Vulnerability Reportsonarqube:2026.3-enterprise

sonarqube:enterprisesonarqube:2026.3.1-enterprisesonarqube:2026.3-enterprise

DIGESTsha256:da17607d1246121f8c517eadd0c71eaf72484b061f779b29b70e0f131e3c12fb

Executive Summary

Threat ScoreDANGEROUS• Official image with 160 exposed vulnerabilities; critical CVE-2026-42581 (CVSS 8.33) enables HTTP request smuggling via Netty, the core HTTP server.• Two DNS cache poisoning vulnerabilities (CVE-2026-45674, CVE-2026-47691) with CVSS 6.8 could redirect outbound connections.• 44 vulnerabilities with severity ≥6 increase attack surface; post-exploit risks are low (0 ≥6) but exposed surface is severe.

85/100DANGEROUS

ReputationOFFICIAL• Official Docker Hub Image• Pinned by digest (Immutable)

TRUSTED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker can exploit request smuggling (CVE-2026-42581) to bypass security controls, poison caches, or gain unauthorized access to data. Additionally, DNS cache poisoning vulnerabilities (CVE-2026-45674) could redirect outbound connections, potentially leaking credentials or enabling MITM attacks. Note that CVE-2026-42010 (authentication bypass) requires a non-default RSA-PSK TLS mode and is less relevant. Immediate patching of Netty and DNS resolver components is mandatory.

Vulnerabilities

Vulnerability Log

212 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.1.130.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.2.2.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-45674	MEDIUM6.8	io.netty:netty-resolver-dns 4.1.130.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-47691	MEDIUM6.8	io.netty:netty-resolver-dns 4.1.130.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-45674	MEDIUM6.8	io.netty:netty-resolver-dns 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-47691	MEDIUM6.8	io.netty:netty-resolver-dns 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42010	MEDIUM6.66	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.8% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-41989	MEDIUM6.38	libgcrypt20 1.10.3-2build1 fixed in 1.10.3-2ubuntu0.1	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42009	MEDIUM6.38	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.8% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.1.130.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.1.130.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.1.130.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.2.2.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.2.2.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.2.2.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-58056	MEDIUM6.38	io.netty:netty-codec-http 4.2.2.Final fixed in 4.1.125.Final, 4.2.5.Final	0.6% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-33871	MEDIUM6.38	io.netty:netty-codec-http2 4.1.130.Final fixed in 4.1.132.Final, 4.2.11.Final	0.6% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http2 4.1.130.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-48043	MEDIUM6.38	io.netty:netty-codec-http2 4.1.130.Final fixed in 4.1.135.Final, 4.2.15.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.netty:netty-codec-http2 4.2.2.Final fixed in 4.2.4.Final, 4.1.124.Final	0.9% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-33871	MEDIUM6.38	io.netty:netty-codec-http2 4.2.2.Final fixed in 4.1.132.Final, 4.2.11.Final	0.6% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http2 4.2.2.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-48043	MEDIUM6.38	io.netty:netty-codec-http2 4.2.2.Final fixed in 4.1.135.Final, 4.2.15.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.1.130.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.1.130.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42578	MEDIUM6.38	io.netty:netty-handler-proxy 4.2.2.Final fixed in 4.1.133.Final, 4.2.13.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45292	MEDIUM6.38	io.opentelemetry:opentelemetry-api 1.31.0 fixed in 1.62.0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34479	MEDIUM6.38	org.apache.logging.log4j:log4j-1.2-api 2.19.0 fixed in 2.25.4	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34480	MEDIUM6.38	org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.4	0.9% Theoretical Threat	Directly Exposed
CVE-2026-34478	MEDIUM6.38	org.apache.logging.log4j:log4j-core 2.25.0 fixed in 2.25.4	0.8% Theoretical Threat	Directly Exposed
CVE-2026-34480	MEDIUM6.38	org.apache.logging.log4j:log4j-core 2.25.0 fixed in 2.25.4	0.9% Theoretical Threat	Directly Exposed
CVE-2026-5588	MEDIUM6.38	org.bouncycastle:bcpkix-jdk18on 1.79 fixed in 1.84	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5598	MEDIUM6.38	org.bouncycastle:bcprov-jdk18on 1.79 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2026-29062	MEDIUM6.38	tools.jackson.core:jackson-core 3.0.4 fixed in 3.1.0	0.5% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-3833	MEDIUM6.29	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42011	MEDIUM6.29	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34182	MEDIUM6.29	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42579	MEDIUM6.18	io.netty:netty-codec-dns 4.1.130.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42579	MEDIUM6.18	io.netty:netty-codec-dns 4.2.2.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42584	MEDIUM6.18	io.netty:netty-codec-http 4.1.130.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42584	MEDIUM6.18	io.netty:netty-codec-http 4.2.2.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42012	MEDIUM6.03	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.3% Theoretical Threat	Directly Exposed
CVE-2024-2236	MEDIUM5.9	libgcrypt20 1.10.3-2build1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-45673	MEDIUM5.78	io.netty:netty-resolver-dns 4.1.130.Final fixed in 4.2.15.Final, 4.1.135.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45673	MEDIUM5.78	io.netty:netty-resolver-dns 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42014	MEDIUM5.61	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42013	MEDIUM5.58	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-5260	MEDIUM5.58	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.7% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-4437	MEDIUM5.52	libc-bin 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc-bin 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	libc6 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.1.130.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.1.130.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-67735	MEDIUM5.52	io.netty:netty-codec-http 4.2.2.Final fixed in 4.2.8.Final, 4.1.129.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.2.2.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.2.2.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0636	MEDIUM5.52	org.bouncycastle:bcprov-jdk18on 1.79 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2026-44249	MEDIUM5.5	io.netty:netty-handler 4.1.130.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-44249	MEDIUM5.5	io.netty:netty-handler 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2017-13716	MEDIUM5.5	libbinutils 2.42-4ubuntu2.10 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2017-13716	MEDIUM5.5	libctf-nobfd0 2.42-4ubuntu2.10 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2017-13716	MEDIUM5.5	libctf0 2.42-4ubuntu2.10 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2017-13716	MEDIUM5.5	libgprofng0 2.42-4ubuntu2.10 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2017-13716	MEDIUM5.5	libsframe1 2.42-4ubuntu2.10 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libsystemd0 255.4-1ubuntu8.15 fixed in 255.4-1ubuntu8.16	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libudev1 255.4-1ubuntu8.15 fixed in 255.4-1ubuntu8.16	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-7962	MEDIUM5.1	com.sun.mail:jakarta.mail 1.6.3 fixed in 1.6.8, 2.0.2	0.7% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2025-7962	MEDIUM5.1	com.sun.mail:jakarta.mail 2.0.1 fixed in 1.6.8, 2.0.2	0.7% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2025-58057	MEDIUM5.1	io.netty:netty-codec-compression 4.2.2.Final fixed in 4.2.5.Final	0.6% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-5435	MEDIUM5.02	libc-bin 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34477	MEDIUM5.02	org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.4	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34477	MEDIUM5.02	org.apache.logging.log4j:log4j-core 2.25.0 fixed in 2.25.4	0.4% Theoretical Threat	Directly Exposed
CVE-2025-69651	MEDIUM4.67	libbinutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69651	MEDIUM4.67	libctf-nobfd0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69651	MEDIUM4.67	libctf0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-66382	MEDIUM4.67	libexpat1 2.6.1-2ubuntu0.4 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69651	MEDIUM4.67	libgprofng0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69651	MEDIUM4.67	libsframe1 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc-bin 2.39-0ubuntu8.7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc6 2.39-0ubuntu8.7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42015	MEDIUM4.5	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.7% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.6.1+really5.4.5-1ubuntu0.2 fixed in 5.6.1+really5.4.5-1ubuntu0.3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.3% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.1.130.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47244	MEDIUM4.5	io.netty:netty-codec-http2 4.1.130.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50560	MEDIUM4.5	io.netty:netty-codec-http2 4.1.130.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-47244	MEDIUM4.5	io.netty:netty-codec-http2 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50560	MEDIUM4.5	io.netty:netty-codec-http2 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.5% Theoretical Threat	Directly Exposed
CVE-2025-68161	MEDIUM4.08	org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.3	0.7% Theoretical Threat	Directly Exposed
CVE-2025-68161	MEDIUM4.08	org.apache.logging.log4j:log4j-core 2.25.0 fixed in 2.25.3	0.7% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid1 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols1 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-48924	LOW3.7	org.apache.commons:commons-lang3 3.17.0 fixed in 3.18.0	2.2% Low-Moderate Risk	Directly Exposed
CVE-2025-48924	LOW3.7	org.apache.commons:commons-lang3 3.9 fixed in 3.18.0	2.2% Low-Moderate Risk	Directly Exposed
CVE-2026-4438	LOW3.4	libc-bin 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	libc6 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-kqueue 4.2.2.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2017-13716	LOW3.3	binutils 2.42-4ubuntu2.10 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2017-13716	LOW3.3	binutils-common 2.42-4ubuntu2.10 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2017-13716	LOW3.3	binutils-x86-64-linux-gnu 2.42-4ubuntu2.10 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2025-1152	LOW3.15	libbinutils 2.42-4ubuntu2.10 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-1152	LOW3.15	libctf-nobfd0 2.42-4ubuntu2.10 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-1152	LOW3.15	libctf0 2.42-4ubuntu2.10 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-3832	LOW3.15	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5419	LOW3.15	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.5% Theoretical Threat	Directly Exposed
CVE-2025-1152	LOW3.15	libgprofng0 2.42-4ubuntu2.10 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-1152	LOW3.15	libsframe1 2.42-4ubuntu2.10 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45447	LOW2.92	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45447	LOW2.92	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	1.4% Low-Moderate Risk	Post-Exploit
CVE-2025-45582	LOW2.86	tar 1.35+dfsg-3build1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-69651	LOW2.8	binutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69651	LOW2.8	binutils-common 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69651	LOW2.8	binutils-x86-64-linux-gnu 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-7383	LOW2.8	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69647	LOW2.8	libbinutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69648	LOW2.8	libbinutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69652	LOW2.8	libbinutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69647	LOW2.8	libctf-nobfd0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69648	LOW2.8	libctf-nobfd0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69652	LOW2.8	libctf-nobfd0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69647	LOW2.8	libctf0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69648	LOW2.8	libctf0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69652	LOW2.8	libctf0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69647	LOW2.8	libgprofng0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69648	LOW2.8	libgprofng0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69652	LOW2.8	libgprofng0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69647	LOW2.8	libsframe1 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69648	LOW2.8	libsframe1 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69652	LOW2.8	libsframe1 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 255.4-1ubuntu8.15 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 255.4-1ubuntu8.15 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-33845	LOW2.78	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.6% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	libssl3t64 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.3% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42766	LOW2.7	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.6% Theoretical Threat	Post-Exploit
CVE-2026-42767	LOW2.7	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.3% Theoretical Threat	Post-Exploit
CVE-2026-34180	LOW2.55	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.5% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-69644	LOW2.38	libbinutils 2.42-4ubuntu2.10 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-69645	LOW2.38	libbinutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69646	LOW2.38	libbinutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69644	LOW2.38	libctf-nobfd0 2.42-4ubuntu2.10 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-69645	LOW2.38	libctf-nobfd0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69646	LOW2.38	libctf-nobfd0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69644	LOW2.38	libctf0 2.42-4ubuntu2.10 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-69645	LOW2.38	libctf0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69646	LOW2.38	libctf0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69644	LOW2.38	libgprofng0 2.42-4ubuntu2.10 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-69645	LOW2.38	libgprofng0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69646	LOW2.38	libgprofng0 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69644	LOW2.38	libsframe1 2.42-4ubuntu2.10 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2025-69645	LOW2.38	libsframe1 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69646	LOW2.38	libsframe1 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-33846	LOW2.29	libgnutls30t64 3.8.3-1.1ubuntu3.5 fixed in 3.8.3-1.1ubuntu3.6	0.9% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW2.26	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.2% Theoretical Threat	Post-Exploit
CVE-2025-1152	LOW1.89	binutils 2.42-4ubuntu2.10 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1152	LOW1.89	binutils-common 2.42-4ubuntu2.10 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2025-1152	LOW1.89	binutils-x86-64-linux-gnu 2.42-4ubuntu2.10 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-45446	LOW1.89	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.2% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	login 1:4.13+dfsg1-4ubuntu3.2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	passwd 1:4.13+dfsg1-4ubuntu3.2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW1.81	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW1.81	openssl 3.0.13-0ubuntu3.9 fixed in 3.0.13-0ubuntu3.11	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69647	LOW1.68	binutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69648	LOW1.68	binutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69652	LOW1.68	binutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69647	LOW1.68	binutils-common 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69648	LOW1.68	binutils-common 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69652	LOW1.68	binutils-common 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69647	LOW1.68	binutils-x86-64-linux-gnu 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69648	LOW1.68	binutils-x86-64-linux-gnu 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69652	LOW1.68	binutils-x86-64-linux-gnu 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69644	LOW1.43	binutils 2.42-4ubuntu2.10 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-69645	LOW1.43	binutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69646	LOW1.43	binutils 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69644	LOW1.43	binutils-common 2.42-4ubuntu2.10 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-69645	LOW1.43	binutils-common 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69646	LOW1.43	binutils-common 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69644	LOW1.43	binutils-x86-64-linux-gnu 2.42-4ubuntu2.10 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-69645	LOW1.43	binutils-x86-64-linux-gnu 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-69646	LOW1.43	binutils-x86-64-linux-gnu 2.42-4ubuntu2.10 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-4437	NONE0	locales 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-6238	NONE0	locales 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-5435	NONE0	locales 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-4046	NONE0	locales 2.39-0ubuntu8.7 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-4438	NONE0	locales 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.15.0 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.17.2 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.19.2 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.21.0 fixed in 2.21.1, 2.18.6	—	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec 4.1.130.Final fixed in 4.1.133.Final	0.4% Theoretical Threat	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec-compression 4.2.2.Final fixed in 4.2.13.Final	0.4% Theoretical Threat	Not Applicable
CVE-2026-42577	NONE0	io.netty:netty-transport-native-epoll 4.2.2.Final fixed in 4.2.13.Final	0.4% Theoretical Threat	Not Applicable
CVE-2020-36843	NONE0	net.i2p.crypto:eddsa 0.3.0 No fix yet	0.1% Theoretical Threat	Not Applicable
GHSA-2m67-wjpj-xhg9	NONE0	tools.jackson.core:jackson-core 3.0.4 fixed in 3.1.1	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	tools.jackson.core:jackson-core 3.0.4 fixed in 3.1.0	—	Not Applicable