Vulnerability Reportpython:3.9-slim

Name: python:3.9-slim Security Vulnerability Report
Creator: BaseImage
Keywords: python:3.9-slim, Docker security, vulnerability scan, CVE, container security, SBOM

DIGESTsha256:2d97f6910b16bd338d3060f261f53f144965f755599aab1acda1e13cf1731b1b

Executive Summary

DANGEROUS

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could achieve unauthorized data exposure, system compromise, or trigger a denial of service by providing crafted inputs to the running application. A high-severity path traversal vulnerability (CVE-2026-23949) in the `jaraco.context` library could lead to arbitrary file creation outside intended directories if malicious tar archives are processed. Furthermore, an OpenSSL flaw (CVE-2026-28390) could cause denial of service if the application processes untrusted CMS data. While the image has no open network ports, these risks apply if the Python application handles untrusted files or data from other sources.

Threat Score

75/100

DANGEROUS

A critical path traversal vulnerability (CVE-2026-23949, severity 7.31) in `jaraco.context` has been identified, with high context importance, potentially leading to unauthorized data exposure or system compromise if malicious tar archives are processed.
Multiple OpenSSL vulnerabilities, including CVE-2026-28390 (severity 6.38) and CVE-2025-69419 (severity 6.29), could lead to Denial of Service or arbitrary code execution when processing crafted cryptographic inputs.
A glibc uncontrolled recursion vulnerability (CVE-2018-20796, severity 6.0) could result in Denial of Service if untrusted regex patterns are processed by the Python application.
The image has a total of 90 exposed vulnerabilities, including 9 with a severity of 6.0 or higher and 1 with a severity of 7.0 or higher.
Despite being an Official Docker Hub Image and pinned by digest, the presence of these severe, potentially exploitable flaws overrides the benefits of trust and immutability.

Reputation

TRUSTED

Docker Official

OFFICIAL

Official Docker Hub Image
Pinned by digest (Immutable)

BaseImage/

python:3.9-slim

Hardened

Grade

A+

Vulns

Verified & secured for production

Vulnerabilities

Vulnerability Log

171 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-23949	HIGH7.31	jaraco.context 5.3.0 fixed in 6.1.0	<0.1% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-29111	MEDIUM6.63	libsystemd0 257.8-1~deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	libudev1 257.8-1~deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-28390	MEDIUM6.38	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-28390	MEDIUM6.38	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-69419	MEDIUM6.29	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-69419	MEDIUM6.29	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2018-20796	MEDIUM6	libc-bin 2.41-12 No fix yet	1.5% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-20796	MEDIUM6	libc6 2.41-12 No fix yet	1.5% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-4105	MEDIUM5.7	libsystemd0 257.8-1~deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	libudev1 257.8-1~deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	libc-bin 2.41-12 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	libc6 2.41-12 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-11187	MEDIUM5.18	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-11187	MEDIUM5.18	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-9192	MEDIUM5.1	libc-bin 2.41-12 No fix yet	0.8% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2019-9192	MEDIUM5.1	libc6 2.41-12 No fix yet	0.8% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2025-15281	MEDIUM5.02	libc-bin 2.41-12 fixed in 2.41-12+deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-15281	MEDIUM5.02	libc6 2.41-12 fixed in 2.41-12+deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-15468	MEDIUM5.02	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-66199	MEDIUM5.02	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-69420	MEDIUM5.02	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-22796	MEDIUM5.02	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-15468	MEDIUM5.02	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-66199	MEDIUM5.02	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-69420	MEDIUM5.02	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-22796	MEDIUM5.02	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	0.1% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-15469	MEDIUM4.67	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-22795	MEDIUM4.67	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-15469	MEDIUM4.67	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-22795	MEDIUM4.67	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.3.dfsg+really1.3.1-1+b1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-0915	MEDIUM4.5	libc-bin 2.41-12 fixed in 2.41-12+deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc-bin 2.41-12 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM4.5	libc-bin 2.41-12 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2019-1010025	MEDIUM4.5	libc-bin 2.41-12 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-0915	MEDIUM4.5	libc6 2.41-12 fixed in 2.41-12+deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc6 2.41-12 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM4.5	libc6 2.41-12 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2019-1010025	MEDIUM4.5	libc6 2.41-12 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.8.1-1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libsystemd0 257.8-1~deb13u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libsystemd0 257.8-1~deb13u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libsystemd0 257.8-1~deb13u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libudev1 257.8-1~deb13u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libudev1 257.8-1~deb13u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libudev1 257.8-1~deb13u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-15467	MEDIUM4	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	0.7% Theoretical Threat	Post-ExploitContext importance: MEDIUM
CVE-2025-15467	MEDIUM4	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	0.7% Theoretical Threat	Post-ExploitContext importance: MEDIUM
CVE-2025-15467	MEDIUM4	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	0.7% Theoretical Threat	Post-ExploitContext importance: MEDIUM
CVE-2026-27456	MEDIUM4	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-68160	MEDIUM4	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-68160	MEDIUM4	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-69720	LOW3.98	ncurses-bin 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW3.7	libapt-pkg7.0 3.0.3 No fix yet	1.5% Low-Moderate Risk	Directly Exposed
CVE-2021-45346	LOW3.65	libsqlite3-0 3.46.1-7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2005-2541	LOW3.6	tar 1.35+dfsg-3.1 No fix yet	3.3% Low-Moderate Risk	Post-Exploit
CVE-2026-4438	LOW3.4	libc-bin 2.41-12 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	LOW3.4	libc-bin 2.41-12 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	libc6 2.41-12 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	LOW3.4	libc6 2.41-12 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW3.4	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW3.4	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3184	LOW3.15	libblkid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3184	LOW3.15	libmount1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3184	LOW3.15	libuuid1 2.41-5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-14104	LOW3.11	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-11187	LOW3.11	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-28390	LOW3.06	openssl 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Post-ExploitContext importance: MEDIUM
CVE-2025-15468	LOW3.01	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-66199	LOW3.01	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-69420	LOW3.01	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	0.3% Theoretical Threat	Post-Exploit
CVE-2026-22796	LOW3.01	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	0.1% Theoretical Threat	Post-Exploit
CVE-2026-31790	LOW3.01	openssl 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010022	LOW3	libc-bin 2.41-12 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010022	LOW3	libc6 2.41-12 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-15469	LOW2.8	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-22795	LOW2.8	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-24049	LOW2.8	wheel 0.45.1 fixed in 0.46.2	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-70873	LOW2.8	libsqlite3-0 3.46.1-7 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libsystemd0 257.8-1~deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libudev1 257.8-1~deb13u2 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-8869	LOW2.7	pip 23.0.1 fixed in 25.3	<0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010023	LOW2.69	libc-bin 2.41-12 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2019-1010023	LOW2.69	libc6 2.41-12 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-2673	LOW2.63	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-2673	LOW2.63	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5704	LOW2.55	tar 1.35+dfsg-3.1 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	passwd 1:4.17.4-2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-0861	LOW2.48	libc-bin 2.41-12 fixed in 2.41-12+deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-0861	LOW2.48	libc6 2.41-12 fixed in 2.41-12+deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 9.7-3 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-68160	LOW2.4	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-69421	LOW2.29	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-69421	LOW2.29	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-69421	LOW2.29	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-69419	LOW2.26	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 9.7-3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 3.0.3 No fix yet	1.5% Low-Moderate Risk	Post-Exploit
CVE-2024-56433	LOW2.16	passwd 1:4.17.4-2 No fix yet	4.5% Low-Moderate Risk	Post-Exploit
CVE-2025-69418	LOW2.04	openssl 3.5.1-1+deb13u1 fixed in 3.5.4-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-1703	LOW1.99	pip 23.0.1 fixed in 26.0	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW1.89	bsdutils 1:2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW1.89	login 1:4.16.0-2+really2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW1.89	mount 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW1.89	util-linux 2.41-5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-6141	LOW1.68	ncurses-bin 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.40.1-6 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2023-5752	LOW1.68	pip 23.0.1 fixed in 23.3	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-2673	LOW1.58	openssl 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-69720	NONE0	libncursesw6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libtinfo6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-14104	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2022-0563	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2007-5686	NONE0	login.defs 1:4.17.4-2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-27456	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	liblastlog2-2 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2026-3184	NONE0	libsmartcols1 2.41-5 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2024-56433	NONE0	login.defs 1:4.17.4-2 No fix yet	4.5% Low-Moderate Risk	Not Applicable
CVE-2025-6141	NONE0	libncursesw6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.5+20250216-2 No fix yet	<0.1% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.2.37-2+b5 No fix yet	—	Not Applicable
CVE-2026-2219	NONE0	dpkg 1.22.21 fixed in 1.22.22	<0.1% Theoretical Threat	Not Applicable
CVE-2026-4878	NONE0	libcap2 1:2.75-10+b1 No fix yet	—	Not Applicable
CVE-2025-7709	NONE0	libsqlite3-0 3.46.1-7 fixed in 3.46.1-7+deb13u1	<0.1% Theoretical Threat	Not Applicable
CVE-2026-28387	NONE0	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-28388	NONE0	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-28389	NONE0	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-31789	NONE0	libssl3t64 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
TEMP-0000000-1B6B4D	NONE0	libsystemd0 257.8-1~deb13u2 No fix yet	—	Not Applicable
TEMP-0000000-7EA18F	NONE0	libsystemd0 257.8-1~deb13u2 No fix yet	—	Not Applicable
TEMP-0000000-1B6B4D	NONE0	libudev1 257.8-1~deb13u2 No fix yet	—	Not Applicable
TEMP-0000000-7EA18F	NONE0	libudev1 257.8-1~deb13u2 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	login.defs 1:4.17.4-2 No fix yet	—	Not Applicable
CVE-2026-28387	NONE0	openssl 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-28388	NONE0	openssl 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-28389	NONE0	openssl 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-31789	NONE0	openssl 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-28387	NONE0	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-28388	NONE0	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-28389	NONE0	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-31789	NONE0	openssl-provider-legacy 3.5.1-1+deb13u1 fixed in 3.5.5-1~deb13u2	<0.1% Theoretical Threat	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.17.4-2 No fix yet	—	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 3.14-4 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.35+dfsg-3.1 No fix yet	—	Not Applicable