Vulnerability Reportpostgres:16

Name: postgres:16-trixie Security Vulnerability Report
Creator: BaseImage
Keywords: postgres:16-trixie, Docker security, vulnerability scan, CVE, container security, SBOM

postgres:16.13-trixiepostgres:16.13postgres:16-trixiepostgres:16

DIGESTsha256:71e27bf60b70bded003791b5573f8b808365613f341df20ffcf0c1ed7bc13ddf

Executive Summary

CAUTION

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could exploit vulnerabilities like `CVE-2018-20796` in glibc's regex engine to trigger a denial of service for the PostgreSQL service through crafted regular expressions. Furthermore, `CVE-2026-29111` affecting systemd components could lead to arbitrary code execution or denial of service. While this is an Official Docker Hub image, it contains 8 exposed-surface vulnerabilities with a severity of 6.0 or higher. Addressing these findings is essential to mitigate potential service disruption and compromise.

Threat Score

50/100

CAUTION

Image is a TRUSTED Docker Official image, pinned by digest, indicating a reliable source.
Contains 8 exposed-surface vulnerabilities with severity 6.0 or higher, contributing to the CAUTION verdict.
Maximum exposed-surface severity is 6.63, notably `CVE-2026-29111` in systemd components, which could lead to arbitrary code execution or denial of service.
Includes denial of service vulnerabilities, such as `CVE-2018-20796` and `CVE-2019-9192` affecting glibc's regex engine, highly relevant for a PostgreSQL service.
A total of 110 exposed-surface and 60 post-exploit vulnerabilities were identified.

Reputation

TRUSTED

Docker Official

OFFICIAL

Official Docker Hub Image
Pinned by digest (Immutable)

BaseImage/

postgres:16

Hardened

Grade

A+

Vulns

Verified & secured for production

Vulnerabilities

Vulnerability Log

243 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-29111	MEDIUM6.63	libsystemd0 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	libudev1 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-9192	MEDIUM6.38	libc6 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-41989	MEDIUM6.38	libgcrypt20 1.11.0-7 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-33846	MEDIUM6.38	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6732	MEDIUM6.38	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2018-20796	MEDIUM6	libc-bin 2.41-12+deb13u2 No fix yet	1.5% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-20796	MEDIUM6	libc6 2.41-12+deb13u2 No fix yet	1.5% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-4878	MEDIUM5.95	libcap2 1:2.75-10+b8 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-22185	MEDIUM5.78	libldap2 2.6.10+dfsg-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	libsystemd0 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	libudev1 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3833	MEDIUM5.52	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40225	MEDIUM5.44	libsystemd0 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libsystemd0 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40225	MEDIUM5.44	libudev1 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libudev1 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-1757	MEDIUM5.27	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-9192	MEDIUM5.1	libc-bin 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-5435	MEDIUM5.02	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-2236	MEDIUM5.02	libgcrypt20 1.11.0-7 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libgssapi-krb5-2 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libgssapi-krb5-2 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libgssapi-krb5-2 1.21.3-5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-26461	MEDIUM5.02	libgssapi-krb5-2 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libk5crypto3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libk5crypto3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libk5crypto3 1.21.3-5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-26461	MEDIUM5.02	libk5crypto3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libkrb5-3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libkrb5-3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5-3 1.21.3-5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-26461	MEDIUM5.02	libkrb5-3 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libkrb5support0 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libkrb5support0 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5support0 1.21.3-5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-26461	MEDIUM5.02	libkrb5support0 1.21.3-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-13151	MEDIUM5.02	libtasn1-6 4.20.0-2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-0990	MEDIUM5.02	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-10911	MEDIUM4.67	libxslt1.1 1.1.35-1.2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.3.dfsg+really1.3.1-1+b1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-33845	MEDIUM4.64	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2015-3276	MEDIUM4.5	libldap2 2.6.10+dfsg-1 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM4.5	libc-bin 2.41-12+deb13u2 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2019-1010025	MEDIUM4.5	libc-bin 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM4.5	libc6 2.41-12+deb13u2 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2019-1010025	MEDIUM4.5	libc6 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.8.1-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libsystemd0 257.9-1~deb13u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libsystemd0 257.9-1~deb13u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libsystemd0 257.9-1~deb13u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libudev1 257.9-1~deb13u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libudev1 257.9-1~deb13u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libudev1 257.9-1~deb13u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2015-9019	MEDIUM4.5	libxslt1.1 1.1.35-1.2+deb13u2 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2011-3389	MEDIUM4.3	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	3.9% Low-Moderate Risk	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2017-14159	MEDIUM4	libldap2 2.6.10+dfsg-1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-24882	LOW3.98	dirmngr 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gnupg 2.4.7-21+deb13u1 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gpg 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gpg-agent 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gpgconf 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-24882	LOW3.98	gpgsm 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-69720	LOW3.98	ncurses-bin 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2018-6829	LOW3.83	libgcrypt20 1.11.0-7 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2011-3374	LOW3.7	libapt-pkg7.0 3.0.3 No fix yet	1.5% Low-Moderate Risk	Directly Exposed
CVE-2021-45346	LOW3.65	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2005-2541	LOW3.6	tar 1.35+dfsg-3.1 No fix yet	3.8% Low-Moderate Risk	Post-Exploit
CVE-2020-15719	LOW3.57	libldap2 2.6.10+dfsg-1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	libc-bin 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	LOW3.4	libc-bin 2.41-12+deb13u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	libc6 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	LOW3.4	libc6 2.41-12+deb13u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3832	LOW3.15	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-7883	LOW3.15	libllvm19 1:19.1.7-3+b1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0989	LOW3.15	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	LOW3.11	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010022	LOW3	libc-bin 2.41-12+deb13u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010022	LOW3	libc6 2.41-12+deb13u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.35+dfsg-3.1 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW2.8	libperl5.40 5.40.1-6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-70873	LOW2.8	libsqlite3-0 3.46.1-7+deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libsystemd0 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libudev1 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 257.9-1~deb13u1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-8732	LOW2.8	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2011-4116	LOW2.8	perl-modules-5.40 5.40.1-6 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2018-5709	LOW2.7	libgssapi-krb5-2 1.21.3-5 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libk5crypto3 1.21.3-5 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libkrb5-3 1.21.3-5 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libkrb5support0 1.21.3-5 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2017-17740	LOW2.7	libldap2 2.6.10+dfsg-1 No fix yet	6.1% Low-Moderate Risk	Post-Exploit
CVE-2026-3184	LOW2.7	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-34743	LOW2.7	xz-utils 5.8.1-1 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010023	LOW2.69	libc-bin 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2019-1010023	LOW2.69	libc6 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-11731	LOW2.63	libxslt1.1 1.1.35-1.2+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2007-5686	LOW2.5	passwd 1:4.17.4-2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-0992	LOW2.46	libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	LOW2.4	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 9.7-3 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	dirmngr 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gnupg 2.4.7-21+deb13u1 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpg 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpg-agent 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgconf 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgsm 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 9.7-3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 3.0.3 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2024-56433	LOW2.16	passwd 1:4.17.4-2 No fix yet	4.5% Low-Moderate Risk	Post-Exploit
CVE-2022-3219	LOW1.68	dirmngr 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gnupg 2.4.7-21+deb13u1 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpg 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpg-agent 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgconf 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgsm 2.4.7-21+deb13u1+b2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-6141	LOW1.68	ncurses-bin 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl 5.40.1-6 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.40.1-6 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68121	NONE0	stdlib v1.24.6 fixed in 1.24.13, 1.25.7, 1.26.0-rc.3	<0.1% Theoretical Threat	Not Applicable
CVE-2019-1010022	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2019-1010022	NONE0	locales 2.41-12+deb13u2 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2019-1010023	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2019-1010023	NONE0	locales 2.41-12+deb13u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-24882	NONE0	gnupg-l10n 2.4.7-21+deb13u1 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libncursesw6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libtinfo6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2018-20796	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	1.5% Low-Moderate Risk	Not Applicable
CVE-2019-9192	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Not Applicable
CVE-2018-20796	NONE0	locales 2.41-12+deb13u2 No fix yet	1.5% Low-Moderate Risk	Not Applicable
CVE-2019-9192	NONE0	locales 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Not Applicable
CVE-2025-58183	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61726	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61728	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61729	NONE0	stdlib v1.24.6 fixed in 1.24.11, 1.25.5	<0.1% Theoretical Threat	Not Applicable
CVE-2026-25679	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32280	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32281	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32283	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-4437	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-6238	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-4437	NONE0	locales 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-6238	NONE0	locales 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61727	NONE0	stdlib v1.24.6 fixed in 1.24.11, 1.25.5	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32282	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32289	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-5435	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-5435	NONE0	locales 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32288	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-27142	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	<0.1% Theoretical Threat	Not Applicable
CVE-2026-4046	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2019-1010024	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	0.6% Theoretical Threat	Not Applicable
CVE-2019-1010025	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-4046	NONE0	locales 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2019-1010024	NONE0	locales 2.41-12+deb13u2 No fix yet	0.6% Theoretical Threat	Not Applicable
CVE-2019-1010025	NONE0	locales 2.41-12+deb13u2 No fix yet	0.8% Theoretical Threat	Not Applicable
CVE-2025-47912	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58185	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58186	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58187	NONE0	stdlib v1.24.6 fixed in 1.24.9, 1.25.3	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58188	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58189	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61723	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61724	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61725	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-5450	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-5928	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-5450	NONE0	locales 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-5928	NONE0	locales 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2007-5686	NONE0	login.defs 1:4.17.4-2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-68972	NONE0	gnupg-l10n 2.4.7-21+deb13u1 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-4438	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2010-4756	NONE0	libc-l10n 2.41-12+deb13u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-4438	NONE0	locales 2.41-12+deb13u2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2010-4756	NONE0	locales 2.41-12+deb13u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2024-56433	NONE0	login.defs 1:4.17.4-2 No fix yet	4.5% Low-Moderate Risk	Not Applicable
CVE-2022-3219	NONE0	gnupg-l10n 2.4.7-21+deb13u1 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libncursesw6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-27139	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	<0.1% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.2.37-2+b8 No fix yet	—	Not Applicable
CVE-2026-42009	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42010	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42011	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42012	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42013	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42014	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-42015	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-5260	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
CVE-2026-5419	NONE0	libgnutls30t64 3.8.9-3+deb13u2 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	login.defs 1:4.17.4-2 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.17.4-2 No fix yet	—	Not Applicable
CVE-2026-5958	NONE0	sed 4.9-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 3.14-4 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.35+dfsg-3.1 No fix yet	—	Not Applicable
CVE-2025-61730	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	<0.1% Theoretical Threat	Not Applicable