Vulnerability Reportmetasploitframework/metasploit-framework:6.3.47

metasploitframework/metasploit-framework:6.3.47

DIGESTsha256:757e57ea9147588a596c79983a680a9b623989339ffab870d658cdada0d01129

Executive Summary

Threat ScoreCAUTION• 31 vulnerabilities with severity ≥7.0, led by CVE-2024-6119 (CVSS 9.75) affecting OpenSSL, which can cause denial of service during TLS client connections.• High-severity flaws like CVE-2026-27820 (zlib buffer overflow, CVSS 8.33) and CVE-2025-1094 (PostgreSQL quoting, CVSS 8.0) could lead to code execution or SQL injection under specific conditions.• The image is a community image with low reputation, unverified publisher, and a trust score of 55, increasing supply chain risk.• Post-exploitation vulnerabilities exist (83 total) but none exceed 4.58 severity, limiting additional risk post-compromise.

74/100CAUTION

ReputationCOMMUNITY• Community Image with low/unknown reputation• Pinned by digest (Immutable)

UNVERIFIED

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. The most severe real-world consequences include denial of service via crafted TLS connections (CVE-2024-6119) and potential arbitrary code execution from malicious compressed data (CVE-2026-27820). Note that the PostgreSQL SQL injection (CVE-2025-1094) only applies if the container constructs psql commands from database-supplied input. Post-exploitation vulnerabilities are low severity, so they do not materially increase the overall risk. Updating the affected packages would resolve these issues, but until then, restrict network access and avoid running in untrusted environments.

Vulnerabilities

Vulnerability Log

372 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2024-6119	CRITICAL9.75	libcrypto3 3.1.4-r1 fixed in 3.1.7-r0	66.6% Actively Exploited	Directly ExposedContext importance: HIGH
CVE-2024-6119	CRITICAL9.75	libssl3 3.1.4-r1 fixed in 3.1.7-r0	66.6% Actively Exploited	Directly ExposedContext importance: HIGH
CVE-2024-6119	CRITICAL9.75	openssl 3.1.4-r1 fixed in 3.1.7-r0	66.6% Actively Exploited	Directly ExposedContext importance: HIGH
CVE-2024-6119	CRITICAL9.75	openssl-dev 3.1.4-r1 fixed in 3.1.7-r0	66.6% Actively Exploited	Directly ExposedContext importance: HIGH
CVE-2026-27820	HIGH8.33	zlib 2.1.1 fixed in ~> 3.0.1, ~> 3.1.2, >= 3.2.3	0.6% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2025-1094	HIGH8	libecpg 15.5-r0 fixed in 15.11-r0	89.5% Actively Exploited	Directly ExposedContext importance: MEDIUM
CVE-2025-1094	HIGH8	libpq 15.5-r0 fixed in 15.11-r0	89.5% Actively Exploited	Directly ExposedContext importance: MEDIUM
CVE-2024-45491	HIGH7.84	libexpat 2.5.0-r1 fixed in 2.6.3-r0	1.1% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2024-45492	HIGH7.84	libexpat 2.5.0-r1 fixed in 2.6.3-r0	1.4% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2024-7348	HIGH7.5	libecpg 15.5-r0 fixed in 15.8-r0	1.6% Low-Moderate Risk	Directly Exposed
CVE-2023-52425	HIGH7.5	libexpat 2.5.0-r1 fixed in 2.6.0-r0	1.8% Low-Moderate Risk	Directly Exposed
CVE-2024-28757	HIGH7.5	libexpat 2.5.0-r1 fixed in 2.6.2-r0	2.0% Low-Moderate Risk	Directly Exposed
CVE-2024-45490	HIGH7.5	libexpat 2.5.0-r1 fixed in 2.6.3-r0	1.7% Low-Moderate Risk	Directly Exposed
CVE-2024-8176	HIGH7.5	libexpat 2.5.0-r1 fixed in 2.7.0-r0	1.6% Low-Moderate Risk	Directly Exposed
CVE-2024-7348	HIGH7.5	libpq 15.5-r0 fixed in 15.8-r0	1.6% Low-Moderate Risk	Directly Exposed
CVE-2024-34069	HIGH7.5	Werkzeug 3.0.1 fixed in 3.0.3	3.4% Low-Moderate Risk	Directly Exposed
CVE-2024-49767	HIGH7.5	Werkzeug 3.0.1 fixed in 3.0.6	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-39689	HIGH7.5	certifi 2023.11.17 fixed in 2024.7.4	1.0% Low-Moderate Risk	Directly Exposed
CVE-2024-3651	HIGH7.5	idna 3.6 fixed in 3.7	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26141	HIGH7.5	rack 2.2.8 fixed in ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1	1.6% Low-Moderate Risk	Directly Exposed
CVE-2024-26146	HIGH7.5	rack 2.2.8 fixed in ~> 2.0.9, >= 2.0.9.4, ~> 2.1.4, >= 2.1.4.4, ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1	2.0% Low-Moderate Risk	Directly Exposed
CVE-2025-27610	HIGH7.5	rack 2.2.8 fixed in ~> 2.2.13, ~> 3.0.14, >= 3.1.12	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-49761	HIGH7.5	rexml 3.2.5 fixed in >= 3.3.9	1.4% Low-Moderate Risk	Directly Exposed
CVE-2024-41123	HIGH7.5	rexml 3.2.5 fixed in >= 3.3.3	1.3% Low-Moderate Risk	Directly Exposed
CVE-2024-41946	HIGH7.5	rexml 3.2.5 fixed in >= 3.3.3	1.2% Low-Moderate Risk	Directly Exposed
CVE-2024-49761	HIGH7.5	rexml 3.2.6 fixed in >= 3.3.9	1.4% Low-Moderate Risk	Directly Exposed
CVE-2024-41123	HIGH7.5	rexml 3.2.6 fixed in >= 3.3.3	1.3% Low-Moderate Risk	Directly Exposed
CVE-2024-41946	HIGH7.5	rexml 3.2.6 fixed in >= 3.3.3	1.2% Low-Moderate Risk	Directly Exposed
CVE-2024-56201	HIGH7.48	Jinja2 3.1.2 fixed in 3.1.5	0.3% Theoretical Threat	Directly Exposed
CVE-2025-27516	HIGH7.48	Jinja2 3.1.2 fixed in 3.1.6	0.5% Theoretical Threat	Directly Exposed
CVE-2023-7104	HIGH7.3	sqlite-libs 3.41.2-r2 fixed in 3.41.2-r3	1.2% Low-Moderate Risk	Directly Exposed
CVE-2024-25126	MEDIUM6.9	rack 2.2.8 fixed in ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1	35.4% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-41316	MEDIUM6.88	erb 2.2.3 fixed in ~> 4.0.3.1, ~> 4.0.4.1, ~> 6.0.1.1, >= 6.0.4	0.5% Theoretical Threat	Directly Exposed
CVE-2024-28103	MEDIUM6.66	actionpack 7.0.8 fixed in ~> 6.1.7, >= 6.1.7.8, ~> 7.0.8, >= 7.0.8.4, ~> 7.1.3, >= 7.1.3.4, >= 7.2.0.beta2	0.7% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42257	MEDIUM6.66	net-imap 0.2.3 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42258	MEDIUM6.66	net-imap 0.2.3 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4	0.9% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42257	MEDIUM6.66	net-imap 0.4.0 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42258	MEDIUM6.66	net-imap 0.4.0 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4	0.9% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2023-6129	MEDIUM6.5	libcrypto3 3.1.4-r1 fixed in 3.1.4-r3	2.3% Low-Moderate Risk	Directly Exposed
CVE-2023-6129	MEDIUM6.5	libssl3 3.1.4-r1 fixed in 3.1.4-r3	2.3% Low-Moderate Risk	Directly Exposed
CVE-2023-6129	MEDIUM6.5	openssl-dev 3.1.4-r1 fixed in 3.1.4-r3	2.3% Low-Moderate Risk	Directly Exposed
CVE-2025-25184	MEDIUM6.5	rack 2.2.8 fixed in ~> 2.2.11, ~> 3.0.12, >= 3.1.10	1.1% Low-Moderate Risk	Directly Exposed
CVE-2025-31115	MEDIUM6.38	xz-libs 5.4.3-r0 fixed in 5.4.3-r1	0.6% Theoretical Threat	Directly Exposed
CVE-2024-26130	MEDIUM6.38	cryptography 41.0.7 fixed in 42.0.4	0.8% Theoretical Threat	Directly Exposed
CVE-2026-30922	MEDIUM6.38	pyasn1 0.5.1 fixed in 0.6.3	0.6% Theoretical Threat	Directly Exposed
CVE-2025-66418	MEDIUM6.38	urllib3 2.1.0 fixed in 2.6.0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-66471	MEDIUM6.38	urllib3 2.1.0 fixed in 2.6.0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-21441	MEDIUM6.38	urllib3 2.1.0 fixed in 2.6.3	0.5% Theoretical Threat	Directly Exposed
CVE-2026-33176	MEDIUM6.38	activesupport 7.0.8 fixed in ~> 7.2.3, >= 7.2.3.1, ~> 8.0.4, >= 8.0.4.1, >= 8.1.2.1	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33306	MEDIUM6.38	bcrypt 3.1.19 fixed in >= 3.1.22	0.2% Theoretical Threat	Directly Exposed
CVE-2025-27219	MEDIUM6.38	cgi 0.3.6 fixed in ~> 0.3.5.1, ~> 0.3.7, >= 0.4.2	0.8% Theoretical Threat	Directly Exposed
CVE-2025-27220	MEDIUM6.38	cgi 0.3.6 fixed in ~> 0.3.5.1, ~> 0.3.7, >= 0.4.2	0.7% Theoretical Threat	Directly Exposed
CVE-2026-42245	MEDIUM6.38	net-imap 0.2.3 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42245	MEDIUM6.38	net-imap 0.4.0 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4	0.4% Theoretical Threat	Directly Exposed
CVE-2024-21647	MEDIUM6.38	puma 6.4.0 fixed in ~> 5.6.8, >= 6.4.2	1.0% Theoretical Threat	Directly Exposed
CVE-2025-27111	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.12, ~> 3.0.13, >= 3.1.11	0.7% Theoretical Threat	Directly Exposed
CVE-2025-46727	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.14, ~> 3.0.16, >= 3.1.14	0.9% Theoretical Threat	Directly Exposed
CVE-2025-59830	MEDIUM6.38	rack 2.2.8 fixed in >= 2.2.18	0.5% Theoretical Threat	Directly Exposed
CVE-2025-61770	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.19, ~> 3.1.17, >= 3.2.2	0.8% Theoretical Threat	Directly Exposed
CVE-2025-61771	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.19, ~> 3.1.17, >= 3.2.2	0.5% Theoretical Threat	Directly Exposed
CVE-2025-61919	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.20, ~> 3.1.18, >= 3.2.3	0.6% Theoretical Threat	Directly Exposed
CVE-2026-22860	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.22, ~> 3.1.20, >= 3.2.5	0.6% Theoretical Threat	Directly Exposed
CVE-2026-34785	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34829	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34230	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34826	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34830	MEDIUM6.38	rack 2.2.8 fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6	0.2% Theoretical Threat	Directly Exposed
CVE-2025-61921	MEDIUM6.38	sinatra 3.1.0 fixed in >= 4.2.0	0.4% Theoretical Threat	Directly Exposed
CVE-2025-61594	MEDIUM6.38	uri 0.12.1 fixed in ~> 0.12.5, ~> 0.13.3, >= 1.0.4	0.5% Theoretical Threat	Directly Exposed
CVE-2024-47220	MEDIUM6.38	webrick 1.8.1 fixed in >= 1.8.2	0.4% Theoretical Threat	Directly Exposed
CVE-2025-12790	MEDIUM6.29	mqtt 0.6.0 fixed in >= 0.7.0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42246	MEDIUM6.29	net-imap 0.2.3 fixed in ~> 0.3.10, ~> 0.4.24, ~> 0.5.14, >= 0.6.4	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42246	MEDIUM6.29	net-imap 0.4.0 fixed in ~> 0.3.10, ~> 0.4.24, ~> 0.5.14, >= 0.6.4	0.4% Theoretical Threat	Directly Exposed
CVE-2023-48795	MEDIUM6.14	libssh2 1.10.0-r4 fixed in 1.11.0-r0	93.3% Actively Exploited	Directly ExposedContext importance: MEDIUM
CVE-2024-26143	MEDIUM6.1	actionpack 7.0.8 fixed in ~> 7.0.8, >= 7.0.8.1, >= 7.1.3.1	1.0% Low-Moderate Risk	Directly Exposed
CVE-2025-26519	MEDIUM5.95	musl 1.2.4-r2 fixed in 1.2.4-r3	0.3% Theoretical Threat	Directly Exposed
CVE-2025-26519	MEDIUM5.95	musl-dev 1.2.4-r2 fixed in 1.2.4-r3	0.3% Theoretical Threat	Directly Exposed
CVE-2025-26519	MEDIUM5.95	musl-utils 1.2.4-r2 fixed in 1.2.4-r3	0.3% Theoretical Threat	Directly Exposed
CVE-2023-6237	MEDIUM5.9	libcrypto3 3.1.4-r1 fixed in 3.1.4-r4	2.3% Low-Moderate Risk	Directly Exposed
CVE-2024-5535	MEDIUM5.9	libcrypto3 3.1.4-r1 fixed in 3.1.6-r0	5.6% Low-Moderate Risk	Directly Exposed
CVE-2024-50602	MEDIUM5.9	libexpat 2.5.0-r1 fixed in 2.6.4-r0	1.0% Low-Moderate Risk	Directly Exposed
CVE-2023-6237	MEDIUM5.9	libssl3 3.1.4-r1 fixed in 3.1.4-r4	2.3% Low-Moderate Risk	Directly Exposed
CVE-2024-5535	MEDIUM5.9	libssl3 3.1.4-r1 fixed in 3.1.6-r0	5.6% Low-Moderate Risk	Directly Exposed
CVE-2023-6237	MEDIUM5.9	openssl-dev 3.1.4-r1 fixed in 3.1.4-r4	2.3% Low-Moderate Risk	Directly Exposed
CVE-2024-5535	MEDIUM5.9	openssl-dev 3.1.4-r1 fixed in 3.1.6-r0	5.6% Low-Moderate Risk	Directly Exposed
CVE-2023-29483	MEDIUM5.9	dnspython 2.4.2 fixed in 2.6.1	1.3% Low-Moderate Risk	Directly Exposed
CVE-2024-43398	MEDIUM5.9	rexml 3.2.5 fixed in >= 3.3.6	1.2% Low-Moderate Risk	Directly Exposed
CVE-2024-43398	MEDIUM5.9	rexml 3.2.6 fixed in >= 3.3.6	1.2% Low-Moderate Risk	Directly Exposed
CVE-2024-4741	MEDIUM5.6	libcrypto3 3.1.4-r1 fixed in 3.1.6-r0	2.9% Low-Moderate Risk	Directly Exposed
CVE-2024-4741	MEDIUM5.6	libssl3 3.1.4-r1 fixed in 3.1.6-r0	2.9% Low-Moderate Risk	Directly Exposed
CVE-2024-4741	MEDIUM5.6	openssl-dev 3.1.4-r1 fixed in 3.1.6-r0	2.9% Low-Moderate Risk	Directly Exposed
CVE-2026-26007	MEDIUM5.52	cryptography 41.0.7 fixed in 46.0.5	0.2% Theoretical Threat	Directly Exposed
CVE-2024-37891	MEDIUM5.52	urllib3 2.1.0 fixed in 1.26.19, 2.2.2	1.0% Theoretical Threat	Directly Exposed
CVE-2026-35611	MEDIUM5.52	addressable 2.8.5 fixed in >= 2.9.0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-33637	MEDIUM5.52	faraday 2.7.11 fixed in >= 2.14.2	0.3% Theoretical Threat	Directly Exposed
CVE-2025-43857	MEDIUM5.52	net-imap 0.2.3 fixed in ~> 0.2.5, ~> 0.3.9, ~> 0.4.20, >= 0.5.7	0.4% Theoretical Threat	Directly Exposed
CVE-2025-25186	MEDIUM5.52	net-imap 0.4.0 fixed in ~> 0.3.8, ~> 0.4.19, >= 0.5.6	0.6% Theoretical Threat	Directly Exposed
CVE-2025-43857	MEDIUM5.52	net-imap 0.4.0 fixed in ~> 0.2.5, ~> 0.3.9, ~> 0.4.20, >= 0.5.7	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42256	MEDIUM5.52	net-imap 0.4.0 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34786	MEDIUM5.52	rack 2.2.8 fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6	0.2% Theoretical Threat	Directly Exposed
CVE-2026-34831	MEDIUM5.52	rack 2.2.8 fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6	0.1% Theoretical Threat	Directly Exposed
CVE-2024-0727	MEDIUM5.5	libcrypto3 3.1.4-r1 fixed in 3.1.4-r5	3.2% Low-Moderate Risk	Directly Exposed
CVE-2024-0727	MEDIUM5.5	libssl3 3.1.4-r1 fixed in 3.1.4-r5	3.2% Low-Moderate Risk	Directly Exposed
CVE-2024-0727	MEDIUM5.5	openssl-dev 3.1.4-r1 fixed in 3.1.4-r5	3.2% Low-Moderate Risk	Directly Exposed
CVE-2024-0727	MEDIUM5.5	cryptography 41.0.7 fixed in 42.0.2	3.2% Low-Moderate Risk	Directly Exposed
CVE-2024-56326	MEDIUM5.35	Jinja2 3.1.2 fixed in 3.1.5	0.5% Theoretical Threat	Directly Exposed
CVE-2024-4603	MEDIUM5.3	libcrypto3 3.1.4-r1 fixed in 3.1.5-r0	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-4603	MEDIUM5.3	libssl3 3.1.4-r1 fixed in 3.1.5-r0	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-4603	MEDIUM5.3	openssl-dev 3.1.4-r1 fixed in 3.1.5-r0	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-35176	MEDIUM5.3	rexml 3.2.5 fixed in >= 3.2.7	2.1% Low-Moderate Risk	Directly Exposed
CVE-2024-35176	MEDIUM5.3	rexml 3.2.6 fixed in >= 3.2.7	2.1% Low-Moderate Risk	Directly Exposed
CVE-2023-36617	MEDIUM5.3	uri 0.12.1 fixed in ~> 0.10.0.3, ~> 0.10.3, ~> 0.11.2, >= 0.12.2	1.5% Low-Moderate Risk	Directly Exposed
CVE-2024-22195	MEDIUM5.18	Jinja2 3.1.2 fixed in 3.1.3	0.9% Theoretical Threat	Directly Exposed
CVE-2025-50181	MEDIUM5.18	urllib3 2.1.0 fixed in 2.5.0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-33170	MEDIUM5.18	activesupport 7.0.8 fixed in ~> 7.2.3, >= 7.2.3.1, ~> 8.0.4, >= 8.0.4.1, >= 8.1.2.1	0.3% Theoretical Threat	Directly Exposed
CVE-2024-53985	MEDIUM5.18	rails-html-sanitizer 1.6.0 fixed in >= 1.6.1	0.6% Theoretical Threat	Directly Exposed
CVE-2024-53986	MEDIUM5.18	rails-html-sanitizer 1.6.0 fixed in >= 1.6.1	0.5% Theoretical Threat	Directly Exposed
CVE-2024-53987	MEDIUM5.18	rails-html-sanitizer 1.6.0 fixed in >= 1.6.1	0.4% Theoretical Threat	Directly Exposed
CVE-2024-53988	MEDIUM5.18	rails-html-sanitizer 1.6.0 fixed in >= 1.6.1	0.4% Theoretical Threat	Directly Exposed
CVE-2024-53989	MEDIUM5.18	rails-html-sanitizer 1.6.0 fixed in >= 1.6.1	0.5% Theoretical Threat	Directly Exposed
CVE-2025-4207	MEDIUM5.02	libecpg 15.5-r0 fixed in 15.13-r0	0.6% Theoretical Threat	Directly Exposed
CVE-2025-4207	MEDIUM5.02	libpq 15.5-r0 fixed in 15.13-r0	0.6% Theoretical Threat	Directly Exposed
CVE-2023-52323	MEDIUM5.02	pycryptodomex 3.19.0 fixed in 3.19.1	0.6% Theoretical Threat	Directly Exposed
CVE-2025-6442	MEDIUM5.02	webrick 1.8.1 fixed in >= 1.8.2	0.4% Theoretical Threat	Directly Exposed
CVE-2026-25765	MEDIUM4.93	faraday 2.7.11 fixed in ~> 1.10.5, >= 2.14.1	0.4% Theoretical Threat	Directly Exposed
CVE-2024-2511	MEDIUM4.81	libcrypto3 3.1.4-r1 fixed in 3.1.4-r6	54.0% Actively Exploited	Directly Exposed
CVE-2024-2511	MEDIUM4.81	libssl3 3.1.4-r1 fixed in 3.1.4-r6	54.0% Actively Exploited	Directly Exposed
CVE-2024-2511	MEDIUM4.81	openssl-dev 3.1.4-r1 fixed in 3.1.4-r6	54.0% Actively Exploited	Directly Exposed
CVE-2024-35195	MEDIUM4.76	requests 2.31.0 fixed in 2.32.0	0.3% Theoretical Threat	Directly Exposed
CVE-2023-52426	MEDIUM4.67	libexpat 2.5.0-r1 fixed in 2.6.0-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-25645	MEDIUM4.67	requests 2.31.0 fixed in 2.33.0	0.2% Theoretical Threat	Directly Exposed
CVE-2024-10976	MEDIUM4.59	libecpg 15.5-r0 fixed in 15.9-r0	0.8% Theoretical Threat	Directly Exposed
CVE-2024-10976	MEDIUM4.59	libpq 15.5-r0 fixed in 15.9-r0	0.8% Theoretical Threat	Directly Exposed
CVE-2024-34064	MEDIUM4.59	Jinja2 3.1.2 fixed in 3.1.4	1.0% Theoretical Threat	Directly Exposed
CVE-2026-33168	MEDIUM4.59	actionview 7.0.8 fixed in ~> 7.2.3, >= 7.2.3.1, ~> 8.0.4, >= 8.0.4.1, >= 8.1.2.1	0.5% Theoretical Threat	Directly Exposed
CVE-2024-45614	MEDIUM4.59	puma 6.4.0 fixed in ~> 5.6.9, >= 6.4.3	0.7% Theoretical Threat	Directly Exposed
CVE-2026-25500	MEDIUM4.59	rack 2.2.8 fixed in ~> 2.2.22, ~> 3.1.20, >= 3.2.5	0.2% Theoretical Threat	Directly Exposed
CVE-2024-21510	MEDIUM4.59	sinatra 3.1.0 fixed in >= 4.1.0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-6965	MEDIUM4.58	sqlite-libs 3.41.2-r2 fixed in 3.41.2-r4	64.9% Actively Exploited	Post-Exploit
CVE-2024-6197	MEDIUM4.5	libcurl 8.5.0-r0 fixed in 8.9.0-r0	4.3% Low-Moderate Risk	Post-Exploit
CVE-2024-6232	MEDIUM4.5	python3 3.11.6-r0 fixed in 3.11.10-r0	2.2% Low-Moderate Risk	Post-Exploit
CVE-2024-7592	MEDIUM4.5	python3 3.11.6-r0 fixed in 3.11.10-r0	2.3% Low-Moderate Risk	Post-Exploit
CVE-2024-49766	MEDIUM4.5	Werkzeug 3.0.1 fixed in 3.0.6	0.8% Theoretical Threat	Directly Exposed
CVE-2025-66221	MEDIUM4.5	Werkzeug 3.0.1 fixed in 3.1.4	0.5% Theoretical Threat	Directly Exposed
CVE-2026-21860	MEDIUM4.5	Werkzeug 3.0.1 fixed in 3.1.5	0.4% Theoretical Threat	Directly Exposed
CVE-2026-27199	MEDIUM4.5	Werkzeug 3.0.1 fixed in 3.1.6	0.6% Theoretical Threat	Directly Exposed
CVE-2026-34073	MEDIUM4.5	cryptography 41.0.7 fixed in 46.0.6	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45409	MEDIUM4.5	idna 3.6 fixed in 3.15	0.4% Theoretical Threat	Directly Exposed
CVE-2026-27448	MEDIUM4.5	pyOpenSSL 23.3.0 fixed in 26.0.0	0.2% Theoretical Threat	Directly Exposed
CVE-2024-47081	MEDIUM4.5	requests 2.31.0 fixed in 2.32.4	0.8% Theoretical Threat	Directly Exposed
CVE-2026-44431	MEDIUM4.5	urllib3 2.1.0 fixed in 2.7.0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-33169	MEDIUM4.5	activesupport 7.0.8 fixed in ~> 7.2.3, >= 7.2.3.1, ~> 8.0.4, >= 8.0.4.1, >= 8.1.2.1	0.5% Theoretical Threat	Directly Exposed
CVE-2025-14762	MEDIUM4.5	aws-sdk-s3 1.136.0 fixed in >= 1.208.0	0.2% Theoretical Threat	Directly Exposed
CVE-2025-61772	MEDIUM4.5	rack 2.2.8 fixed in ~> 2.2.19, ~> 3.1.17, >= 3.2.2	0.8% Theoretical Threat	Directly Exposed
CVE-2025-61780	MEDIUM4.5	rack 2.2.8 fixed in ~> 2.2.20, ~> 3.1.18, >= 3.2.3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34763	MEDIUM4.5	rack 2.2.8 fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6	0.2% Theoretical Threat	Directly Exposed
CVE-2026-26961	MEDIUM4.5	rack 2.2.8 fixed in ~> 2.2.23, ~> 3.1.21, >= 3.2.6	0.3% Theoretical Threat	Directly Exposed
CVE-2025-24294	MEDIUM4.5	resolv 0.2.1 fixed in ~> 0.2.2, ~> 0.3.0, >= 0.6.1	0.5% Theoretical Threat	Directly Exposed
CVE-2025-27221	MEDIUM4.5	uri 0.12.1 fixed in ~> 0.11.3, ~> 0.12.4, ~> 0.13.2, >= 1.0.3	0.5% Theoretical Threat	Directly Exposed
CVE-2024-7264	MEDIUM4.48	curl 8.5.0-r0 fixed in 8.9.1-r0	16.2% High Exploitation Risk	Post-Exploit
CVE-2024-7264	MEDIUM4.48	libcurl 8.5.0-r0 fixed in 8.9.1-r0	16.2% High Exploitation Risk	Post-Exploit
CVE-2021-43809	MEDIUM4.38	bundler 2.1.4 fixed in >= 2.2.33	2.8% Low-Moderate Risk	Post-Exploit
CVE-2024-39908	MEDIUM4.3	rexml 3.2.5 fixed in >= 3.3.2	1.4% Low-Moderate Risk	Directly Exposed
CVE-2024-39908	MEDIUM4.3	rexml 3.2.6 fixed in >= 3.3.2	1.4% Low-Moderate Risk	Directly Exposed
CVE-2025-0938	MEDIUM4.08	python3 3.11.6-r0 fixed in 3.11.12-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2024-13176	MEDIUM4	libcrypto3 3.1.4-r1 fixed in 3.1.8-r0	0.6% Theoretical Threat	Directly Exposed
CVE-2024-13176	MEDIUM4	libssl3 3.1.4-r1 fixed in 3.1.8-r0	0.6% Theoretical Threat	Directly Exposed
CVE-2024-13176	MEDIUM4	openssl-dev 3.1.4-r1 fixed in 3.1.8-r0	0.6% Theoretical Threat	Directly Exposed
CVE-2024-32465	LOW3.98	git 2.40.1-r0 fixed in 2.40.3-r0	0.9% Theoretical Threat	Post-Exploit
CVE-2024-9287	LOW3.98	python3 3.11.6-r0 fixed in 3.11.11-r0	0.6% Theoretical Threat	Post-Exploit
CVE-2024-9681	LOW3.9	curl 8.5.0-r0 fixed in 8.11.0-r0	2.0% Low-Moderate Risk	Post-Exploit
CVE-2024-9681	LOW3.9	libcurl 8.5.0-r0 fixed in 8.11.0-r0	2.0% Low-Moderate Risk	Post-Exploit
CVE-2023-6129	LOW3.9	openssl 3.1.4-r1 fixed in 3.1.4-r3	2.3% Low-Moderate Risk	Post-Exploit
CVE-2025-0840	LOW3.82	binutils 2.40-r7 fixed in 2.40-r8	0.7% Theoretical Threat	Post-Exploit
CVE-2024-32002	LOW3.73	git 2.40.1-r0 fixed in 2.40.3-r0	22.5% High Exploitation Risk	Post-Exploit
CVE-2024-9143	LOW3.7	libcrypto3 3.1.4-r1 fixed in 3.1.7-r1	6.0% Low-Moderate Risk	Directly Exposed
CVE-2024-9143	LOW3.7	libssl3 3.1.4-r1 fixed in 3.1.7-r1	6.0% Low-Moderate Risk	Directly Exposed
CVE-2024-9143	LOW3.7	openssl-dev 3.1.4-r1 fixed in 3.1.7-r1	6.0% Low-Moderate Risk	Directly Exposed
CVE-2024-41128	LOW3.7	actionpack 7.0.8 fixed in ~> 6.1.7.9, ~> 7.0.8, >= 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-47887	LOW3.7	actionpack 7.0.8 fixed in ~> 6.1.7.9, ~> 7.0.8, >= 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1	1.0% Low-Moderate Risk	Directly Exposed
CVE-2026-27205	LOW3.65	Flask 3.0.0 fixed in 3.1.3	0.4% Theoretical Threat	Directly Exposed
CVE-2024-54133	LOW3.65	actionpack 7.0.8 fixed in ~> 7.0.8, >= 7.0.8.7, ~> 7.1.5, >= 7.1.5.1, ~> 7.2.2, >= 7.2.2.1, >= 8.0.0.1	1.0% Theoretical Threat	Directly Exposed
CVE-2025-55193	LOW3.65	activerecord 7.0.8 fixed in ~> 7.1.5, >= 7.1.5.2, ~> 7.2.2, >= 7.2.2.2, >= 8.0.2.1	0.5% Theoretical Threat	Directly Exposed
CVE-2024-32021	LOW3.62	git 2.40.1-r0 fixed in 2.40.3-r0	1.0% Theoretical Threat	Post-Exploit
CVE-2024-10978	LOW3.57	libecpg 15.5-r0 fixed in 15.9-r0	0.7% Theoretical Threat	Directly Exposed
CVE-2024-10978	LOW3.57	libpq 15.5-r0 fixed in 15.9-r0	0.7% Theoretical Threat	Directly Exposed
CVE-2025-32441	LOW3.57	rack 2.2.8 fixed in >= 2.2.14	0.2% Theoretical Threat	Directly Exposed
CVE-2024-11053	LOW3.54	curl 8.5.0-r0 fixed in 8.11.1-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2024-11053	LOW3.54	libcurl 8.5.0-r0 fixed in 8.11.1-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2023-6237	LOW3.54	openssl 3.1.4-r1 fixed in 3.1.4-r4	2.3% Low-Moderate Risk	Post-Exploit
CVE-2024-5535	LOW3.54	openssl 3.1.4-r1 fixed in 3.1.6-r0	5.6% Low-Moderate Risk	Post-Exploit
CVE-2024-6923	LOW3.47	python3 3.11.6-r0 fixed in 3.11.10-r0	0.7% Theoretical Threat	Post-Exploit
CVE-2024-4741	LOW3.36	openssl 3.1.4-r1 fixed in 3.1.6-r0	2.9% Low-Moderate Risk	Post-Exploit
CVE-2024-8096	LOW3.31	curl 8.5.0-r0 fixed in 8.10.0-r0	0.7% Theoretical Threat	Post-Exploit
CVE-2024-8096	LOW3.31	libcurl 8.5.0-r0 fixed in 8.10.0-r0	0.7% Theoretical Threat	Post-Exploit
CVE-2024-0727	LOW3.3	openssl 3.1.4-r1 fixed in 3.1.4-r5	3.2% Low-Moderate Risk	Post-Exploit
CVE-2024-2379	LOW3.24	curl 8.5.0-r0 fixed in 8.7.1-r0	1.7% Low-Moderate Risk	Post-Exploit
CVE-2024-2379	LOW3.24	libcurl 8.5.0-r0 fixed in 8.7.1-r0	1.7% Low-Moderate Risk	Post-Exploit
CVE-2024-0853	LOW3.18	curl 8.5.0-r0 fixed in 8.6.0-r0	1.1% Low-Moderate Risk	Post-Exploit
CVE-2024-2466	LOW3.18	curl 8.5.0-r0 fixed in 8.7.1-r0	1.3% Low-Moderate Risk	Post-Exploit
CVE-2024-2004	LOW3.18	curl 8.5.0-r0 fixed in 8.7.1-r0	1.7% Low-Moderate Risk	Post-Exploit
CVE-2024-0853	LOW3.18	libcurl 8.5.0-r0 fixed in 8.6.0-r0	1.1% Low-Moderate Risk	Post-Exploit
CVE-2024-2466	LOW3.18	libcurl 8.5.0-r0 fixed in 8.7.1-r0	1.3% Low-Moderate Risk	Post-Exploit
CVE-2024-2004	LOW3.18	libcurl 8.5.0-r0 fixed in 8.7.1-r0	1.7% Low-Moderate Risk	Post-Exploit
CVE-2024-4603	LOW3.18	openssl 3.1.4-r1 fixed in 3.1.5-r0	1.1% Low-Moderate Risk	Post-Exploit
CVE-2023-27043	LOW3.18	python3 3.11.6-r0 fixed in 3.11.10-r0	2.5% Low-Moderate Risk	Post-Exploit
CVE-2024-8088	LOW3.18	python3 3.11.6-r0 fixed in 3.11.8-r1	1.3% Low-Moderate Risk	Post-Exploit
CVE-2024-10979	LOW3.17	libecpg 15.5-r0 fixed in 15.9-r0	4.4% Low-Moderate Risk	Post-Exploit
CVE-2024-10979	LOW3.17	libpq 15.5-r0 fixed in 15.9-r0	4.4% Low-Moderate Risk	Post-Exploit
CVE-2024-6345	LOW3.17	py3-setuptools 67.7.2-r0 fixed in 70.3.0-r0	1.8% Low-Moderate Risk	Post-Exploit
CVE-2020-36327	LOW3.17	bundler 2.1.4 fixed in = 2.2.10, >= 2.2.18	6.3% Low-Moderate Risk	Post-Exploit
CVE-2024-10977	LOW3.15	libecpg 15.5-r0 fixed in 15.9-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2024-10977	LOW3.15	libpq 15.5-r0 fixed in 15.9-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2024-2398	LOW3.1	curl 8.5.0-r0 fixed in 8.7.1-r0	36.1% High Exploitation Risk	Post-Exploit
CVE-2024-2398	LOW3.1	libcurl 8.5.0-r0 fixed in 8.7.1-r0	36.1% High Exploitation Risk	Post-Exploit
CVE-2024-27280	LOW3.1	stringio 3.0.1 fixed in >= 3.0.1.1	2.4% Low-Moderate Risk	Directly Exposed
CVE-2026-27459	LOW3	pyOpenSSL 23.3.0 fixed in 26.0.0	0.5% Theoretical Threat	Post-Exploit
CVE-2024-58266	LOW3	shlex 1.1.0 fixed in 1.3.0	0.8% Theoretical Threat	Post-Exploit
CVE-2026-6357	LOW2.96	pip 23.3.1 fixed in 26.1	0.1% Theoretical Threat	Post-Exploit
CVE-2024-2511	LOW2.89	openssl 3.1.4-r1 fixed in 3.1.4-r6	54.0% Actively Exploited	Post-Exploit
CVE-2024-0985	LOW2.88	libecpg 15.5-r0 fixed in 15.6-r0	1.5% Low-Moderate Risk	Post-Exploit
CVE-2024-0985	LOW2.88	libpq 15.5-r0 fixed in 15.6-r0	1.5% Low-Moderate Risk	Post-Exploit
CVE-2024-32004	LOW2.81	git 2.40.1-r0 fixed in 2.40.3-r0	1.3% Low-Moderate Risk	Post-Exploit
CVE-2023-42363	LOW2.8	busybox 1.36.1-r5 fixed in 1.36.1-r7	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42364	LOW2.8	busybox 1.36.1-r5 fixed in 1.36.1-r7	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42365	LOW2.8	busybox 1.36.1-r5 fixed in 1.36.1-r7	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42366	LOW2.8	busybox 1.36.1-r5 fixed in 1.36.1-r6	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42363	LOW2.8	busybox-binsh 1.36.1-r5 fixed in 1.36.1-r7	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42364	LOW2.8	busybox-binsh 1.36.1-r5 fixed in 1.36.1-r7	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42365	LOW2.8	busybox-binsh 1.36.1-r5 fixed in 1.36.1-r7	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42366	LOW2.8	busybox-binsh 1.36.1-r5 fixed in 1.36.1-r6	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42363	LOW2.8	ssl_client 1.36.1-r5 fixed in 1.36.1-r7	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42364	LOW2.8	ssl_client 1.36.1-r5 fixed in 1.36.1-r7	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42365	LOW2.8	ssl_client 1.36.1-r5 fixed in 1.36.1-r7	0.4% Theoretical Threat	Post-Exploit
CVE-2023-42366	LOW2.8	ssl_client 1.36.1-r5 fixed in 1.36.1-r6	0.4% Theoretical Threat	Post-Exploit
CVE-2026-24049	LOW2.8	wheel 0.42.0 fixed in 0.46.2	0.3% Theoretical Threat	Post-Exploit
CVE-2024-6197	LOW2.7	curl 8.5.0-r0 fixed in 8.9.0-r0	4.3% Low-Moderate Risk	Post-Exploit
CVE-2024-52006	LOW2.7	git 2.40.1-r0 fixed in 2.40.4-r0	1.0% Low-Moderate Risk	Post-Exploit
CVE-2023-50782	LOW2.7	cryptography 41.0.7 fixed in 42.0.0	1.1% Low-Moderate Risk	Post-Exploit
CVE-2025-8869	LOW2.7	pip 23.3.1 fixed in 25.3	0.4% Theoretical Threat	Post-Exploit
CVE-2025-4516	LOW2.6	python3 3.11.6-r0 fixed in 3.11.12-r1	0.2% Theoretical Threat	Post-Exploit
CVE-2026-3219	LOW2.55	pip 23.3.1 fixed in 26.1	0.1% Theoretical Threat	Post-Exploit
CVE-2024-50349	LOW2.4	git 2.40.1-r0 fixed in 2.40.4-r0	0.6% Theoretical Threat	Post-Exploit
CVE-2024-13176	LOW2.4	openssl 3.1.4-r1 fixed in 3.1.8-r0	0.6% Theoretical Threat	Post-Exploit
CVE-2025-0665	LOW2.4	curl 8.5.0-r0 fixed in 8.12.0-r0	1.2% Low-Moderate Risk	Post-Exploit
CVE-2025-0725	LOW2.4	curl 8.5.0-r0 fixed in 8.12.0-r0	1.2% Low-Moderate Risk	Post-Exploit
CVE-2025-0665	LOW2.4	libcurl 8.5.0-r0 fixed in 8.12.0-r0	1.2% Low-Moderate Risk	Post-Exploit
CVE-2025-0725	LOW2.4	libcurl 8.5.0-r0 fixed in 8.12.0-r0	1.2% Low-Moderate Risk	Post-Exploit
CVE-2024-9143	LOW2.22	openssl 3.1.4-r1 fixed in 3.1.7-r1	6.0% Low-Moderate Risk	Post-Exploit
CVE-2024-4032	LOW2.22	python3 3.11.6-r0 fixed in 3.11.10-r0	1.0% Low-Moderate Risk	Post-Exploit
CVE-2024-6874	LOW2.19	curl 8.5.0-r0 fixed in 8.9.0-r0	0.8% Theoretical Threat	Post-Exploit
CVE-2024-6874	LOW2.19	libcurl 8.5.0-r0 fixed in 8.9.0-r0	0.8% Theoretical Threat	Post-Exploit
CVE-2026-1703	LOW1.99	pip 23.3.1 fixed in 26.0	0.4% Theoretical Threat	Post-Exploit
CVE-2024-32020	LOW1.68	git 2.40.1-r0 fixed in 2.40.3-r0	0.5% Theoretical Threat	Post-Exploit
CVE-2025-54314	LOW1.43	thor 1.2.2 fixed in >= 1.4.0	0.1% Theoretical Threat	Post-Exploit
CVE-2025-68121	NONE0	stdlib v1.21.1 fixed in 1.24.13, 1.25.7, 1.26.0-rc.3	0.8% Theoretical Threat	Not Applicable
CVE-2024-24790	NONE0	stdlib v1.21.1 fixed in 1.21.11, 1.22.4	2.0% Low-Moderate Risk	Not Applicable
CVE-2024-6345	NONE0	py3-setuptools-pyc 67.7.2-r0 fixed in 70.3.0-r0	1.8% Low-Moderate Risk	Not Applicable
CVE-2024-9287	NONE0	python3-pyc 3.11.6-r0 fixed in 3.11.11-r0	0.6% Theoretical Threat	Not Applicable
CVE-2024-9287	NONE0	python3-pycache-pyc0 3.11.6-r0 fixed in 3.11.11-r0	0.6% Theoretical Threat	Not Applicable
CVE-2024-6232	NONE0	python3-pyc 3.11.6-r0 fixed in 3.11.10-r0	2.2% Low-Moderate Risk	Not Applicable
CVE-2024-7592	NONE0	python3-pyc 3.11.6-r0 fixed in 3.11.10-r0	2.3% Low-Moderate Risk	Not Applicable
CVE-2024-6232	NONE0	python3-pycache-pyc0 3.11.6-r0 fixed in 3.11.10-r0	2.2% Low-Moderate Risk	Not Applicable
CVE-2024-7592	NONE0	python3-pycache-pyc0 3.11.6-r0 fixed in 3.11.10-r0	2.3% Low-Moderate Risk	Not Applicable
CVE-2026-41493	NONE0	yard 0.9.34 fixed in >= 0.9.42	0.4% Theoretical Threat	Not Applicable
CVE-2023-39325	NONE0	stdlib v1.21.1 fixed in 1.20.10, 1.21.3	3.8% Low-Moderate Risk	Not Applicable
CVE-2023-45283	NONE0	stdlib v1.21.1 fixed in 1.20.11, 1.21.4, 1.20.12, 1.21.5	2.8% Low-Moderate Risk	Not Applicable
CVE-2023-45288	NONE0	stdlib v1.21.1 fixed in 1.21.9, 1.22.2	92.0% Actively Exploited	Not Applicable
CVE-2024-34156	NONE0	stdlib v1.21.1 fixed in 1.22.7, 1.23.1	1.1% Low-Moderate Risk	Not Applicable
CVE-2025-61726	NONE0	stdlib v1.21.1 fixed in 1.24.12, 1.25.6	0.8% Theoretical Threat	Not Applicable
CVE-2025-61729	NONE0	stdlib v1.21.1 fixed in 1.24.11, 1.25.5	0.5% Theoretical Threat	Not Applicable
CVE-2026-25679	NONE0	stdlib v1.21.1 fixed in 1.25.8, 1.26.1	0.5% Theoretical Threat	Not Applicable
CVE-2026-32280	NONE0	stdlib v1.21.1 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Not Applicable
CVE-2026-32281	NONE0	stdlib v1.21.1 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-32283	NONE0	stdlib v1.21.1 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Not Applicable
CVE-2026-33811	NONE0	stdlib v1.21.1 fixed in 1.25.10, 1.26.3	0.5% Theoretical Threat	Not Applicable
CVE-2026-33814	NONE0	stdlib v1.21.1 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-39820	NONE0	stdlib v1.21.1 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-39836	NONE0	stdlib v1.21.1 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2025-58183	NONE0	stdlib v1.21.1 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Not Applicable
CVE-2025-61728	NONE0	stdlib v1.21.1 fixed in 1.24.12, 1.25.6	0.6% Theoretical Threat	Not Applicable
CVE-2025-47907	NONE0	stdlib v1.21.1 fixed in 1.23.12, 1.24.6	0.3% Theoretical Threat	Not Applicable
CVE-2024-6923	NONE0	python3-pyc 3.11.6-r0 fixed in 3.11.10-r0	0.7% Theoretical Threat	Not Applicable
CVE-2025-0938	NONE0	python3-pyc 3.11.6-r0 fixed in 3.11.12-r0	1.4% Low-Moderate Risk	Not Applicable
CVE-2024-6923	NONE0	python3-pycache-pyc0 3.11.6-r0 fixed in 3.11.10-r0	0.7% Theoretical Threat	Not Applicable
CVE-2025-0938	NONE0	python3-pycache-pyc0 3.11.6-r0 fixed in 3.11.12-r0	1.4% Low-Moderate Risk	Not Applicable
CVE-2025-4673	NONE0	stdlib v1.21.1 fixed in 1.23.10, 1.24.4	0.6% Theoretical Threat	Not Applicable
CVE-2024-24785	NONE0	stdlib v1.21.1 fixed in 1.21.8, 1.22.1	0.8% Theoretical Threat	Not Applicable
CVE-2025-47906	NONE0	stdlib v1.21.1 fixed in 1.23.12, 1.24.6	0.5% Theoretical Threat	Not Applicable
CVE-2025-61727	NONE0	stdlib v1.21.1 fixed in 1.24.11, 1.25.5	0.3% Theoretical Threat	Not Applicable
CVE-2026-32282	NONE0	stdlib v1.21.1 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2024-27285	NONE0	yard 0.9.34 fixed in >= 0.9.36	1.1% Low-Moderate Risk	Not Applicable
CVE-2026-32289	NONE0	stdlib v1.21.1 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2024-24783	NONE0	stdlib v1.21.1 fixed in 1.21.8, 1.22.1	0.7% Theoretical Threat	Not Applicable
CVE-2024-24791	NONE0	stdlib v1.21.1 fixed in 1.21.12, 1.22.5	1.4% Low-Moderate Risk	Not Applicable
CVE-2024-34155	NONE0	stdlib v1.21.1 fixed in 1.22.7, 1.23.1	0.8% Theoretical Threat	Not Applicable
CVE-2024-34158	NONE0	stdlib v1.21.1 fixed in 1.22.7, 1.23.1	1.0% Low-Moderate Risk	Not Applicable
CVE-2024-45336	NONE0	stdlib v1.21.1 fixed in 1.22.11, 1.23.5, 1.24.0-rc.2	0.6% Theoretical Threat	Not Applicable
CVE-2024-24789	NONE0	stdlib v1.21.1 fixed in 1.21.11, 1.22.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-32288	NONE0	stdlib v1.21.1 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2024-24784	NONE0	stdlib v1.21.1 fixed in 1.21.8, 1.22.1	1.0% Low-Moderate Risk	Not Applicable
CVE-2025-22871	NONE0	stdlib v1.21.1 fixed in 1.23.8, 1.24.2	0.7% Theoretical Threat	Not Applicable
CVE-2026-27142	NONE0	stdlib v1.21.1 fixed in 1.25.8, 1.26.1	0.3% Theoretical Threat	Not Applicable
CVE-2026-39826	NONE0	stdlib v1.21.1 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2023-27043	NONE0	python3-pyc 3.11.6-r0 fixed in 3.11.10-r0	2.5% Low-Moderate Risk	Not Applicable
CVE-2024-8088	NONE0	python3-pyc 3.11.6-r0 fixed in 3.11.8-r1	1.3% Low-Moderate Risk	Not Applicable
CVE-2023-27043	NONE0	python3-pycache-pyc0 3.11.6-r0 fixed in 3.11.10-r0	2.5% Low-Moderate Risk	Not Applicable
CVE-2024-8088	NONE0	python3-pycache-pyc0 3.11.6-r0 fixed in 3.11.8-r1	1.3% Low-Moderate Risk	Not Applicable
CVE-2023-39326	NONE0	stdlib v1.21.1 fixed in 1.20.12, 1.21.5	1.2% Low-Moderate Risk	Not Applicable
CVE-2023-45284	NONE0	stdlib v1.21.1 fixed in 1.20.11, 1.21.4	0.9% Theoretical Threat	Not Applicable
CVE-2023-45289	NONE0	stdlib v1.21.1 fixed in 1.21.8, 1.22.1	1.1% Low-Moderate Risk	Not Applicable
CVE-2023-45290	NONE0	stdlib v1.21.1 fixed in 1.21.8, 1.22.1	1.2% Low-Moderate Risk	Not Applicable
CVE-2025-22866	NONE0	stdlib v1.21.1 fixed in 1.22.12, 1.23.6, 1.24.0-rc.3	0.3% Theoretical Threat	Not Applicable
CVE-2025-22873	NONE0	stdlib v1.21.1 fixed in 1.23.9, 1.24.3	0.2% Theoretical Threat	Not Applicable
CVE-2025-47912	NONE0	stdlib v1.21.1 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Not Applicable
CVE-2025-58185	NONE0	stdlib v1.21.1 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Not Applicable
CVE-2025-58187	NONE0	stdlib v1.21.1 fixed in 1.24.9, 1.25.3	0.4% Theoretical Threat	Not Applicable
CVE-2025-58188	NONE0	stdlib v1.21.1 fixed in 1.24.8, 1.25.2	0.3% Theoretical Threat	Not Applicable
CVE-2025-58189	NONE0	stdlib v1.21.1 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Not Applicable
CVE-2025-61723	NONE0	stdlib v1.21.1 fixed in 1.24.8, 1.25.2	0.6% Theoretical Threat	Not Applicable
CVE-2025-61724	NONE0	stdlib v1.21.1 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Not Applicable
CVE-2025-61725	NONE0	stdlib v1.21.1 fixed in 1.24.8, 1.25.2	0.6% Theoretical Threat	Not Applicable
CVE-2025-61730	NONE0	stdlib v1.21.1 fixed in 1.24.12, 1.25.6	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.21.1 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2025-58186	NONE0	stdlib v1.21.1 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Not Applicable
CVE-2025-4516	NONE0	python3-pyc 3.11.6-r0 fixed in 3.11.12-r1	0.2% Theoretical Threat	Not Applicable
CVE-2025-4516	NONE0	python3-pycache-pyc0 3.11.6-r0 fixed in 3.11.12-r1	0.2% Theoretical Threat	Not Applicable
CVE-2024-27281	NONE0	rdoc 6.4.0 fixed in ~> 6.3.4, >= 6.3.4.1, ~> 6.4.1, >= 6.4.1.1, >= 6.5.1.1	1.6% Low-Moderate Risk	Not Applicable
CVE-2025-22870	NONE0	stdlib v1.21.1 fixed in 1.23.7, 1.24.1	0.4% Theoretical Threat	Not Applicable
CVE-2024-45341	NONE0	stdlib v1.21.1 fixed in 1.22.11, 1.23.5, 1.24.0-rc.2	0.4% Theoretical Threat	Not Applicable
CVE-2024-4032	NONE0	python3-pyc 3.11.6-r0 fixed in 3.11.10-r0	1.0% Low-Moderate Risk	Not Applicable
CVE-2024-4032	NONE0	python3-pycache-pyc0 3.11.6-r0 fixed in 3.11.10-r0	1.0% Low-Moderate Risk	Not Applicable
CVE-2026-27139	NONE0	stdlib v1.21.1 fixed in 1.25.8, 1.26.1	0.2% Theoretical Threat	Not Applicable
CVE-2025-0167	NONE0	curl 8.5.0-r0 fixed in 8.12.0-r0	0.6% Theoretical Threat	Not Applicable
CVE-2025-0167	NONE0	libcurl 8.5.0-r0 fixed in 8.12.0-r0	0.6% Theoretical Threat	Not Applicable
GHSA-537c-gmf6-5ccf	NONE0	cryptography 41.0.7 fixed in 48.0.1	—	Not Applicable
GHSA-h4gh-qq45-vh27	NONE0	cryptography 41.0.7 fixed in 43.0.1	—	Not Applicable
CVE-2026-54904	NONE0	concurrent-ruby 1.2.2 fixed in 1.3.7	—	Not Applicable
CVE-2026-54905	NONE0	concurrent-ruby 1.2.2 fixed in 1.3.7	—	Not Applicable
CVE-2026-54906	NONE0	concurrent-ruby 1.2.2 fixed in 1.3.7	—	Not Applicable
CVE-2026-54297	NONE0	faraday 2.7.11 fixed in 2.14.3	—	Not Applicable
CVE-2026-47240	NONE0	net-imap 0.2.3 fixed in ~> 0.5.15, >= 0.6.4.1	—	Not Applicable
CVE-2026-47242	NONE0	net-imap 0.2.3 fixed in ~> 0.5.15, >= 0.6.4.1	—	Not Applicable
CVE-2026-47241	NONE0	net-imap 0.2.3 fixed in ~> 0.5.15, >= 0.6.4.1	—	Not Applicable
CVE-2026-47240	NONE0	net-imap 0.4.0 fixed in ~> 0.5.15, >= 0.6.4.1	—	Not Applicable
CVE-2026-47242	NONE0	net-imap 0.4.0 fixed in ~> 0.5.15, >= 0.6.4.1	—	Not Applicable
CVE-2026-47241	NONE0	net-imap 0.4.0 fixed in ~> 0.5.15, >= 0.6.4.1	—	Not Applicable
GHSA-353f-x4gh-cqq8	NONE0	nokogiri 1.14.5 fixed in >= 1.18.9	—	Not Applicable
GHSA-c4rq-3m3g-8wgx	NONE0	nokogiri 1.14.5 fixed in >= 1.19.3	—	Not Applicable
GHSA-mrxw-mxhj-p664	NONE0	nokogiri 1.14.5 fixed in >= 1.18.4	—	Not Applicable
GHSA-5prr-v3j2-97mh	NONE0	nokogiri 1.14.5 fixed in 1.19.4	—	Not Applicable
GHSA-v2fc-qm4h-8hqv	NONE0	nokogiri 1.14.5 fixed in >= 1.19.3	—	Not Applicable
GHSA-wx95-c6cv-8532	NONE0	nokogiri 1.14.5 fixed in >= 1.19.1	—	Not Applicable
GHSA-xc9x-jj77-9p9j	NONE0	nokogiri 1.14.5 fixed in ~> 1.15.6, >= 1.16.2	—	Not Applicable
GHSA-5v8h-3h3q-446p	NONE0	nokogiri 1.14.5 fixed in 1.19.4	—	Not Applicable
GHSA-5w6v-399v-w3cc	NONE0	nokogiri 1.14.5 fixed in >= 1.18.8	—	Not Applicable
GHSA-8678-w3jw-xfc2	NONE0	nokogiri 1.14.5 fixed in 1.19.4	—	Not Applicable
GHSA-9cv2-cfxc-v4v2	NONE0	nokogiri 1.14.5 fixed in 1.19.4	—	Not Applicable
GHSA-p67v-3w7g-wjg7	NONE0	nokogiri 1.14.5 fixed in 1.19.4	—	Not Applicable
GHSA-phwj-rprq-35pp	NONE0	nokogiri 1.14.5 fixed in 1.19.4	—	Not Applicable
GHSA-r95h-9x8f-r3f7	NONE0	nokogiri 1.14.5 fixed in >= 1.16.5	—	Not Applicable
GHSA-vvfq-8hwr-qm4m	NONE0	nokogiri 1.14.5 fixed in >= 1.18.3	—	Not Applicable
GHSA-wfpw-mmfh-qq69	NONE0	nokogiri 1.14.5 fixed in 1.19.4	—	Not Applicable
GHSA-wjv4-x9w8-wm3h	NONE0	nokogiri 1.14.5 fixed in 1.19.4	—	Not Applicable
CVE-2026-47736	NONE0	puma 6.4.0 fixed in ~> 7.2.1, >= 8.0.2	—	Not Applicable
CVE-2026-47737	NONE0	puma 6.4.0 fixed in ~> 7.2.1, >= 8.0.2	—	Not Applicable
CVE-2026-39823	NONE0	stdlib v1.21.1 fixed in 1.25.10, 1.26.3	0.3% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.21.1 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.21.1 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.21.1 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2025-0913	NONE0	stdlib v1.21.1 fixed in 1.23.10, 1.24.4	0.2% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.21.1 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable