Vulnerability Reportpgvector/pgvector:pg18-trixie

pgvector/pgvector:0.8.3-pg18-trixiepgvector/pgvector:pg18-trixie

DIGESTsha256:6232c5ea178707f278d060b51747c30f310164595674e95d5f9d100f4a48b56c

Executive Summary

Threat ScoreCAUTION• 123 exposed vulnerabilities, including 6 with severity >= 7.0.• Critical regex recursion CVEs (CVE-2018-20796, CVE-2019-9192) in glibc are remotely exploitable via crafted SQL queries, causing denial of service.• Stack guard bypass (CVE-2019-1010022) aids exploitation of other memory bugs, though requires prior compromise.• Post-exploit findings are low severity (max 3.98), reducing lateral movement risk.• Image is popular (101M+ pulls) and pinned, but no official or verified status.

74/100CAUTION

ReputationPOPULAR COMMUNITY• High Reputation Community Image (101M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause denial of service by submitting a crafted regex pattern (CVE-2018-20796, CVE-2019-9192) to PostgreSQL, as the container runs database queries that invoke glibc regex functions. The stack guard bypass (CVE-2019-1010022) is less critical as it requires a prior stack overflow. Mitigation: consider using a Web Application Firewall (WAF) to filter malicious regex patterns, or restrict SQL access to trusted users. Note that all unpatched CVEs affect glibc, which is present by design; upgrading the base image when patches are available is recommended.

Vulnerabilities

Vulnerability Log

296 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2019-1010022	HIGH7.84	libc-bin 2.41-12+deb13u3 No fix yet	3.2% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-1010022	HIGH7.84	libc6 2.41-12+deb13u3 No fix yet	3.2% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-20796	HIGH7.5	libc-bin 2.41-12+deb13u3 No fix yet	5.8% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2019-9192	HIGH7.5	libc-bin 2.41-12+deb13u3 No fix yet	2.4% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2018-20796	HIGH7.5	libc6 2.41-12+deb13u3 No fix yet	5.8% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2019-9192	HIGH7.5	libc6 2.41-12+deb13u3 No fix yet	2.4% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2026-48962	MEDIUM6.63	perl-modules-5.40 5.40.1-6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42497	MEDIUM6.38	libperl5.40 5.40.1-6 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-9538	MEDIUM6.38	libperl5.40 5.40.1-6 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42497	MEDIUM6.38	perl-modules-5.40 5.40.1-6 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-9538	MEDIUM6.38	perl-modules-5.40 5.40.1-6 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2015-3276	MEDIUM6	libldap2 2.6.10+dfsg-1 No fix yet	5.3% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2024-2236	MEDIUM5.9	libgcrypt20 1.11.0-7+deb13u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libgssapi-krb5-2 1.21.3-5+deb13u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libk5crypto3 1.21.3-5+deb13u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libkrb5-3 1.21.3-5+deb13u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libkrb5support0 1.21.3-5+deb13u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2025-13151	MEDIUM5.9	libtasn1-6 4.20.0-2 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-22185	MEDIUM5.78	libldap2 2.6.10+dfsg-1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2011-3389	MEDIUM5.59	libgnutls30t64 3.8.9-3+deb13u4 No fix yet	73.3% Actively Exploited	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc-bin 2.41-12+deb13u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.41-12+deb13u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-15649	MEDIUM5.52	libperl5.40 5.40.1-6 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-15649	MEDIUM5.52	perl-modules-5.40 5.40.1-6 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc-bin 2.41-12+deb13u3 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc-bin 2.41-12+deb13u3 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc6 2.41-12+deb13u3 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc6 2.41-12+deb13u3 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2015-9019	MEDIUM5.3	libxslt1.1 1.1.35-1.2+deb13u3 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2026-1757	MEDIUM5.27	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid1 2.41-5 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	liblastlog2-2 2.41-5 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount1 2.41-5 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libsmartcols1 2.41-5 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid1 2.41-5 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc-bin 2.41-12+deb13u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.41-12+deb13u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libgssapi-krb5-2 1.21.3-5+deb13u1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libk5crypto3 1.21.3-5+deb13u1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5-3 1.21.3-5+deb13u1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5support0 1.21.3-5+deb13u1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-0990	MEDIUM5.02	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libblkid1 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	liblastlog2-2 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libmount1 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libsmartcols1 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libuuid1 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-10911	MEDIUM4.67	libxslt1.1 1.1.35-1.2+deb13u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.3.dfsg+really1.3.1-1+b1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libblkid1 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	liblastlog2-2 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.8.1-1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libmount1 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-12087	MEDIUM4.5	libperl5.40 5.40.1-6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libsmartcols1 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libsystemd0 257.13-1~deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libsystemd0 257.13-1~deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libsystemd0 257.13-1~deb13u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libudev1 257.13-1~deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libudev1 257.13-1~deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libudev1 257.13-1~deb13u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libuuid1 2.41-5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-12087	MEDIUM4.5	perl-modules-5.40 5.40.1-6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2021-45346	MEDIUM4.3	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	1.6% Low-Moderate Risk	Directly Exposed
CVE-2026-42250	MEDIUM4.25	libbz2-1.0 1.0.8-6 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc-bin 2.41-12+deb13u3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc-bin 2.41-12+deb13u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc6 2.41-12+deb13u3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc6 2.41-12+deb13u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libgssapi-krb5-2 1.21.3-5+deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libk5crypto3 1.21.3-5+deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libkrb5-3 1.21.3-5+deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libkrb5support0 1.21.3-5+deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-48959	MEDIUM4.25	libperl5.40 5.40.1-6 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-48961	MEDIUM4.25	libperl5.40 5.40.1-6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-48959	MEDIUM4.25	perl-modules-5.40 5.40.1-6 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-48961	MEDIUM4.25	perl-modules-5.40 5.40.1-6 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2020-15719	MEDIUM4.2	libldap2 2.6.10+dfsg-1 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid1 2.41-5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	liblastlog2-2 2.41-5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2017-14159	MEDIUM4	libldap2 2.6.10+dfsg-1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.41-5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols1 2.41-5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.41-5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	MEDIUM4	libc-bin 2.41-12+deb13u3 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2010-4756	MEDIUM4	libc6 2.41-12+deb13u3 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2026-24882	LOW3.98	dirmngr 2.4.7-21+deb13u1+b3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gnupg 2.4.7-21+deb13u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gpg 2.4.7-21+deb13u1+b3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gpg-agent 2.4.7-21+deb13u1+b3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gpgconf 2.4.7-21+deb13u1+b3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gpgsm 2.4.7-21+deb13u1+b3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-69720	LOW3.98	ncurses-bin 6.5+20250216-2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-48962	LOW3.98	perl 5.40.1-6 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-48962	LOW3.98	perl-base 5.40.1-6 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW3.7	libapt-pkg7.0 3.0.3 No fix yet	1.2% Low-Moderate Risk	Directly Exposed
CVE-2005-2541	LOW3.6	tar 1.35+dfsg-3.1 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2025-15649	LOW3.31	perl-base 5.40.1-6 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010023	LOW3.17	libc-bin 2.41-12+deb13u3 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2019-1010023	LOW3.17	libc6 2.41-12+deb13u3 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2024-7883	LOW3.15	libllvm19 1:19.1.7-3+b1 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0989	LOW3.15	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-14104	LOW3.11	bsdutils 1:2.41-5 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	login 1:4.16.0-2+really2.41-5 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.41-5 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.41-5 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	libperl5.40 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl-base 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl-modules-5.40 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	login 1:4.16.0-2+really2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.35+dfsg-3.1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW2.8	libperl5.40 5.40.1-6 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2025-70873	LOW2.8	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libsystemd0 257.13-1~deb13u1 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 257.13-1~deb13u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libudev1 257.13-1~deb13u1 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 257.13-1~deb13u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-8732	LOW2.8	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2011-4116	LOW2.8	perl-modules-5.40 5.40.1-6 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42496	LOW2.78	libperl5.40 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-42496	LOW2.78	perl 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-42496	LOW2.78	perl-base 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-42496	LOW2.78	perl-modules-5.40 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2018-6829	LOW2.7	libgcrypt20 1.11.0-7+deb13u1 No fix yet	1.8% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libgssapi-krb5-2 1.21.3-5+deb13u1 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libk5crypto3 1.21.3-5+deb13u1 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libkrb5-3 1.21.3-5+deb13u1 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libkrb5support0 1.21.3-5+deb13u1 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2017-17740	LOW2.7	libldap2 2.6.10+dfsg-1 No fix yet	7.0% Low-Moderate Risk	Post-Exploit
CVE-2026-3184	LOW2.7	bsdutils 1:2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	login 1:4.16.0-2+really2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	mount 2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-12087	LOW2.7	perl 5.40.1-6 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-12087	LOW2.7	perl-base 5.40.1-6 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux 2.41-5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-34743	LOW2.7	xz-utils 5.8.1-1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-11731	LOW2.63	libxslt1.1 1.1.35-1.2+deb13u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-48959	LOW2.55	perl 5.40.1-6 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-48961	LOW2.55	perl 5.40.1-6 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-48959	LOW2.55	perl-base 5.40.1-6 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-48961	LOW2.55	perl-base 5.40.1-6 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	passwd 1:4.17.4-2 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-0992	LOW2.46	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-54411	LOW2.45	libpam-modules-bin 1.7.0-5 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.41-5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 9.7-3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	dirmngr 2.4.7-21+deb13u1+b3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gnupg 2.4.7-21+deb13u1 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpg 2.4.7-21+deb13u1+b3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpg-agent 2.4.7-21+deb13u1+b3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgconf 2.4.7-21+deb13u1+b3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgsm 2.4.7-21+deb13u1+b3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	login 1:4.16.0-2+really2.41-5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.41-5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.41-5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-48962	LOW2.39	libperl5.40 5.40.1-6 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW2.29	perl 5.40.1-6 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW2.29	perl 5.40.1-6 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW2.29	perl-base 5.40.1-6 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW2.29	perl-base 5.40.1-6 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 9.7-3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 3.0.3 No fix yet	1.2% Low-Moderate Risk	Post-Exploit
CVE-2025-15649	LOW1.99	perl 5.40.1-6 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	passwd 1:4.17.4-2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	dirmngr 2.4.7-21+deb13u1+b3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gnupg 2.4.7-21+deb13u1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpg 2.4.7-21+deb13u1+b3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpg-agent 2.4.7-21+deb13u1+b3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgconf 2.4.7-21+deb13u1+b3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgsm 2.4.7-21+deb13u1+b3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-6141	LOW1.68	ncurses-bin 6.5+20250216-2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.40.1-6 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-68121	NONE0	stdlib v1.24.6 fixed in 1.24.13, 1.25.7, 1.26.0-rc.3	0.8% Theoretical Threat	Not Applicable
CVE-2019-1010022	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	3.2% Low-Moderate Risk	Not Applicable
CVE-2019-1010022	NONE0	locales 2.41-12+deb13u3 No fix yet	3.2% Low-Moderate Risk	Not Applicable
CVE-2019-1010023	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	3.1% Low-Moderate Risk	Not Applicable
CVE-2019-1010023	NONE0	locales 2.41-12+deb13u3 No fix yet	3.1% Low-Moderate Risk	Not Applicable
CVE-2026-24882	NONE0	gnupg-l10n 2.4.7-21+deb13u1 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libncursesw6 6.5+20250216-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libtinfo6 6.5+20250216-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.5+20250216-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2018-20796	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	5.8% Low-Moderate Risk	Not Applicable
CVE-2019-9192	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	2.4% Low-Moderate Risk	Not Applicable
CVE-2018-20796	NONE0	locales 2.41-12+deb13u3 No fix yet	5.8% Low-Moderate Risk	Not Applicable
CVE-2019-9192	NONE0	locales 2.41-12+deb13u3 No fix yet	2.4% Low-Moderate Risk	Not Applicable
CVE-2025-61726	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	0.8% Theoretical Threat	Not Applicable
CVE-2025-61729	NONE0	stdlib v1.24.6 fixed in 1.24.11, 1.25.5	0.5% Theoretical Threat	Not Applicable
CVE-2026-25679	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	0.5% Theoretical Threat	Not Applicable
CVE-2026-32280	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Not Applicable
CVE-2026-32281	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-32283	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Not Applicable
CVE-2026-33811	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.5% Theoretical Threat	Not Applicable
CVE-2026-33814	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-39820	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-39836	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2025-58183	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Not Applicable
CVE-2025-61728	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	0.6% Theoretical Threat	Not Applicable
CVE-2026-6238	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-6238	NONE0	locales 2.41-12+deb13u3 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-61727	NONE0	stdlib v1.24.6 fixed in 1.24.11, 1.25.5	0.3% Theoretical Threat	Not Applicable
CVE-2026-32282	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-32289	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-5435	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-5435	NONE0	locales 2.41-12+deb13u3 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-32288	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-27142	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	0.3% Theoretical Threat	Not Applicable
CVE-2026-39826	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2019-1010024	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	3.2% Low-Moderate Risk	Not Applicable
CVE-2019-1010025	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	2.3% Low-Moderate Risk	Not Applicable
CVE-2019-1010024	NONE0	locales 2.41-12+deb13u3 No fix yet	3.2% Low-Moderate Risk	Not Applicable
CVE-2019-1010025	NONE0	locales 2.41-12+deb13u3 No fix yet	2.3% Low-Moderate Risk	Not Applicable
CVE-2025-47912	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Not Applicable
CVE-2025-58185	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Not Applicable
CVE-2025-58187	NONE0	stdlib v1.24.6 fixed in 1.24.9, 1.25.3	0.4% Theoretical Threat	Not Applicable
CVE-2025-58188	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.3% Theoretical Threat	Not Applicable
CVE-2025-58189	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Not Applicable
CVE-2025-61723	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.6% Theoretical Threat	Not Applicable
CVE-2025-61724	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Not Applicable
CVE-2025-61725	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.6% Theoretical Threat	Not Applicable
CVE-2025-61730	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	0.3% Theoretical Threat	Not Applicable
CVE-2025-58186	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Not Applicable
CVE-2026-5450	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	0.5% Theoretical Threat	Not Applicable
CVE-2026-5928	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-5450	NONE0	locales 2.41-12+deb13u3 No fix yet	0.5% Theoretical Threat	Not Applicable
CVE-2026-5928	NONE0	locales 2.41-12+deb13u3 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2007-5686	NONE0	login.defs 1:4.17.4-2 No fix yet	0.9% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-modules 1.7.0-5 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-runtime 1.7.0-5 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam0g 1.7.0-5 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-68972	NONE0	gnupg-l10n 2.4.7-21+deb13u1 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2010-4756	NONE0	libc-l10n 2.41-12+deb13u3 No fix yet	2.6% Low-Moderate Risk	Not Applicable
CVE-2010-4756	NONE0	locales 2.41-12+deb13u3 No fix yet	2.6% Low-Moderate Risk	Not Applicable
CVE-2024-56433	NONE0	login.defs 1:4.17.4-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2022-3219	NONE0	gnupg-l10n 2.4.7-21+deb13u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libncursesw6 6.5+20250216-2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.5+20250216-2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.5+20250216-2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-27139	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	0.2% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.2.37-2+b9 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	bsdutils 1:2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	bsdutils 1:2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	bsdutils 1:2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	bsdutils 1:2.41-5 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	libblkid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libblkid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	libblkid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libblkid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	liblastlog2-2 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	liblastlog2-2 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	liblastlog2-2 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	liblastlog2-2 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	libmount1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libmount1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	libmount1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libmount1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-7010	NONE0	libperl5.40 5.40.1-6 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-53612	NONE0	libsmartcols1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libsmartcols1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	libsmartcols1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libsmartcols1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-11822	NONE0	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-11824	NONE0	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-53612	NONE0	libuuid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libuuid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	libuuid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libuuid1 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	login 1:4.16.0-2+really2.41-5 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	login.defs 1:4.17.4-2 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	mount 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	mount 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	mount 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	mount 2.41-5 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.17.4-2 No fix yet	—	Not Applicable
CVE-2026-7010	NONE0	perl 5.40.1-6 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-7010	NONE0	perl-base 5.40.1-6 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-7010	NONE0	perl-modules-5.40 5.40.1-6 No fix yet	0.2% Theoretical Threat	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 3.14-4 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.35+dfsg-3.1 No fix yet	—	Not Applicable
CVE-2026-53612	NONE0	util-linux 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	util-linux 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53614	NONE0	util-linux 2.41-5 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	util-linux 2.41-5 No fix yet	—	Not Applicable
CVE-2026-39823	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.3% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.24.6 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.24.6 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.24.6 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable