1.26.2 fixed in 1.25.10, 1.26.3 | 0.6% Theoretical Threat | Not Applicable |
| CVE-2026-42504 | NONE0 | stdlib v1.26.2 fixed in 1.25.11, 1.26.4 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-27145 | NONE0 | stdlib v1.26.2 fixed in 1.25.11, 1.26.4 | 0.3% Theoretical Threat | Not Applicable |
| CVE-2026-42507 | NONE0 | stdlib v1.26.2 fixed in 1.25.11, 1.26.4 | 0.3% Theoretical Threat | Not Applicable |