Vulnerability Reportnginx:latest

Name: nginx:1-trixie Security Vulnerability Report
Creator: BaseImage
Keywords: nginx:1-trixie, Docker security, vulnerability scan, CVE, container security, SBOM

nginx:latestnginx:trixienginx:mainline-trixienginx:mainlinenginx:1.31.0-trixienginx:1.31.0nginx:1.31-trixienginx:1.31nginx:1-trixienginx:1

DIGESTsha256:06aa3d7be10bc6307990c81bdca075793132e9163391abc370c015e344e23128

Executive Summary

CAUTION

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. Exploiting a vulnerability such as CVE-2009-4487 in nginx could allow remote attackers to execute arbitrary commands or modify files. While the image is from an official source and pinned by digest, it contains 28 exposed vulnerabilities with severity 6.0 or higher, including CVE-2019-1010023 which has a high severity of 7.48 but is disputed by its maintainer as a non-security bug. Users should implement strict network segmentation and access controls to mitigate the substantial attack surface.

Threat Score

50/100

CAUTION

Image is official and published by Docker Official, promoting supply chain trust and immutability as it is pinned by digest.
Contains a high number of exposed vulnerabilities (161 total, 28 with severity 6.0 or higher), contributing to an elevated attack surface.
A critical exposed vulnerability, CVE-2019-1010023 in glibc, has a severity of 7.48, though its security impact is disputed by upstream.
Another high-severity exposed vulnerability, CVE-2009-4487, directly affects nginx (severity 6.8) and could allow remote command execution.
The base OS is identified as 'Unknown Linux', which may complicate vulnerability management and patching efforts.

Reputation

TRUSTED

Docker Official

OFFICIAL

Official Docker Hub Image
Pinned by digest (Immutable)

BaseImage/

nginx:latest

Hardened

Grade

A+

Vulns

Verified & secured for production

Vulnerabilities

Vulnerability Log

235 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2019-1010023	HIGH7.48	libc6 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-15079	MEDIUM6.88	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2009-4487	MEDIUM6.8	nginx 1.31.0-1~trixie No fix yet	1.6% Low-Moderate Risk	Directly Exposed
CVE-2026-25210	MEDIUM6.63	libexpat1 2.7.1-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	libsystemd0 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-8176	MEDIUM6.63	libtiff6 4.7.0-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-8177	MEDIUM6.63	libtiff6 4.7.0-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	libudev1 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-9192	MEDIUM6.38	libc-bin 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2019-9192	MEDIUM6.38	libc6 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-5773	MEDIUM6.38	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6276	MEDIUM6.38	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-33164	MEDIUM6.38	libde265-0 1.0.15-1+b3 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-45186	MEDIUM6.38	libexpat1 2.7.1-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-41989	MEDIUM6.38	libgcrypt20 1.11.0-7 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2018-6829	MEDIUM6.38	libgcrypt20 1.11.0-7 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-33846	MEDIUM6.38	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27135	MEDIUM6.38	libnghttp2-14 1.64.0-1.1 fixed in 1.64.0-1.1+deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6732	MEDIUM6.38	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2013-0337	MEDIUM6.38	nginx 1.31.0-1~trixie No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-3833	MEDIUM6.29	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-42011	MEDIUM6.29	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-61144	MEDIUM6.21	libtiff6 4.7.0-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-68431	MEDIUM6.03	libheif-plugin-dav1d 1.19.8-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-68431	MEDIUM6.03	libheif-plugin-libde265 1.19.8-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-68431	MEDIUM6.03	libheif1 1.19.8-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2018-20796	MEDIUM6	libc-bin 2.41-12+deb13u2 No fix yet	1.5% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-20796	MEDIUM6	libc6 2.41-12+deb13u2 No fix yet	1.5% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-4878	MEDIUM5.95	libcap2 1:2.75-10+b8 fixed in 1:2.75-10+deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-13034	MEDIUM5.78	libcurl4t64 8.14.1-2+deb13u2 fixed in 8.14.1-2+deb13u3	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14819	MEDIUM5.78	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-1965	MEDIUM5.78	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-22185	MEDIUM5.78	libldap2 2.6.10+dfsg-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	libsystemd0 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	libudev1 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	libc-bin 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	libc6 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14524	MEDIUM5.52	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3784	MEDIUM5.52	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5545	MEDIUM5.52	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6429	MEDIUM5.52	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2017-9937	MEDIUM5.52	libjbig0 2.1-6.1+b2 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2018-10126	MEDIUM5.52	libtiff6 4.7.0-3+deb13u2 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2022-1210	MEDIUM5.52	libtiff6 4.7.0-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40225	MEDIUM5.44	libsystemd0 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libsystemd0 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40225	MEDIUM5.44	libudev1 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libudev1 257.9-1~deb13u1 fixed in 257.13-1~deb13u1	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3805	MEDIUM5.35	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-1757	MEDIUM5.27	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-10966	MEDIUM5.02	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-2236	MEDIUM5.02	libgcrypt20 1.11.0-7 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libgssapi-krb5-2 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libgssapi-krb5-2 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libgssapi-krb5-2 1.21.3-5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-26461	MEDIUM5.02	libgssapi-krb5-2 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libk5crypto3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libk5crypto3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libk5crypto3 1.21.3-5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-26461	MEDIUM5.02	libk5crypto3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libkrb5-3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libkrb5-3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5-3 1.21.3-5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-26461	MEDIUM5.02	libkrb5-3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libkrb5support0 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libkrb5support0 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5support0 1.21.3-5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-26461	MEDIUM5.02	libkrb5support0 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-13151	MEDIUM5.02	libtasn1-6 4.20.0-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-0990	MEDIUM5.02	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010022	MEDIUM5	libc-bin 2.41-12+deb13u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010022	MEDIUM5	libc6 2.41-12+deb13u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-42010	MEDIUM5	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3783	MEDIUM4.84	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-66382	MEDIUM4.67	libexpat1 2.7.1-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-32776	MEDIUM4.67	libexpat1 2.7.1-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-32777	MEDIUM4.67	libexpat1 2.7.1-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-32778	MEDIUM4.67	libexpat1 2.7.1-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2021-4214	MEDIUM4.67	libpng16-16t64 1.6.48-1+deb13u5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-61143	MEDIUM4.67	libtiff6 4.7.0-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-10911	MEDIUM4.67	libxslt1.1 1.1.35-1.2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.3.dfsg+really1.3.1-1+b1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-33845	MEDIUM4.64	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc-bin 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM4.5	libc-bin 2.41-12+deb13u2 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2019-1010025	MEDIUM4.5	libc-bin 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc6 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM4.5	libc6 2.41-12+deb13u2 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2019-1010025	MEDIUM4.5	libc6 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-4873	MEDIUM4.5	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6253	MEDIUM4.5	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-7168	MEDIUM4.5	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-59375	MEDIUM4.5	libexpat1 2.7.1-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.8.1-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3713	MEDIUM4.5	libpng16-16t64 1.6.48-1+deb13u5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libsystemd0 257.9-1~deb13u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libsystemd0 257.9-1~deb13u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libsystemd0 257.9-1~deb13u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libudev1 257.9-1~deb13u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libudev1 257.9-1~deb13u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libudev1 257.9-1~deb13u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2015-9019	MEDIUM4.5	libxslt1.1 1.1.35-1.2+deb13u2 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2011-3389	MEDIUM4.3	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	3.8% Low-Moderate Risk	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-33165	MEDIUM4.25	libde265-0 1.0.15-1+b3 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-61145	MEDIUM4.25	libtiff6 4.7.0-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14017	MEDIUM4.08	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-15224	MEDIUM4	libcurl4t64 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2017-14159	MEDIUM4	libldap2 2.6.10+dfsg-1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2011-3374	LOW3.7	libapt-pkg7.0 3.0.3 No fix yet	1.5% Low-Moderate Risk	Directly Exposed
CVE-2021-45346	LOW3.65	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2005-2541	LOW3.6	tar 1.35+dfsg-3.1 No fix yet	3.8% Low-Moderate Risk	Post-Exploit
CVE-2020-15719	LOW3.57	libldap2 2.6.10+dfsg-1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14819	LOW3.47	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-4438	LOW3.4	libc-bin 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	<0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	LOW3.4	libc-bin 2.41-12+deb13u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	libc6 2.41-12+deb13u2 fixed in 2.41-12+deb13u3	<0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	LOW3.4	libc6 2.41-12+deb13u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-14524	LOW3.31	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3784	LOW3.31	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3805	LOW3.21	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-41080	LOW3.15	libexpat1 2.7.1-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3832	LOW3.15	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-0989	LOW3.15	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	LOW3.11	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-10966	LOW3.01	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3783	LOW2.91	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.35+dfsg-3.1 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3949	LOW2.8	libheif-plugin-dav1d 1.19.8-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3949	LOW2.8	libheif-plugin-libde265 1.19.8-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3949	LOW2.8	libheif1 1.19.8-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-70873	LOW2.8	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libsystemd0 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libudev1 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-8732	LOW2.8	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-7598	LOW2.78	libssh2-1t64 1.11.1-1 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2018-5709	LOW2.7	libgssapi-krb5-2 1.21.3-5 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libk5crypto3 1.21.3-5 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libkrb5-3 1.21.3-5 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libkrb5support0 1.21.3-5 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2015-3276	LOW2.7	libldap2 2.6.10+dfsg-1 No fix yet	2.6% Low-Moderate Risk	Post-Exploit
CVE-2017-17740	LOW2.7	libldap2 2.6.10+dfsg-1 No fix yet	6.1% Low-Moderate Risk	Post-Exploit
CVE-2017-16232	LOW2.7	libtiff6 4.7.0-3+deb13u2 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2026-3184	LOW2.7	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-4873	LOW2.7	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010023	LOW2.69	libc-bin 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-11731	LOW2.63	libxslt1.1 1.1.35-1.2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2007-5686	LOW2.5	login.defs 1:4.17.4-2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	passwd 1:4.17.4-2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-15079	LOW2.48	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-0992	LOW2.46	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14017	LOW2.45	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 9.7-3 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-5773	LOW2.29	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW2.29	curl 8.14.1-2+deb13u2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 9.7-3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 3.0.3 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2024-56433	LOW2.16	login.defs 1:4.17.4-2 No fix yet	4.5% Low-Moderate Risk	Post-Exploit
CVE-2024-56433	LOW2.16	passwd 1:4.17.4-2 No fix yet	4.5% Low-Moderate Risk	Post-Exploit
CVE-2026-24515	LOW2.12	libexpat1 2.7.1-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-8534	LOW2.12	libtiff6 4.7.0-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-13034	LOW2.08	curl 8.14.1-2+deb13u2 fixed in 8.14.1-2+deb13u3	<0.1% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.40.1-6 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69720	NONE0	libtinfo6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-bin 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-bin 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.2.37-2+b8 No fix yet	—	Not Applicable
CVE-2024-38949	NONE0	libde265-0 1.0.15-1+b3 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2024-38950	NONE0	libde265-0 1.0.15-1+b3 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-61147	NONE0	libde265-0 1.0.15-1+b3 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-42009	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42012	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42013	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42014	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42015	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-5260	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-5419	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-4367	NONE0	libxpm4 1:3.5.17-1+b3 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	login.defs 1:4.17.4-2 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.17.4-2 No fix yet	—	Not Applicable
CVE-2026-5958	NONE0	sed 4.9-2 fixed in 4.9-2+deb13u1	<0.1% Theoretical Threat	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 3.14-4 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.35+dfsg-3.1 No fix yet	—	Not Applicable