Vulnerability Reportscylladb/scylla:2026.1.4

scylladb/scylla:2026.1.4

DIGESTsha256:7f39f4ddcd57d168fdd143095a486582913a1727dddd23525b436300c633878a

Executive Summary

Threat ScoreDANGEROUS• Critical remote code execution vulnerability CVE-2025-14087 (severity 8.33) in GLib GVariant parser, directly exploitable over network without authentication.• Certificate validation bypass CVE-2026-42013 (severity 6.97) in GnuTLS enables spoofing and man-in-the-middle attacks on TLS connections.• High vulnerability density: 200 exposed flaws, 32 with severity ≥6.0, including one critical and several high-impact issues in core libraries.• Image is pinned by digest and from a popular community publisher, but the vulnerability burden outweighs trust benefits.

75/100DANGEROUS

ReputationPOPULAR COMMUNITY• High Reputation Community Image (29M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could achieve remote code execution via heap corruption (CVE-2025-14087) or bypass TLS certificate validation (CVE-2026-42013), leading to full system compromise, data exposure, or denial of service. Note that CVE-2026-42010 (authentication bypass) requires non-default RSA-PSK configuration to be exploitable. Immediate action is required; do not deploy this image without comprehensive remediation.

Vulnerabilities

Vulnerability Log

290 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2025-14087	HIGH8.33	glib2 2.68.4-18.el9_7.2 fixed in 2.68.4-19.el9_8.1	0.8% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-42013	MEDIUM6.97	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-42010	MEDIUM6.66	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.8% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-45186	MEDIUM6.38	expat 2.5.0-5.el9_7.1 fixed in 2.5.0-6.el9_8.1	0.5% Theoretical Threat	Directly Exposed
CVE-2023-32636	MEDIUM6.38	glib2 2.68.4-18.el9_7.2 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-33846	MEDIUM6.38	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.9% Theoretical Threat	Directly Exposed
CVE-2026-42009	MEDIUM6.38	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.8% Theoretical Threat	Directly Exposed
CVE-2026-41989	MEDIUM6.38	libgcrypt 1.10.0-11.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-6732	MEDIUM6.38	libxml2 2.9.13-14.el9_7 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-28390	MEDIUM6.38	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-3.el9_8	0.8% Theoretical Threat	Directly Exposed
CVE-2026-34183	MEDIUM6.38	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-28388	MEDIUM6.38	openssl-libs 1:3.5.1-7.el9_7 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-28389	MEDIUM6.38	openssl-libs 1:3.5.1-7.el9_7 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-3644	MEDIUM6.38	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4224	MEDIUM6.38	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-7210	MEDIUM6.38	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-3644	MEDIUM6.38	python3 3.9.25-3.el9_7.3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4224	MEDIUM6.38	python3 3.9.25-3.el9_7.3 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-7210	MEDIUM6.38	python3 3.9.25-3.el9_7.3 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-3644	MEDIUM6.38	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4224	MEDIUM6.38	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-7210	MEDIUM6.38	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-44432	MEDIUM6.38	urllib3 2.6.3 fixed in 2.7.0	0.4% Theoretical Threat	Directly Exposed
CVE-2025-52881	MEDIUM6.38	github.com/opencontainers/selinux v1.12.0 fixed in 1.13.0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-3833	MEDIUM6.29	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42011	MEDIUM6.29	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34182	MEDIUM6.29	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42012	MEDIUM6.03	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4786	MEDIUM6.03	python-unversioned-command 3.9.25-3.el9_7.3 fixed in 3.9.25-7.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4786	MEDIUM6.03	python3 3.9.25-3.el9_7.3 fixed in 3.9.25-7.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4786	MEDIUM6.03	python3-libs 3.9.25-3.el9_7.3 fixed in 3.9.25-7.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-27113	MEDIUM6	libxml2 2.9.13-14.el9_7 No fix yet	1.0% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-4878	MEDIUM5.95	libcap 2.48-10.el9_7.1 fixed in 2.48-10.el9_8.1	0.2% Theoretical Threat	Directly Exposed
CVE-2026-44604	MEDIUM5.95	rpm-libs 4.16.1.3-39.el9 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2025-13151	MEDIUM5.9	libtasn1 4.16.0-9.el9 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-41996	MEDIUM5.9	openssl-libs 1:3.5.1-7.el9_7 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-22185	MEDIUM5.78	openldap 2.6.8-4.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	systemd-libs 252-55.el9_7.9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2021-3572	MEDIUM5.7	python3-pip-wheel 21.3.1-1.el9 No fix yet	1.7% Low-Moderate Risk	Directly Exposed
CVE-2026-42014	MEDIUM5.61	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5915	MEDIUM5.61	libarchive 3.5.3-9.el9_7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5918	MEDIUM5.61	libarchive 3.5.3-9.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5260	MEDIUM5.58	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.7% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2025-14512	MEDIUM5.52	glib2 2.68.4-18.el9_7.2 fixed in 2.68.4-19.el9_8.1	0.5% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc 2.34-231.el9_7.10 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc 2.34-231.el9_7.10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-common 2.34-231.el9_7.10 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-common 2.34-231.el9_7.10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-minimal-langpack 2.34-231.el9_7.10 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-minimal-langpack 2.34-231.el9_7.10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4426	MEDIUM5.52	libarchive 3.5.3-9.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-9149	MEDIUM5.52	libsolv 0.7.24-3.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-9150	MEDIUM5.52	libsolv 0.7.24-3.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-45322	MEDIUM5.52	libxml2 2.9.13-14.el9_7 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-fips-provider 3.0.7-8.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-fips-provider-so 3.0.7-8.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-libs 1:3.5.1-7.el9_7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2024-34459	MEDIUM5.5	libxml2 2.9.13-14.el9_7 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2026-34181	MEDIUM5.35	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-1757	MEDIUM5.27	libxml2 2.9.13-14.el9_7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-6019	MEDIUM5.18	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-6019	MEDIUM5.18	python3 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-6019	MEDIUM5.18	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-50181	MEDIUM5.18	python3-pip-wheel 21.3.1-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-50182	MEDIUM5.18	python3-pip-wheel 21.3.1-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5713	MEDIUM5.1	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5713	MEDIUM5.1	python3 3.9.25-3.el9_7.3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5713	MEDIUM5.1	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-50219	MEDIUM5.02	expat 2.5.0-5.el9_7.1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc 2.34-231.el9_7.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-common 2.34-231.el9_7.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-minimal-langpack 2.34-231.el9_7.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	krb5-libs 1.21.1-9.el9_7 fixed in 1.21.1-10.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	krb5-libs 1.21.1-9.el9_7 fixed in 1.21.1-10.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0990	MEDIUM5.02	libxml2 2.9.13-14.el9_7 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-fips-provider 3.0.7-8.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-fips-provider-so 3.0.7-8.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-2.el9_8	1.0% Theoretical Threat	Directly Exposed
CVE-2026-42764	MEDIUM5.02	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.7% Theoretical Threat	Directly Exposed
CVE-2026-42769	MEDIUM5.02	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-32284	MEDIUM5.02	python3-pip-wheel 21.3.1-1.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-31789	MEDIUM5	openssl-libs 1:3.5.1-7.el9_7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45447	MEDIUM4.86	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	1.4% Low-Moderate Risk	Directly Exposed
CVE-2025-5916	MEDIUM4.76	libarchive 3.5.3-9.el9_7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-32776	MEDIUM4.67	expat 2.5.0-5.el9_7.1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-32777	MEDIUM4.67	expat 2.5.0-5.el9_7.1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-32778	MEDIUM4.67	expat 2.5.0-5.el9_7.1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-66382	MEDIUM4.67	expat 2.5.0-5.el9_7.1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-60753	MEDIUM4.67	libarchive 3.5.3-9.el9_7 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5745	MEDIUM4.67	libarchive 3.5.3-9.el9_7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1632	MEDIUM4.67	libarchive 3.5.3-9.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libgcc 11.5.0-11.el9 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc 11.5.0-11.el9 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libstdc++ 11.5.0-11.el9 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libstdc++ 11.5.0-11.el9 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2025-13837	MEDIUM4.67	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42308	MEDIUM4.67	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-13837	MEDIUM4.67	python3 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42308	MEDIUM4.67	python3 3.9.25-3.el9_7.3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-13837	MEDIUM4.67	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42308	MEDIUM4.67	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-25645	MEDIUM4.67	python3-pip-wheel 21.3.1-1.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2024-0232	MEDIUM4.67	sqlite-libs 3.34.1-9.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib 1.2.11-40.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-25645	MEDIUM4.67	requests 2.32.5 fixed in 2.33.0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-24049	MEDIUM4.67	wheel 0.45.1 fixed in 0.46.2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-33845	MEDIUM4.64	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.6% Theoretical Threat	Directly Exposed
CVE-2026-45445	MEDIUM4.64	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-1489	MEDIUM4.59	glib2 2.68.4-18.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc 2.34-231.el9_7.10 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-common 2.34-231.el9_7.10 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-minimal-langpack 2.34-231.el9_7.10 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42015	MEDIUM4.5	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.7% Theoretical Threat	Directly Exposed
CVE-2023-30571	MEDIUM4.5	libarchive 3.5.3-9.el9_7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2025-12781	MEDIUM4.5	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-3276	MEDIUM4.5	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-12781	MEDIUM4.5	python3 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-3276	MEDIUM4.5	python3 3.9.25-3.el9_7.3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-12781	MEDIUM4.5	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-3276	MEDIUM4.5	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	xz-libs 5.2.5-8.el9_0 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45409	MEDIUM4.5	idna 3.10 fixed in 3.15	0.4% Theoretical Threat	Directly Exposed
CVE-2026-44431	MEDIUM4.5	urllib3 2.6.3 fixed in 2.7.0	0.3% Theoretical Threat	Directly Exposed
CVE-2025-47914	MEDIUM4.5	golang.org/x/crypto v0.42.0 fixed in 0.45.0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-58181	MEDIUM4.5	golang.org/x/crypto v0.42.0 fixed in 0.45.0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-4516	MEDIUM4.33	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-4516	MEDIUM4.33	python3 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-4516	MEDIUM4.33	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42250	MEDIUM4.25	bzip2-libs 1.0.8-10.el9_5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc 2.34-231.el9_7.10 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc 2.34-231.el9_7.10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-common 2.34-231.el9_7.10 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-common 2.34-231.el9_7.10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-minimal-langpack 2.34-231.el9_7.10 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-minimal-langpack 2.34-231.el9_7.10 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	krb5-libs 1.21.1-9.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-5917	MEDIUM4.25	libarchive 3.5.3-9.el9_7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM4.13	openssl-libs 1:3.5.1-7.el9_7 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-15282	MEDIUM4.08	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0672	MEDIUM4.08	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-15282	MEDIUM4.08	python3 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0672	MEDIUM4.08	python3 3.9.25-3.el9_7.3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-15282	MEDIUM4.08	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0672	MEDIUM4.08	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid 2.37.4-21.el9_7 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount 2.37.4-21.el9_7 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols 2.37.4-21.el9_7 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid 2.37.4-21.el9_7 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2024-13176	MEDIUM4	openssl-libs 1:3.5.1-7.el9_7 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-11468	LOW3.82	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0865	LOW3.82	python-unversioned-command 3.9.25-3.el9_7.3 fixed in 3.9.25-5.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-1502	LOW3.82	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2025-11468	LOW3.82	python3 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0865	LOW3.82	python3 3.9.25-3.el9_7.3 fixed in 3.9.25-5.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-1502	LOW3.82	python3 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2025-11468	LOW3.82	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0865	LOW3.82	python3-libs 3.9.25-3.el9_7.3 fixed in 3.9.25-5.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-1502	LOW3.82	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2023-4156	LOW3.62	gawk 5.1.0-6.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-44604	LOW3.57	rpm 4.16.1.3-39.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-1484	LOW3.57	glib2 2.68.4-18.el9_7.2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-45803	LOW3.57	python3-pip-wheel 21.3.1-1.el9 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2024-11053	LOW3.54	curl-minimal 7.76.1-35.el9_7.3 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2024-11053	LOW3.54	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2025-13034	LOW3.47	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-13034	LOW3.47	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2021-3572	LOW3.42	python3-pip 21.3.1-1.el9 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2026-4438	LOW3.4	glibc 2.34-231.el9_7.10 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-common 2.34-231.el9_7.10 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-minimal-langpack 2.34-231.el9_7.10 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3784	LOW3.31	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-3784	LOW3.31	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-3805	LOW3.21	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.7% Theoretical Threat	Post-Exploit
CVE-2026-3805	LOW3.21	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.7% Theoretical Threat	Post-Exploit
CVE-2026-5958	LOW3.21	sed 4.8-9.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-41080	LOW3.15	expat 2.5.0-5.el9_7.1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-3360	LOW3.15	glib2 2.68.4-18.el9_7.2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-7039	LOW3.15	glib2 2.68.4-18.el9_7.2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0988	LOW3.15	glib2 2.68.4-18.el9_7.2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3832	LOW3.15	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5419	LOW3.15	gnutls 3.8.3-10.el9_7 fixed in 3.8.10-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-0989	LOW3.15	libxml2 2.9.13-14.el9_7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	openssl-libs 1:3.5.1-7.el9_7 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-50181	LOW3.11	python3-pip 21.3.1-1.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-50182	LOW3.11	python3-pip 21.3.1-1.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-9232	LOW3.1	openssl-libs 1:3.5.1-7.el9_7 No fix yet	2.0% Low-Moderate Risk	Directly Exposed
CVE-2026-32284	LOW3.01	python3-pip 21.3.1-1.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3783	LOW2.91	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-3783	LOW2.91	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-24883	LOW2.8	gnupg2 2.3.3-5.el9_7 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-25645	LOW2.8	python3-pip 21.3.1-1.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-41990	LOW2.8	libgcrypt 1.10.0-11.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4519	LOW2.8	python-unversioned-command 3.9.25-3.el9_7.3 fixed in 3.9.25-7.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-13462	LOW2.8	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2297	LOW2.8	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3479	LOW2.8	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4519	LOW2.8	python3 3.9.25-3.el9_7.3 fixed in 3.9.25-7.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-13462	LOW2.8	python3 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2297	LOW2.8	python3 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3479	LOW2.8	python3 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4519	LOW2.8	python3-libs 3.9.25-3.el9_7.3 fixed in 3.9.25-7.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-13462	LOW2.8	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2297	LOW2.8	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3479	LOW2.8	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-70873	LOW2.8	sqlite-libs 3.34.1-9.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-2100	LOW2.7	p11-kit 0.25.3-3.el9_5 fixed in 0.26.2-1.el9	1.0% Low-Moderate Risk	Post-Exploit
CVE-2026-2100	LOW2.7	p11-kit-trust 0.25.3-3.el9_5 fixed in 0.26.2-1.el9	1.0% Low-Moderate Risk	Post-Exploit
CVE-2026-4873	LOW2.7	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-4873	LOW2.7	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-7264	LOW2.69	curl-minimal 7.76.1-35.el9_7.3 No fix yet	16.2% High Exploitation Risk	Post-Exploit
CVE-2024-7264	LOW2.69	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	16.2% High Exploitation Risk	Post-Exploit
CVE-2026-23949	LOW2.63	jaraco.context 5.3.0 fixed in 6.1.0	0.5% Theoretical Threat	Post-Exploit
CVE-2025-1795	LOW2.63	python-unversioned-command 3.9.25-3.el9_7.3 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-1795	LOW2.63	python3 3.9.25-3.el9_7.3 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-1795	LOW2.63	python3-libs 3.9.25-3.el9_7.3 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-15079	LOW2.48	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-15079	LOW2.48	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-6100	LOW2.48	python-unversioned-command 3.9.25-3.el9_7.3 fixed in 3.9.25-7.el9_8	0.5% Theoretical Threat	Post-Exploit
CVE-2026-6100	LOW2.48	python3 3.9.25-3.el9_7.3 fixed in 3.9.25-7.el9_8	0.5% Theoretical Threat	Post-Exploit
CVE-2026-6100	LOW2.48	python3-libs 3.9.25-3.el9_7.3 fixed in 3.9.25-7.el9_8	0.5% Theoretical Threat	Post-Exploit
CVE-2026-0992	LOW2.46	libxml2 2.9.13-14.el9_7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-14017	LOW2.45	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-14017	LOW2.45	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gnupg2 2.3.3-5.el9_7 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gnupg2 2.3.3-5.el9_7 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-48864	LOW2.39	libsolv 0.7.24-3.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-29111	LOW2.39	systemd-libs 252-55.el9_7.9 fixed in 252-67.el9_8.2	0.1% Theoretical Threat	Post-Exploit
CVE-2026-1485	LOW2.38	glib2 2.68.4-18.el9_7.2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2024-9681	LOW2.34	curl-minimal 7.76.1-35.el9_7.3 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2024-9681	LOW2.34	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2026-5773	LOW2.29	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW2.29	curl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5773	LOW2.29	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW2.29	libcurl-minimal 7.76.1-35.el9_7.3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-41409	LOW2.29	pcre2 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Post-Exploit
CVE-2022-41409	LOW2.29	pcre2-syntax 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils-single 8.32-39.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2023-45803	LOW2.14	python3-pip 21.3.1-1.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-24515	LOW2.12	expat 2.5.0-5.el9_7.1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-6170	LOW2.12	libxml2 2.9.13-14.el9_7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2022-3219	LOW1.68	gnupg2 2.3.3-5.el9_7 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-68121	NONE0	stdlib v1.25.3 fixed in 1.24.13, 1.25.7, 1.26.0-rc.3	0.8% Theoretical Threat	Not Applicable
CVE-2025-61726	NONE0	stdlib v1.25.3 fixed in 1.24.12, 1.25.6	0.8% Theoretical Threat	Not Applicable
CVE-2025-61729	NONE0	stdlib v1.25.3 fixed in 1.24.11, 1.25.5	0.5% Theoretical Threat	Not Applicable
CVE-2026-25679	NONE0	stdlib v1.25.3 fixed in 1.25.8, 1.26.1	0.5% Theoretical Threat	Not Applicable
CVE-2026-32280	NONE0	stdlib v1.25.3 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Not Applicable
CVE-2026-32281	NONE0	stdlib v1.25.3 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-32283	NONE0	stdlib v1.25.3 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Not Applicable
CVE-2026-33811	NONE0	stdlib v1.25.3 fixed in 1.25.10, 1.26.3	0.5% Theoretical Threat	Not Applicable
CVE-2026-33814	NONE0	stdlib v1.25.3 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-39820	NONE0	stdlib v1.25.3 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-39836	NONE0	stdlib v1.25.3 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2025-61728	NONE0	stdlib v1.25.3 fixed in 1.24.12, 1.25.6	0.6% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.2-12.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-libs 6.2-12.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2025-61727	NONE0	stdlib v1.25.3 fixed in 1.24.11, 1.25.5	0.3% Theoretical Threat	Not Applicable
CVE-2026-32282	NONE0	stdlib v1.25.3 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-32289	NONE0	stdlib v1.25.3 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-32288	NONE0	stdlib v1.25.3 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-27142	NONE0	stdlib v1.25.3 fixed in 1.25.8, 1.26.1	0.3% Theoretical Threat	Not Applicable
CVE-2026-39826	NONE0	stdlib v1.25.3 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2025-61730	NONE0	stdlib v1.25.3 fixed in 1.24.12, 1.25.6	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.25.3 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-27139	NONE0	stdlib v1.25.3 fixed in 1.25.8, 1.26.1	0.2% Theoretical Threat	Not Applicable
CVE-2026-39823	NONE0	stdlib v1.25.3 fixed in 1.25.10, 1.26.3	0.3% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.25.3 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.25.3 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.25.3 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.25.3 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable