Vulnerability Reportvictoriametrics/victoria-metrics:v1.141.0

victoriametrics/victoria-metrics:v1.141.0victoriametrics/victoria-metrics:v1.141.0-rc0

DIGESTsha256:444f3c0178b4ef50dcde90ff91ee59ace0bbdf105789f6cbeb51385f5c0d9f90

Executive Summary

Threat ScoreSAFE• Trusted verified publisher (victoriametrics) and pinned by digest• 21 exposed vulnerabilities, all low severity (max 5.35)• 20 post-exploit vulnerabilities, all low severity (max 2.92)• No high or critical severity findings• Popular image with 97M+ pulls

0/100SAFE

ReputationVERIFIED• Verified Publisher (Trusted Vendor)• Pinned by digest (Immutable)

TRUSTED

This image is safe for production use. It contains 21 exposed and 20 post-exploit vulnerabilities, but all are low severity (max CVSS 5.35) and none pose a significant risk in this context. The image is from a verified publisher and pinned by digest, ensuring immutability and trust.

Vulnerabilities

Vulnerability Log

41 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-34181	MEDIUM5.35	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34181	MEDIUM5.35	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-39826	MEDIUM4.59	stdlib v1.26.2 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42507	MEDIUM4.5	stdlib v1.26.2 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45447	LOW2.92	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45447	LOW2.92	libssl3 3.5.6-r0 fixed in 3.5.7-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45445	LOW2.78	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW2.29	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW2.29	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Post-Exploit
CVE-2026-33811	LOW2.29	stdlib v1.26.2 fixed in 1.25.10, 1.26.3	0.5% Theoretical Threat	Post-Exploit
CVE-2026-33814	LOW2.29	stdlib v1.26.2 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Post-Exploit
CVE-2026-39820	LOW2.29	stdlib v1.26.2 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Post-Exploit
CVE-2026-39836	LOW2.29	stdlib v1.26.2 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW2.26	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW2.26	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-42764	LOW1.81	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.7% Theoretical Threat	Post-Exploit
CVE-2026-42769	LOW1.81	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW1.81	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW1.81	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42764	LOW1.81	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.7% Theoretical Threat	Post-Exploit
CVE-2026-42769	LOW1.81	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW1.81	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW1.81	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-39823	NONE0	stdlib v1.26.2 fixed in 1.25.10, 1.26.3	0.3% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.26.2 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.26.2 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.26.2 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.26.2 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable