Last scanned:
This image poses a critical security risk and must not be used in production, especially as an internet-facing service. The container includes multiple high-severity remote code execution vulnerabilities, such as CVE-2025-12735 in expr-eval and CVE-2026-33937 in Handlebars, which can be exploited without authentication. An attacker could execute arbitrary code on the Kibana server, potentially accessing or exfiltrating sensitive data. Immediate remediation is required, and deployment should be avoided until all critical vulnerabilities are patched.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2025-12735 | CRITICAL9.8 | expr-eval 2.0.2 No fix yet | 2.3% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2026-33937 | CRITICAL9.8 | handlebars 4.7.8 fixed in 4.7.9 | 1.8% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2026-4800 | CRITICAL9.8 | lodash 4.17.21 fixed in 4.18.0 | 1.7% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2026-33845 | HIGH7.73 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-45445 | HIGH7.73 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42264 | HIGH7.73 | axios 1.12.1 fixed in 1.15.2 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42044 | HIGH7.73 | axios 1.12.1 fixed in 1.15.2 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33896 | HIGH7.73 | node-forge 1.3.1 fixed in 1.4.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33846 | HIGH7.5 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2026-42009 | HIGH7.5 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2026-33416 | HIGH7.5 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.6 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-48068 | HIGH7.5 | @grpc/grpc-js 1.13.4 fixed in 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, 1.14.4 | — | Directly Exposed |
| CVE-2026-48069 | HIGH7.5 | @grpc/grpc-js 1.13.4 fixed in 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, 1.14.4 | — | Directly Exposed |
| CVE-2026-25639 | HIGH7.5 | axios 1.12.1 fixed in 1.13.5, 0.30.3 | 2.6% Low-Moderate Risk | Directly Exposed |
| CVE-2025-64756 | HIGH7.5 | glob 10.4.5 fixed in 11.1.0, 10.5.0 | 3.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-1526 | HIGH7.5 | undici 6.21.3 fixed in 6.24.0, 7.24.0 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-44293 | HIGH7.48 | protobufjs 7.4.0 fixed in 7.5.6, 8.0.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-12816 | HIGH7.39 | node-forge 1.3.1 fixed in 1.3.2 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-42013 | MEDIUM6.97 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-5260 | MEDIUM6.97 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-0966 | MEDIUM6.97 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-44490 | MEDIUM6.97 | axios 1.12.1 fixed in 1.16.0, 0.32.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33941 | MEDIUM6.97 | handlebars 4.7.8 fixed in 4.7.9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-0861 | MEDIUM6.88 | libc-bin 2.39-0ubuntu8.6 fixed in 2.39-0ubuntu8.7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-0861 | MEDIUM6.88 | libc6 2.39-0ubuntu8.6 fixed in 2.39-0ubuntu8.7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-25646 | MEDIUM6.88 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.5 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-28387 | MEDIUM6.88 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33938 | MEDIUM6.88 | handlebars 4.7.8 fixed in 4.7.9 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-33940 | MEDIUM6.88 | handlebars 4.7.8 fixed in 4.7.9 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-55388 | MEDIUM6.88 | piscina 3.2.0 fixed in 5.2.0, 4.9.3, 6.0.0-rc.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-44291 | MEDIUM6.88 | protobufjs 7.4.0 fixed in 7.5.6, 8.0.2 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-25210 | MEDIUM6.63 | libexpat1 2.6.1-2ubuntu0.3 fixed in 2.6.1-2ubuntu0.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22801 | MEDIUM6.63 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.3 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-29111 | MEDIUM6.63 | libsystemd0 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.14 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-29111 | MEDIUM6.63 | libudev1 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.14 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-44724 | MEDIUM6.63 | systeminformation 5.23.8 fixed in 5.31.6 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33636 | MEDIUM6.46 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.6 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-41989 | MEDIUM6.38 | libgcrypt20 1.10.3-2build1 fixed in 1.10.3-2ubuntu0.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27135 | MEDIUM6.38 | libnghttp2-14 1.59.0-1ubuntu0.2 fixed in 1.59.0-1ubuntu0.3 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-3731 | MEDIUM6.38 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.4 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-69421 | MEDIUM6.38 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM6.38 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-35213 | MEDIUM6.38 | @hapi/content 6.0.0 fixed in 6.0.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-44902 | MEDIUM6.38 | @opentelemetry/exporter-prometheus 0.202.0 fixed in 0.217.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-44902 | MEDIUM6.38 | @opentelemetry/sdk-node 0.202.0 fixed in 0.217.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-69873 | MEDIUM6.38 | ajv 8.17.1 fixed in 8.18.0, 6.14.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-44486 | MEDIUM6.38 | axios 1.12.1 fixed in 1.16.0, 0.32.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-44487 | MEDIUM6.38 | axios 1.12.1 fixed in 1.16.0, 0.32.0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-44488 | MEDIUM6.38 | axios 1.12.1 fixed in 1.16.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-44496 | MEDIUM6.38 | axios 1.12.1 fixed in 1.16.0, 0.32.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42038 | MEDIUM6.38 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42039 | MEDIUM6.38 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-33750 | MEDIUM6.38 | brace-expansion 1.1.12 fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-33750 | MEDIUM6.38 | brace-expansion 2.0.2 fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-6321 | MEDIUM6.38 | fast-uri 3.0.3 fixed in 3.1.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-6322 | MEDIUM6.38 | fast-uri 3.0.3 fixed in 3.1.2 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-26278 | MEDIUM6.38 | fast-xml-parser 4.4.1 fixed in 4.5.4, 5.3.6 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-33036 | MEDIUM6.38 | fast-xml-parser 4.4.1 fixed in 5.5.6, 4.5.5 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-27942 | MEDIUM6.38 | fast-xml-parser 4.4.1 fixed in 5.3.8, 4.5.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-12143 | MEDIUM6.38 | form-data 4.0.4 fixed in 2.5.6, 3.0.5, 4.0.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-33939 | MEDIUM6.38 | handlebars 4.7.8 fixed in 4.7.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-46625 | MEDIUM6.38 | js-cookie 2.2.1 fixed in 3.0.7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-65945 | MEDIUM6.38 | jws 3.2.2 fixed in 3.2.3, 4.0.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-65945 | MEDIUM6.38 | jws 4.0.0 fixed in 3.2.3, 4.0.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-2327 | MEDIUM6.38 | markdown-it 14.1.0 fixed in 14.1.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-26996 | MEDIUM6.38 | minimatch 3.1.2 fixed in 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-26996 | MEDIUM6.38 | minimatch 5.1.6 fixed in 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-26996 | MEDIUM6.38 | minimatch 9.0.5 fixed in 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-66031 | MEDIUM6.38 | node-forge 1.3.1 fixed in 1.3.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-33891 | MEDIUM6.38 | node-forge 1.3.1 fixed in 1.4.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33894 | MEDIUM6.38 | node-forge 1.3.1 fixed in 1.4.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33895 | MEDIUM6.38 | node-forge 1.3.1 fixed in 1.4.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-14874 | MEDIUM6.38 | nodemailer 7.0.9 fixed in 7.0.11 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-44289 | MEDIUM6.38 | protobufjs 7.4.0 fixed in 7.5.6, 8.0.2 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-44290 | MEDIUM6.38 | protobufjs 7.4.0 fixed in 7.5.6, 8.0.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-48712 | MEDIUM6.38 | protobufjs 7.4.0 fixed in 7.6.1, 8.4.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-44292 | MEDIUM6.38 | protobufjs 7.4.0 fixed in 7.5.6, 8.0.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-45740 | MEDIUM6.38 | protobufjs 7.4.0 fixed in 7.5.8, 8.2.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-12151 | MEDIUM6.38 | undici 6.21.3 fixed in 6.27.0, 7.28.0, 8.5.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-1528 | MEDIUM6.38 | undici 6.21.3 fixed in 6.24.0, 7.24.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-2229 | MEDIUM6.38 | undici 6.21.3 fixed in 6.24.0, 7.24.0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-22036 | MEDIUM6.38 | undici 6.21.3 fixed in 7.18.2, 6.23.0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-41907 | MEDIUM6.38 | uuid 10.0.0 fixed in 11.1.1, 12.0.1, 13.0.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-41907 | MEDIUM6.38 | uuid 8.3.2 fixed in 11.1.1, 12.0.1, 13.0.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-41907 | MEDIUM6.38 | uuid 9.0.1 fixed in 11.1.1, 12.0.1, 13.0.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-48779 | MEDIUM6.38 | ws 8.18.3 fixed in 5.2.5, 6.2.4, 7.5.11, 8.21.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-45736 | MEDIUM6.38 | ws 8.18.3 fixed in 8.20.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-3833 | MEDIUM6.29 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42011 | MEDIUM6.29 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-27795 | MEDIUM6.29 | @langchain/community 0.3.45 fixed in 1.1.18 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42033 | MEDIUM6.29 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-42035 | MEDIUM6.29 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-13204 | MEDIUM6.21 | expr-eval 2.0.2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42012 | MEDIUM6.03 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-64720 | MEDIUM6.03 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-65018 | MEDIUM6.03 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-66293 | MEDIUM6.03 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.3 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-22695 | MEDIUM6.03 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.3 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-25896 | MEDIUM6.03 | fast-xml-parser 4.4.1 fixed in 5.3.5, 4.5.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4878 | MEDIUM5.95 | libcap2 1:2.66-5ubuntu2.2 fixed in 1:2.66-5ubuntu2.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-44495 | MEDIUM5.95 | axios 1.12.1 fixed in 1.15.2, 0.31.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-2236 | MEDIUM5.9 | libgcrypt20 1.10.3-2build1 No fix yet | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2025-13151 | MEDIUM5.9 | libtasn1-6 4.19.0-3ubuntu0.24.04.1 fixed in 4.19.0-3ubuntu0.24.04.2 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-42014 | MEDIUM5.61 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-4437 | MEDIUM5.52 | libc-bin 2.39-0ubuntu8.6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6238 | MEDIUM5.52 | libc-bin 2.39-0ubuntu8.6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-4437 | MEDIUM5.52 | libc6 2.39-0ubuntu8.6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6238 | MEDIUM5.52 | libc6 2.39-0ubuntu8.6 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-8769 | MEDIUM5.52 | @ai-sdk/provider-utils 2.0.4 No fix yet | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42041 | MEDIUM5.52 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-27904 | MEDIUM5.52 | minimatch 3.1.2 fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-27904 | MEDIUM5.52 | minimatch 5.1.6 fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-27904 | MEDIUM5.52 | minimatch 9.0.5 fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-33671 | MEDIUM5.52 | picomatch 2.3.1 fixed in 4.0.4, 3.0.2, 2.3.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-1527 | MEDIUM5.52 | undici 6.21.3 fixed in 6.24.0, 7.24.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33532 | MEDIUM5.52 | yaml 1.10.2 fixed in 2.8.3, 1.10.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-33532 | MEDIUM5.52 | yaml 2.3.4 fixed in 2.8.3, 1.10.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-33532 | MEDIUM5.52 | yaml 2.5.1 fixed in 2.8.3, 1.10.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-40225 | MEDIUM5.44 | libsystemd0 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.14 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-40226 | MEDIUM5.44 | libsystemd0 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.16 | <0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-40225 | MEDIUM5.44 | libudev1 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.14 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-40226 | MEDIUM5.44 | libudev1 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.16 | <0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-0964 | MEDIUM5.35 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-48038 | MEDIUM5.3 | joi 17.13.3 fixed in 18.2.1, 17.13.4 | — | Directly Exposed |
| CVE-2025-13465 | MEDIUM5.3 | lodash 4.17.21 fixed in 4.17.23 | 1.5% Low-Moderate Risk | Directly Exposed |
| CVE-2026-13757 | MEDIUM5.27 | libp11-kit0 0.25.3-4ubuntu2.1 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-28162 | MEDIUM5.27 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.4 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-64506 | MEDIUM5.18 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.1 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-42042 | MEDIUM5.18 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42338 | MEDIUM5.18 | ip-address 9.0.5 fixed in 10.1.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-15281 | MEDIUM5.02 | libc-bin 2.39-0ubuntu8.6 fixed in 2.39-0ubuntu8.7 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | libc-bin 2.39-0ubuntu8.6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-15281 | MEDIUM5.02 | libc6 2.39-0ubuntu8.6 fixed in 2.39-0ubuntu8.7 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | libc6 2.39-0ubuntu8.6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-41324 | MEDIUM5.02 | basic-ftp 5.0.3 fixed in 5.3.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33349 | MEDIUM5.02 | fast-xml-parser 4.4.1 fixed in 4.5.5, 5.5.7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-27903 | MEDIUM5.02 | minimatch 3.1.2 fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-27903 | MEDIUM5.02 | minimatch 5.1.6 fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-27903 | MEDIUM5.02 | minimatch 9.0.5 fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-9679 | MEDIUM5.02 | undici 6.21.3 fixed in 6.27.0, 7.28.0, 8.5.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-40175 | MEDIUM4.8 | axios 1.12.1 fixed in 1.15.0, 0.31.0 | 1.8% Low-Moderate Risk | Directly Exposed |
| CVE-2025-66382 | MEDIUM4.67 | libexpat1 2.6.1-2ubuntu0.3 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-0967 | MEDIUM4.67 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-27171 | MEDIUM4.67 | zlib1g 1:1.3.dfsg-3.1ubuntu2.1 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-41650 | MEDIUM4.59 | fast-xml-parser 4.4.1 fixed in 5.7.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-53382 | MEDIUM4.59 | prismjs 1.27.0 fixed in 1.30.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-0915 | MEDIUM4.5 | libc-bin 2.39-0ubuntu8.6 fixed in 2.39-0ubuntu8.7 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc-bin 2.39-0ubuntu8.6 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-0915 | MEDIUM4.5 | libc6 2.39-0ubuntu8.6 fixed in 2.39-0ubuntu8.7 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc6 2.39-0ubuntu8.6 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-23865 | MEDIUM4.5 | libfreetype6 2.13.2+dfsg-1build3 fixed in 2.13.2+dfsg-1ubuntu0.1 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-14831 | MEDIUM4.5 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.5 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42015 | MEDIUM4.5 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-34743 | MEDIUM4.5 | liblzma5 5.6.1+really5.4.5-1ubuntu0.2 fixed in 5.6.1+really5.4.5-1ubuntu0.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-54285 | MEDIUM4.5 | @opentelemetry/core 1.26.0 fixed in 2.8.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-54285 | MEDIUM4.5 | @opentelemetry/core 2.0.1 fixed in 2.8.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-44288 | MEDIUM4.5 | @protobufjs/utf8 1.1.0 fixed in 1.1.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-48985 | MEDIUM4.5 | ai 4.0.18 fixed in 5.0.52, 5.1.0-beta.9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42034 | MEDIUM4.5 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42036 | MEDIUM4.5 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42037 | MEDIUM4.5 | axios 1.12.1 fixed in 1.15.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-2739 | MEDIUM4.5 | bn.js 4.11.9 fixed in 4.12.3, 5.2.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-64718 | MEDIUM4.5 | js-yaml 4.1.0 fixed in 4.1.1, 3.14.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-53550 | MEDIUM4.5 | js-yaml 4.1.0 fixed in 4.2.0, 3.15.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-2950 | MEDIUM4.5 | lodash 4.17.21 fixed in 4.18.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-66030 | MEDIUM4.5 | node-forge 1.3.1 fixed in 1.3.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33672 | MEDIUM4.5 | picomatch 2.3.1 fixed in 4.0.4, 3.0.2, 2.3.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-44288 | MEDIUM4.5 | protobufjs 7.4.0 fixed in 7.5.6, 8.0.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-44294 | MEDIUM4.5 | protobufjs 7.4.0 fixed in 7.5.6, 8.0.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-54269 | MEDIUM4.5 | protobufjs 7.4.0 fixed in 7.6.3, 8.6.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-31988 | MEDIUM4.5 | yauzl 3.2.0 fixed in 3.2.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-28164 | MEDIUM4.25 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.4 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-8286 | MEDIUM4.13 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-15079 | MEDIUM4.13 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-8286 | MEDIUM4.13 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | MEDIUM4.13 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2026-27456 | MEDIUM4 | libblkid1 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libmount1 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libsmartcols1 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-8114 | MEDIUM4 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-68160 | MEDIUM4 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libuuid1 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-33916 | MEDIUM4 | handlebars 4.7.8 fixed in 4.7.9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-69720 | LOW3.98 | ncurses-bin 6.4+20240113-1ubuntu2 fixed in 6.4+20240113-1ubuntu2.1 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-8927 | LOW3.82 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW3.82 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-6276 | LOW3.82 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-41992 | LOW3.82 | gzip 1.12-1ubuntu3.1 fixed in 1.12-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-8927 | LOW3.82 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW3.82 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-6276 | LOW3.82 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW3.82 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28388 | LOW3.82 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW3.82 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28390 | LOW3.82 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-9547 | LOW3.77 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-9547 | LOW3.77 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-34182 | LOW3.77 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-69419 | LOW3.77 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-64505 | LOW3.74 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-34757 | LOW3.74 | libpng16-16t64 1.6.43-5build1 fixed in 1.6.43-5ubuntu0.6 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-26960 | LOW3.62 | tar 7.4.3 fixed in 7.5.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gpgv 2.4.4-2ubuntu17.3 fixed in 2.4.4-2ubuntu17.4 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-62718 | LOW3.56 | axios 1.12.1 fixed in 1.15.0, 0.31.0 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2026-42010 | LOW3.53 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-26019 | LOW3.48 | @langchain/community 0.3.45 fixed in 1.1.14 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-1965 | LOW3.47 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-14819 | LOW3.47 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-1965 | LOW3.47 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-14819 | LOW3.47 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-4438 | LOW3.4 | libc-bin 2.39-0ubuntu8.6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | libc6 2.39-0ubuntu8.6 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-9820 | LOW3.4 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.5 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-3449 | LOW3.4 | @tootallnate/once 2.0.0 fixed in 3.0.1, 2.0.1 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-68154 | LOW3.35 | systeminformation 5.23.8 fixed in 5.27.14 | 12.9% High Exploitation Risk | Post-Exploit |
| CVE-2026-5545 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-14524 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-3784 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-8924 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-5545 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-14524 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-3784 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-8924 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-5958 | LOW3.21 | sed 4.9-2build1 fixed in 4.9-2ubuntu0.24.04.1 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-29786 | LOW3.21 | tar 7.4.3 fixed in 7.5.10 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-26318 | LOW3.17 | systeminformation 5.23.8 fixed in 5.31.0 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-3832 | LOW3.15 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-5419 | LOW3.15 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42040 | LOW3.15 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-11525 | LOW3.15 | undici 6.21.3 fixed in 6.27.0, 7.28.0, 8.5.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-6733 | LOW3.15 | undici 6.21.3 fixed in 6.27.0, 7.28.0, 8.5.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-44494 | LOW3.13 | axios 1.12.1 fixed in 1.16.0 | 1.0% Low-Moderate Risk | Post-Exploit |
| CVE-2026-23745 | LOW3.11 | tar 7.4.3 fixed in 7.5.3 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42043 | LOW3.06 | axios 1.12.1 fixed in 1.15.1, 0.31.1 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-31790 | LOW3.01 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 1.0% Theoretical Threat | Post-Exploit |
| CVE-2025-69420 | LOW3.01 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-22796 | LOW3.01 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-42770 | LOW3.01 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-9076 | LOW3.01 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-23950 | LOW3.01 | tar 7.4.3 fixed in 7.5.4 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-2781 | LOW3 | libnss3 2:3.98-1build1 fixed in 2:3.98-1ubuntu0.1 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.9 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-8376 | LOW3 | perl-base 5.38.2-3.2ubuntu0.2 fixed in 5.38.2-3.2ubuntu0.3 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-27699 | LOW3 | basic-ftp 5.0.3 fixed in 5.2.0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-40190 | LOW3 | langsmith 0.3.29 fixed in 0.5.18 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-41242 | LOW3 | protobufjs 7.4.0 fixed in 8.0.1, 7.5.5 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-1525 | LOW3 | undici 6.21.3 fixed in 6.24.0, 7.24.0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-8925 | LOW2.92 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-8925 | LOW2.92 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libssl3t64 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-3783 | LOW2.91 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-3783 | LOW2.91 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-12318 | LOW2.89 | libnss3 2:3.98-1build1 fixed in 2:3.98-1ubuntu0.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-45582 | LOW2.86 | tar 1.35+dfsg-3build1 fixed in 1.35+dfsg-3ubuntu0.2 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-26280 | LOW2.81 | systeminformation 5.23.8 fixed in 5.30.8 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2026-22795 | LOW2.8 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-7383 | LOW2.8 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-5704 | LOW2.8 | tar 1.35+dfsg-3build1 fixed in 1.35+dfsg-3ubuntu0.1 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-31802 | LOW2.8 | tar 7.4.3 fixed in 7.5.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-53655 | LOW2.8 | tar 7.4.3 fixed in 7.5.16 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-0965 | LOW2.8 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40228 | LOW2.8 | libsystemd0 255.4-1ubuntu8.10 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40228 | LOW2.8 | libudev1 255.4-1ubuntu8.10 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45445 | LOW2.78 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42496 | LOW2.78 | perl-base 5.38.2-3.2ubuntu0.2 fixed in 5.38.2-3.2ubuntu0.3 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-68665 | LOW2.78 | @langchain/core 0.3.57 fixed in 1.1.8, 0.3.80 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2025-68665 | LOW2.78 | langchain 0.3.15 fixed in 1.2.3, 0.3.37 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-4873 | LOW2.7 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-4873 | LOW2.7 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42766 | LOW2.7 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-42767 | LOW2.7 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-0968 | LOW2.63 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-8277 | LOW2.63 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | LOW2.55 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-24842 | LOW2.51 | tar 7.4.3 fixed in 7.5.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-15079 | LOW2.48 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-14017 | LOW2.45 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-10148 | LOW2.45 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-14017 | LOW2.45 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-10148 | LOW2.45 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | bsdutils 1:2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-15224 | LOW2.4 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-10536 | LOW2.4 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.11 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-41991 | LOW2.4 | gzip 1.12-1ubuntu3.1 fixed in 1.12-1ubuntu3.2 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-15224 | LOW2.4 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-10536 | LOW2.4 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.11 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | mount 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68160 | LOW2.4 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | util-linux 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-24515 | LOW2.12 | libexpat1 2.6.1-2ubuntu0.3 fixed in 2.6.1-2ubuntu0.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW2.04 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-45446 | LOW1.89 | openssl 3.0.13-0ubuntu3.6 fixed in 3.0.13-0ubuntu3.11 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2024-56433 | LOW1.84 | login 1:4.13+dfsg1-4ubuntu3.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2024-56433 | LOW1.84 | passwd 1:4.13+dfsg1-4ubuntu3.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-69720 | NONE0 | libncursesw6 6.4+20240113-1ubuntu2 fixed in 6.4+20240113-1ubuntu2.1 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2025-69720 | NONE0 | libtinfo6 6.4+20240113-1ubuntu2 fixed in 6.4+20240113-1ubuntu2.1 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2025-69720 | NONE0 | ncurses-base 6.4+20240113-1ubuntu2 fixed in 6.4+20240113-1ubuntu2.1 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2025-0167 | NONE0 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.7% Theoretical Threat | Not Applicable |
| CVE-2026-8458 | NONE0 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2026-2219 | NONE0 | dpkg 1.22.6ubuntu6.5 fixed in 1.22.6ubuntu6.6 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2025-0167 | NONE0 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.7% Theoretical Threat | Not Applicable |
| CVE-2026-8458 | NONE0 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2026-58055 | NONE0 | libnghttp2-14 1.59.0-1ubuntu0.2 fixed in 1.59.0-1ubuntu0.4 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-11822 | NONE0 | libsqlite3-0 3.45.1-1ubuntu2.5 fixed in 3.45.1-1ubuntu2.6 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-11824 | NONE0 | libsqlite3-0 3.45.1-1ubuntu2.5 fixed in 3.45.1-1ubuntu2.6 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-44974 | NONE0 | @hapi/content 6.0.0 fixed in 6.0.2 | — | Not Applicable |
| CVE-2026-48049 | NONE0 | @hapi/inert 7.1.0 fixed in 7.1.1 | — | Not Applicable |
| CVE-2026-44979 | NONE0 | @hapi/wreck 18.1.0 fixed in 18.1.1 | — | Not Applicable |
| CVE-2026-48022 | NONE0 | @hapi/wreck 18.1.0 fixed in 18.1.2 | — | Not Applicable |
| GHSA-6475-r3vj-m8vf | NONE0 | @smithy/config-resolver 4.3.0 fixed in 4.4.0 | — | Not Applicable |
| CVE-2026-44240 | NONE0 | basic-ftp 5.0.3 fixed in 5.3.1 | 0.5% Theoretical Threat | Not Applicable |
| GHSA-6v7q-wjvx-w8wg | NONE0 | basic-ftp 5.0.3 fixed in 5.2.2 | — | Not Applicable |
| GHSA-r4q5-vmmm-2653 | NONE0 | follow-redirects 1.15.6 fixed in 1.16.0 | — | Not Applicable |
| GHSA-7rx3-28cr-v5wh | NONE0 | handlebars 4.7.8 fixed in 4.7.9 | — | Not Applicable |
| GHSA-442j-39wm-28r2 | NONE0 | handlebars 4.7.8 fixed in 4.7.9 | — | Not Applicable |
| CVE-2025-9910 | NONE0 | jsondiffpatch 0.6.0 fixed in 0.7.2 | 0.3% Theoretical Threat | Not Applicable |
| CVE-2026-45134 | NONE0 | langsmith 0.3.29 fixed in 0.6.0 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-41182 | NONE0 | langsmith 0.3.29 fixed in 0.5.19 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-48801 | NONE0 | linkify-it 5.0.0 fixed in 5.0.1 | — | Not Applicable |
| CVE-2026-48988 | NONE0 | markdown-it 14.1.0 fixed in 14.2.0 | 0.3% Theoretical Threat | Not Applicable |
| GHSA-p6gq-j5cr-w38f | NONE0 | nodemailer 7.0.9 fixed in 9.0.1 | — | Not Applicable |
| GHSA-268h-hp4c-crq3 | NONE0 | nodemailer 7.0.9 fixed in 8.0.9 | — | Not Applicable |
| GHSA-r7g4-qg5f-qqm2 | NONE0 | nodemailer 7.0.9 fixed in 8.0.8 | — | Not Applicable |
| GHSA-vvjj-xcjg-gr5g | NONE0 | nodemailer 7.0.9 fixed in 8.0.5 | — | Not Applicable |
| GHSA-wqvq-jvpq-h66f | NONE0 | nodemailer 7.0.9 fixed in 8.0.9 | — | Not Applicable |
| GHSA-c7w3-x93f-qmm8 | NONE0 | nodemailer 7.0.9 fixed in 8.0.4 | — | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.