Vulnerability Reporttrinodb/trino:474

trinodb/trino:474

DIGESTsha256:d259f20e7fb7391039c4c75f11a70d4d761c58a7fa4a0f723066324f1666040d

Executive Summary

Threat ScoreDANGEROUS• Popular community image but contains 214 vulnerabilities, including 10 with CVSS >=7 and 76 with CVSS >=6, max severity 8.33.• Multiple HTTP request smuggling vulnerabilities (CVE-2026-42581 in Netty, CVE-2026-2332 in Jetty) directly affect Trino's HTTP interface, enabling request manipulation and potential data breach.• Denial-of-service risk via CVE-2025-5115 in Jetty HTTP/2 allows resource exhaustion through crafted RST_STREAM frames.• Trust: High reputation (22M+ pulls) and pinned digest, but vulnerability severity outweighs reputation.

100/100DANGEROUS

ReputationPOPULAR COMMUNITY• High Reputation Community Image (22M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit HTTP request smuggling (CVE-2026-42581, CVE-2026-2332) to bypass security controls or manipulate request processing, and the HTTP/2 DoS vulnerability (CVE-2025-5115) could lead to resource exhaustion. Although a few vulnerabilities require specific configurations (e.g., CVE-2025-48734 depends on user input), the top critical issues are directly exploitable over the network. No compensating controls fully eliminate these risks without upgrading affected packages.

Vulnerabilities

Vulnerability Log

280 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.1.119.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-45445	HIGH7.73	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-2332	HIGH7.73	org.eclipse.jetty:jetty-http 12.0.18 fixed in 12.1.7, 12.0.33	0.4% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2026-2100	HIGH7.5	p11-kit 0.25.3-3.el9_5 fixed in 0.26.2-1.el9	1.0% Low-Moderate Risk	Directly Exposed
CVE-2026-2100	HIGH7.5	p11-kit-trust 0.25.3-3.el9_5 fixed in 0.26.2-1.el9	1.0% Low-Moderate Risk	Directly Exposed
CVE-2026-24308	HIGH7.5	org.apache.zookeeper:zookeeper 3.9.3 fixed in 3.9.5, 3.8.6	1.1% Low-Moderate Risk	Directly Exposed
CVE-2025-5115	HIGH7.5	org.eclipse.jetty.http2:jetty-http2-common 12.0.18 fixed in 12.0.25, 12.1.0.beta3	1.6% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2025-5372	HIGH7.48	libssh 0.10.4-13.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-5372	HIGH7.48	libssh-config 0.10.4-13.el9 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-48734	HIGH7.04	commons-beanutils:commons-beanutils 1.10.0 fixed in 1.11.0	1.5% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-0966	MEDIUM6.97	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.6% Theoretical Threat	Directly Exposed
CVE-2026-0966	MEDIUM6.97	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.6% Theoretical Threat	Directly Exposed
CVE-2026-0861	MEDIUM6.88	glibc 2.34-125.el9_5.3 fixed in 2.34-231.el9_7.10	0.4% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM6.88	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-59250	MEDIUM6.88	com.microsoft.sqlserver:mssql-jdbc 12.8.1 fixed in 10.2.4.jre11, 11.2.4.jre11, 12.2.1.jre11, 12.6.5.jre11, 12.8.2.jre11, 12.10.2.jre11, 13.2.1.jre11	0.7% Theoretical Threat	Directly Exposed
CVE-2025-59250	MEDIUM6.88	com.microsoft.sqlserver:mssql-jdbc 12.8.1.jre11 fixed in 10.2.4.jre11, 11.2.4.jre11, 12.2.1.jre11, 12.6.5.jre11, 12.8.2.jre11, 12.10.2.jre11, 13.2.1.jre11	0.7% Theoretical Threat	Directly Exposed
CVE-2026-44249	MEDIUM6.88	io.netty:netty-handler 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-45674	MEDIUM6.8	io.netty:netty-resolver-dns 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-47691	MEDIUM6.8	io.netty:netty-resolver-dns 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2021-22144	MEDIUM6.5	org.elasticsearch:elasticsearch 7.10.2 fixed in 6.8.17, 7.13.3	1.7% Low-Moderate Risk	Directly Exposed
CVE-2025-46762	MEDIUM6.48	org.apache.parquet:parquet-avro 1.15.1 fixed in 1.15.2	1.4% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2025-6176	MEDIUM6.38	libbrotli 1.0.9-7.el9_5 fixed in 1.0.9-9.el9_7	0.5% Theoretical Threat	Directly Exposed
CVE-2026-27135	MEDIUM6.38	libnghttp2 1.43.0-6.el9 fixed in 1.43.0-6.el9_7.1	0.6% Theoretical Threat	Directly Exposed
CVE-2026-3731	MEDIUM6.38	libssh 0.10.4-13.el9 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-3731	MEDIUM6.38	libssh-config 0.10.4-13.el9 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2026-28390	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-3.el9_8	0.8% Theoretical Threat	Directly Exposed
CVE-2026-34183	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2025-69421	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Directly Exposed
CVE-2026-28388	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-28389	MEDIUM6.38	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-41409	MEDIUM6.38	pcre2 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2022-41409	MEDIUM6.38	pcre2-syntax 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2025-67721	MEDIUM6.38	io.airlift:aircompressor 2.0.2 fixed in 2.0.3	0.4% Theoretical Threat	Directly Exposed
CVE-2025-67721	MEDIUM6.38	io.airlift:aircompressor-v3 3.2 fixed in 3.4	0.4% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.grpc:grpc-netty-shaded 1.70.0 fixed in 1.75.0	0.9% Theoretical Threat	Directly Exposed
CVE-2025-58057	MEDIUM6.38	io.netty:netty-codec 4.1.119.Final fixed in 4.1.125.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44893	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48059	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.1.119.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.1.119.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.1.119.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-58056	MEDIUM6.38	io.netty:netty-codec-http 4.1.119.Final fixed in 4.1.125.Final, 4.2.5.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.netty:netty-codec-http2 4.1.119.Final fixed in 4.2.4.Final, 4.1.124.Final	0.9% Theoretical Threat	Directly Exposed
CVE-2026-33871	MEDIUM6.38	io.netty:netty-codec-http2 4.1.119.Final fixed in 4.1.132.Final, 4.2.11.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http2 4.1.119.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-48043	MEDIUM6.38	io.netty:netty-codec-http2 4.1.119.Final fixed in 4.1.135.Final, 4.2.15.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44248	MEDIUM6.38	io.netty:netty-codec-mqtt 4.1.119.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-44250	MEDIUM6.38	io.netty:netty-codec-redis 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44890	MEDIUM6.38	io.netty:netty-codec-redis 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48006	MEDIUM6.38	io.netty:netty-codec-redis 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50011	MEDIUM6.38	io.netty:netty-codec-redis 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42578	MEDIUM6.38	io.netty:netty-handler-proxy 4.1.119.Final fixed in 4.1.133.Final, 4.2.13.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-46340	MEDIUM6.38	io.netty:netty-transport-sctp 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-45292	MEDIUM6.38	io.opentelemetry:opentelemetry-api 1.48.0 fixed in 1.62.0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-45292	MEDIUM6.38	io.opentelemetry:opentelemetry-extension-trace-propagators 1.48.0 fixed in 1.62.0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-1605	MEDIUM6.38	org.eclipse.jetty:jetty-server 12.0.18 fixed in 12.1.6, 12.0.32	0.4% Theoretical Threat	Directly Exposed
CVE-2023-46673	MEDIUM6.38	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.17.14, 8.10.3	0.8% Theoretical Threat	Directly Exposed
CVE-2024-23444	MEDIUM6.38	org.elasticsearch:elasticsearch 7.10.2 fixed in 8.13.0, 7.17.23	0.2% Theoretical Threat	Directly Exposed
CVE-2024-23450	MEDIUM6.38	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.17.19, 8.13.0	0.9% Theoretical Threat	Directly Exposed
CVE-2024-43709	MEDIUM6.38	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.17.21, 8.13.3	0.6% Theoretical Threat	Directly Exposed
CVE-2024-52979	MEDIUM6.38	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.17.25, 8.16.0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-66566	MEDIUM6.38	org.lz4:lz4-java 1.8.0 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2025-9624	MEDIUM6.38	org.opensearch:opensearch-common 2.19.1 fixed in 3.3.0, 2.19.4	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42198	MEDIUM6.38	org.postgresql:postgresql 42.7.4 fixed in 42.7.11	0.4% Theoretical Threat	Directly Exposed
CVE-2025-69419	MEDIUM6.29	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34182	MEDIUM6.29	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-24281	MEDIUM6.29	org.apache.zookeeper:zookeeper 3.9.3 fixed in 3.8.6, 3.9.5	0.3% Theoretical Threat	Directly Exposed
CVE-2025-37731	MEDIUM6.29	org.elasticsearch:elasticsearch 7.10.2 fixed in 8.19.8, 9.1.8, 9.2.2	0.2% Theoretical Threat	Directly Exposed
CVE-2025-37731	MEDIUM6.29	org.elasticsearch:elasticsearch 7.17.28 fixed in 8.19.8, 9.1.8, 9.2.2	0.2% Theoretical Threat	Directly Exposed
CVE-2026-43869	MEDIUM6.21	org.apache.thrift:libthrift 0.21.0 fixed in 0.23.0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42579	MEDIUM6.18	io.netty:netty-codec-dns 4.1.119.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42584	MEDIUM6.18	io.netty:netty-codec-http 4.1.119.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 29.0-android fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42586	MEDIUM6.03	io.netty:netty-codec-redis 4.1.119.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-4802	MEDIUM5.95	glibc 2.34-125.el9_5.3 fixed in 2.34-168.el9_6.19	0.4% Theoretical Threat	Directly Exposed
CVE-2025-4802	MEDIUM5.95	glibc-common 2.34-125.el9_5.3 fixed in 2.34-168.el9_6.19	0.4% Theoretical Threat	Directly Exposed
CVE-2025-4802	MEDIUM5.95	glibc-minimal-langpack 2.34-125.el9_5.3 fixed in 2.34-168.el9_6.19	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4878	MEDIUM5.95	libcap 2.48-9.el9_2 fixed in 2.48-10.el9_8.1	0.2% Theoretical Threat	Directly Exposed
CVE-2025-13151	MEDIUM5.9	libtasn1 4.16.0-8.el9_1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-41996	MEDIUM5.9	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-22185	MEDIUM5.78	openldap 2.6.6-3.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-45673	MEDIUM5.78	io.netty:netty-resolver-dns 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-35554	MEDIUM5.78	org.apache.kafka:kafka-clients 4.0.0 fixed in 3.9.2, 4.0.2, 4.1.2	0.3% Theoretical Threat	Directly Exposed
CVE-2025-9230	MEDIUM5.6	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-4.el9_7	1.8% Low-Moderate Risk	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc 2.34-125.el9_5.3 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc 2.34-125.el9_5.3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-common 2.34-125.el9_5.3 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-common 2.34-125.el9_5.3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4437	MEDIUM5.52	glibc-minimal-langpack 2.34-125.el9_5.3 fixed in 2.34-270.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	glibc-minimal-langpack 2.34-125.el9_5.3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-24528	MEDIUM5.52	krb5-libs 1.21.1-4.el9_5 fixed in 1.21.1-6.el9	0.6% Theoretical Threat	Directly Exposed
CVE-2025-5351	MEDIUM5.52	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.5% Theoretical Threat	Directly Exposed
CVE-2025-5351	MEDIUM5.52	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.5% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-fips-provider 3.0.7-6.el9_5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-fips-provider-so 3.0.7-6.el9_5 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM5.52	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-67735	MEDIUM5.52	io.netty:netty-codec-http 4.1.119.Final fixed in 4.2.8.Final, 4.1.129.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.1.119.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.1.119.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34214	MEDIUM5.52	io.trino:trino-iceberg 474 fixed in 480	0.2% Theoretical Threat	Directly Exposed
CVE-2025-27820	MEDIUM5.52	org.apache.httpcomponents.client5:httpclient5 5.4.2 fixed in 5.4.3	0.7% Theoretical Threat	Directly Exposed
CVE-2025-11143	MEDIUM5.52	org.eclipse.jetty:jetty-http 12.0.18 fixed in 12.0.31, 12.1.5	0.2% Theoretical Threat	Directly Exposed
CVE-2023-49921	MEDIUM5.52	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.17.16, 8.11.2	0.5% Theoretical Threat	Directly Exposed
CVE-2025-12183	MEDIUM5.52	org.lz4:lz4-java 1.8.0 fixed in 1.8.1	0.7% Theoretical Threat	Directly Exposed
CVE-2025-11226	MEDIUM5.44	ch.qos.logback:logback-core 1.5.18 fixed in 1.5.19, 1.3.16	0.2% Theoretical Threat	Directly Exposed
CVE-2026-0964	MEDIUM5.35	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0964	MEDIUM5.35	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34181	MEDIUM5.35	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2024-12133	MEDIUM5.3	libtasn1 4.16.0-8.el9_1 fixed in 4.16.0-9.el9	1.0% Low-Moderate Risk	Directly Exposed
CVE-2025-59419	MEDIUM5.3	io.netty:netty-codec-smtp 4.1.119.Final fixed in 4.2.7.Final, 4.1.128.Final	1.6% Low-Moderate Risk	Directly Exposed
CVE-2021-22135	MEDIUM5.3	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.11.2, 6.8.15	1.2% Low-Moderate Risk	Directly Exposed
CVE-2025-11187	MEDIUM5.18	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Directly Exposed
CVE-2025-22227	MEDIUM5.18	io.projectreactor.netty:reactor-netty-http 1.0.48 fixed in 1.3.0-M5, 1.2.8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc 2.34-125.el9_5.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-15281	MEDIUM5.02	glibc 2.34-125.el9_5.3 fixed in 2.34-231.el9_7.10	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-common 2.34-125.el9_5.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	glibc-minimal-langpack 2.34-125.el9_5.3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-3576	MEDIUM5.02	krb5-libs 1.21.1-4.el9_5 fixed in 1.21.1-8.el9_6	0.3% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	krb5-libs 1.21.1-4.el9_5 fixed in 1.21.1-10.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	krb5-libs 1.21.1-4.el9_5 fixed in 1.21.1-10.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-fips-provider 3.0.7-6.el9_5 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-fips-provider-so 3.0.7-6.el9_5 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2026-31790	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-2.el9_8	1.0% Theoretical Threat	Directly Exposed
CVE-2026-42764	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.7% Theoretical Threat	Directly Exposed
CVE-2025-15468	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.7% Theoretical Threat	Directly Exposed
CVE-2025-66199	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.4% Theoretical Threat	Directly Exposed
CVE-2025-69420	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.8% Theoretical Threat	Directly Exposed
CVE-2026-22796	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42769	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42770	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2025-49146	MEDIUM5.02	org.postgresql:postgresql 42.7.4 fixed in 42.7.7	0.5% Theoretical Threat	Directly Exposed
CVE-2025-37727	MEDIUM4.84	org.elasticsearch:elasticsearch 7.10.2 fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5	0.2% Theoretical Threat	Directly Exposed
CVE-2025-37727	MEDIUM4.84	org.elasticsearch:elasticsearch 7.17.28 fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5702	MEDIUM4.76	glibc 2.34-125.el9_5.3 fixed in 2.34-168.el9_6.20	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5702	MEDIUM4.76	glibc-common 2.34-125.el9_5.3 fixed in 2.34-168.el9_6.20	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5702	MEDIUM4.76	glibc-minimal-langpack 2.34-125.el9_5.3 fixed in 2.34-168.el9_6.20	0.2% Theoretical Threat	Directly Exposed
CVE-2025-0395	MEDIUM4.67	glibc 2.34-125.el9_5.3 fixed in 2.34-125.el9_5.8	0.3% Theoretical Threat	Directly Exposed
CVE-2025-0395	MEDIUM4.67	glibc-common 2.34-125.el9_5.3 fixed in 2.34-125.el9_5.8	0.3% Theoretical Threat	Directly Exposed
CVE-2025-0395	MEDIUM4.67	glibc-minimal-langpack 2.34-125.el9_5.3 fixed in 2.34-125.el9_5.8	0.3% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libgcc 11.5.0-5.el9_5 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc 11.5.0-5.el9_5 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-0967	MEDIUM4.67	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2026-0967	MEDIUM4.67	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libstdc++ 11.5.0-5.el9_5 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libstdc++ 11.5.0-5.el9_5 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2025-15469	MEDIUM4.67	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2026-22795	MEDIUM4.67	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib 1.2.11-40.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3293	MEDIUM4.67	net.snowflake:snowflake-jdbc 3.23.1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-0915	MEDIUM4.5	glibc 2.34-125.el9_5.3 fixed in 2.34-231.el9_7.10	0.6% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc 2.34-125.el9_5.3 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-common 2.34-125.el9_5.3 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	glibc-minimal-langpack 2.34-125.el9_5.3 fixed in 2.34-270.el9_8	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.3% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47244	MEDIUM4.5	io.netty:netty-codec-http2 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50560	MEDIUM4.5	io.netty:netty-codec-http2 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2024-29131	MEDIUM4.4	org.apache.commons:commons-configuration2 2.8.0 fixed in 2.10.1	2.1% Low-Moderate Risk	Directly Exposed
CVE-2024-29133	MEDIUM4.4	org.apache.commons:commons-configuration2 2.8.0 fixed in 2.10.1	1.7% Low-Moderate Risk	Directly Exposed
CVE-2021-22134	MEDIUM4.3	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.11.0	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-42250	MEDIUM4.25	bzip2-libs 1.0.8-10.el9_5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc 2.34-125.el9_5.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc 2.34-125.el9_5.3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-common 2.34-125.el9_5.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-common 2.34-125.el9_5.3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-minimal-langpack 2.34-125.el9_5.3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-minimal-langpack 2.34-125.el9_5.3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	krb5-libs 1.21.1-4.el9_5 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-1225	MEDIUM4.25	ch.qos.logback:logback-core 1.5.18 fixed in 1.5.25	0.2% Theoretical Threat	Directly Exposed
CVE-2025-15467	MEDIUM4.06	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	48.7% High Exploitation Risk	Post-Exploit
CVE-2025-8114	MEDIUM4	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2025-8114	MEDIUM4	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2024-13176	MEDIUM4	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-68160	MEDIUM4	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.2% Theoretical Threat	Directly Exposed
CVE-2025-5318	LOW3.89	libssh 0.10.4-13.el9 fixed in 0.10.4-15.el9_7	2.4% Low-Moderate Risk	Post-ExploitContext importance: MEDIUM
CVE-2025-5987	LOW3.89	libssh 0.10.4-13.el9 fixed in 0.10.4-17.el9_7	1.4% Low-Moderate Risk	Post-ExploitContext importance: MEDIUM
CVE-2025-5318	LOW3.89	libssh-config 0.10.4-13.el9 fixed in 0.10.4-15.el9_7	2.4% Low-Moderate Risk	Post-ExploitContext importance: MEDIUM
CVE-2025-5987	LOW3.89	libssh-config 0.10.4-13.el9 fixed in 0.10.4-17.el9_7	1.4% Low-Moderate Risk	Post-ExploitContext importance: MEDIUM
CVE-2025-4877	LOW3.82	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2025-4877	LOW3.82	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2023-31417	LOW3.74	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.17.13, 8.9.2	0.2% Theoretical Threat	Directly Exposed
CVE-2025-48924	LOW3.7	org.apache.commons:commons-lang3 3.17.0 fixed in 3.18.0	2.2% Low-Moderate Risk	Directly Exposed
CVE-2025-58457	LOW3.65	org.apache.zookeeper:zookeeper 3.9.3 fixed in 3.9.4	0.3% Theoretical Threat	Directly Exposed
CVE-2023-4156	LOW3.62	gawk 5.1.0-6.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2005-2541	LOW3.6	tar 2:1.34-7.el9 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2025-8058	LOW3.57	glibc 2.34-125.el9_5.3 fixed in 2.34-168.el9_6.23	0.2% Theoretical Threat	Directly Exposed
CVE-2025-8058	LOW3.57	glibc-common 2.34-125.el9_5.3 fixed in 2.34-168.el9_6.23	0.2% Theoretical Threat	Directly Exposed
CVE-2025-8058	LOW3.57	glibc-minimal-langpack 2.34-125.el9_5.3 fixed in 2.34-168.el9_6.23	0.2% Theoretical Threat	Directly Exposed
CVE-2024-11053	LOW3.54	curl-minimal 7.76.1-31.el9 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2024-11053	LOW3.54	libcurl 7.76.1-31.el9 No fix yet	1.4% Low-Moderate Risk	Post-Exploit
CVE-2023-31419	LOW3.51	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.17.13, 8.9.1	60.7% Actively Exploited	Post-Exploit
CVE-2025-13034	LOW3.47	curl-minimal 7.76.1-31.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-13034	LOW3.47	libcurl 7.76.1-31.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-1965	LOW3.47	libcurl 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-4438	LOW3.4	glibc 2.34-125.el9_5.3 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-common 2.34-125.el9_5.3 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	glibc-minimal-langpack 2.34-125.el9_5.3 fixed in 2.34-270.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW3.4	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.1-7.el9_7	0.1% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-kqueue 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3784	LOW3.31	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	curl-minimal 7.76.1-31.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-3784	LOW3.31	libcurl 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5545	LOW3.31	libcurl 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6429	LOW3.31	libcurl 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-14524	LOW3.31	libcurl 7.76.1-31.el9 No fix yet	0.6% Theoretical Threat	Post-Exploit
CVE-2026-33056	LOW3.31	tar 2:1.34-7.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3805	LOW3.21	curl-minimal 7.76.1-31.el9 No fix yet	0.7% Theoretical Threat	Post-Exploit
CVE-2026-3805	LOW3.21	libcurl 7.76.1-31.el9 No fix yet	0.7% Theoretical Threat	Post-Exploit
CVE-2026-5958	LOW3.21	sed 4.8-9.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-9086	LOW3.18	curl-minimal 7.76.1-31.el9 fixed in 7.76.1-35.el9_7.3	1.3% Low-Moderate Risk	Post-Exploit
CVE-2025-9086	LOW3.18	libcurl 7.76.1-31.el9 fixed in 7.76.1-35.el9_7.3	1.3% Low-Moderate Risk	Post-Exploit
CVE-2026-45446	LOW3.15	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	0.2% Theoretical Threat	Directly Exposed
CVE-2025-9232	LOW3.1	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	2.0% Low-Moderate Risk	Directly Exposed
CVE-2025-4878	LOW3.06	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2025-4878	LOW3.06	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2021-22145	LOW3.04	org.elasticsearch.client:elasticsearch-rest-client 7.10.2 fixed in 7.13.4	76.2% Actively Exploited	Post-Exploit
CVE-2026-31789	LOW3	openssl-libs 1:3.2.2-6.el9_5.1 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-45447	LOW2.92	openssl-libs 1:3.2.2-6.el9_5.1 fixed in 1:3.5.5-4.el9_8	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-3783	LOW2.91	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-3783	LOW2.91	libcurl 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-45582	LOW2.86	tar 2:1.34-7.el9 fixed in 2:1.34-9.el9_7	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 2:1.34-7.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-0965	LOW2.8	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2026-0965	LOW2.8	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.2% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 29.0-android fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2023-31418	LOW2.7	org.elasticsearch:elasticsearch 7.10.2 fixed in 7.17.13, 8.9.0	1.2% Low-Moderate Risk	Post-Exploit
CVE-2026-4873	LOW2.7	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	curl-minimal 7.76.1-31.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-4873	LOW2.7	libcurl 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6253	LOW2.7	libcurl 7.76.1-31.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-7168	LOW2.7	libcurl 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-7264	LOW2.69	curl-minimal 7.76.1-31.el9 No fix yet	16.2% High Exploitation Risk	Post-Exploit
CVE-2024-7264	LOW2.69	libcurl 7.76.1-31.el9 No fix yet	16.2% High Exploitation Risk	Post-Exploit
CVE-2025-8277	LOW2.63	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0968	LOW2.63	libssh 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.4% Theoretical Threat	Directly Exposed
CVE-2025-8277	LOW2.63	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0968	LOW2.63	libssh-config 0.10.4-13.el9 fixed in 0.10.4-18.el9	0.4% Theoretical Threat	Directly Exposed
CVE-2025-15079	LOW2.48	curl-minimal 7.76.1-31.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-15079	LOW2.48	libcurl 7.76.1-31.el9 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-14017	LOW2.45	curl-minimal 7.76.1-31.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-14017	LOW2.45	libcurl 7.76.1-31.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-15224	LOW2.4	libcurl 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-64118	LOW2.4	tar 2:1.34-7.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2024-9681	LOW2.34	curl-minimal 7.76.1-31.el9 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2024-9681	LOW2.34	libcurl 7.76.1-31.el9 No fix yet	2.0% Low-Moderate Risk	Post-Exploit
CVE-2026-5773	LOW2.29	curl-minimal 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW2.29	curl-minimal 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5773	LOW2.29	libcurl 7.76.1-31.el9 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6276	LOW2.29	libcurl 7.76.1-31.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 8.32-36.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils-common 8.32-36.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	shadow-utils 2:4.9-10.el9_5 fixed in 2:4.9-15.el9	0.4% Theoretical Threat	Post-Exploit
CVE-2023-39804	LOW1.68	tar 2:1.34-7.el9 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-29458	NONE0	ncurses-base 6.2-10.20210508.el9 fixed in 6.2-10.20210508.el9_6.2	1.3% Low-Moderate Risk	Not Applicable
CVE-2022-29458	NONE0	ncurses-libs 6.2-10.20210508.el9 fixed in 6.2-10.20210508.el9_6.2	1.3% Low-Moderate Risk	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.2-10.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-libs 6.2-10.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2025-48924	NONE0	commons-lang:commons-lang 2.6 No fix yet	2.2% Low-Moderate Risk	Not Applicable
CVE-2026-8178	NONE0	com.amazon.redshift:redshift-jdbc42 2.1.0.30 fixed in 2.2.2	0.6% Theoretical Threat	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.18.3 fixed in 2.21.1, 2.18.6	—	Not Applicable
CVE-2026-45799	NONE0	com.squareup.wire:wire-runtime-jvm 5.2.1 No fix yet	—	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec 4.1.119.Final fixed in 4.1.133.Final	0.4% Theoretical Threat	Not Applicable
CVE-2026-45205	NONE0	org.apache.commons:commons-configuration2 2.11.0 fixed in 2.15.0	0.5% Theoretical Threat	Not Applicable
CVE-2026-45205	NONE0	org.apache.commons:commons-configuration2 2.8.0 fixed in 2.15.0	0.5% Theoretical Threat	Not Applicable
CVE-2026-33558	NONE0	org.apache.kafka:kafka-clients 4.0.0 fixed in 3.9.2, 4.0.1	0.5% Theoretical Threat	Not Applicable
CVE-2025-59059	NONE0	org.apache.ranger:ranger-plugins-common 2.6.0 fixed in 2.8.0	1.2% Low-Moderate Risk	Not Applicable
CVE-2024-52980	NONE0	org.elasticsearch:elasticsearch 7.17.28 fixed in 8.15.1	0.4% Theoretical Threat	Not Applicable