This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. The only notable exposure is CVE-2026-6732, a denial-of-service vulnerability in libxml2 that can be triggered by sending a specially crafted XSD-validated document, potentially crashing the Zabbix server. Updating libxml2 to a patched version would fully eliminate this risk. Given that the Zabbix server likely processes XML data from agents or APIs, this vulnerability is relevant but does not compromise data integrity or confidentiality.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-6732 | MEDIUM6.38 | libxml2-16 2.15.2+dfsg-0.1 fixed in 2.15.2+dfsg-0.1ubuntu0.1 | 0.6% Theoretical Threat | Directly ExposedContext importance: HIGH |
| CVE-2026-39821 | MEDIUM5.58 | golang.org/x/net v0.40.0 fixed in 0.55.0 | 0.3% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-3731 | MEDIUM5.1 | libssh-4 0.11.3-1ubuntu1 No fix yet | 0.6% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-33814 | MEDIUM5.1 | golang.org/x/net v0.40.0 fixed in 0.53.0 | 0.6% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2024-2236 | MEDIUM4.72 | libgcrypt20 1.12.0-2ubuntu0.1 No fix yet | 1.1% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2026-4046 | MEDIUM4.5 | libc-bin 2.43-2ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc6 2.43-2ubuntu2 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4437 | MEDIUM4.42 | libc-bin 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-4437 | MEDIUM4.42 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-4437 | MEDIUM4.42 | libc6 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-27456 | MEDIUM4 | libblkid1 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libmount1 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libsmartcols1 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libuuid1 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | libc-bin 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | libc6 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-45582 | LOW2.86 | tar 1.35+dfsg-4 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2021-45261 | LOW2.8 | patch 2.8-2build1 No fix yet | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-35373 | LOW2.8 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-40228 | LOW2.8 | libsystemd0 259.5-0ubuntu3 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40228 | LOW2.8 | libudev1 259.5-0ubuntu3 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2018-6952 | LOW2.7 | patch 2.8-2build1 No fix yet | 8.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-3184 | LOW2.7 | bsdutils 1:2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW2.7 | login 1:4.16.0-2+really2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW2.7 | mount 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW2.7 | util-linux 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-47911 | LOW2.7 | golang.org/x/net v0.40.0 fixed in 0.45.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-58190 | LOW2.7 | golang.org/x/net v0.40.0 fixed in 0.45.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | LOW2.4 | bsdutils 1:2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | login 1:4.16.0-2+really2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | mount 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | util-linux 2.41.3-3ubuntu2 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2021-31879 | LOW2.2 | wget 1.25.0-2ubuntu4 No fix yet | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-6238 | LOW1.99 | libc-bin 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6238 | LOW1.99 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6238 | LOW1.99 | libc6 2.43-2ubuntu2 No fix yet | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2024-56433 | LOW1.84 | passwd 1:4.17.4-2ubuntu3 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-5435 | LOW1.81 | libc-bin 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-5435 | LOW1.81 | libc-gconv-modules-extra 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-5435 | LOW1.81 | libc6 2.43-2ubuntu2 No fix yet | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW1.62 | libblkid1 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW1.62 | libmount1 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW1.62 | libsmartcols1 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-3184 | LOW1.62 | libuuid1 2.41.3-3ubuntu2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-42507 | NONE0 | stdlib v1.26.3 fixed in 1.25.11, 1.26.4 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2024-56433 | NONE0 | login.defs 1:4.17.4-2ubuntu3 No fix yet | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-35341 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-35344 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35345 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35348 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35350 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35351 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35352 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35354 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35357 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35359 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35360 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35363 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-35364 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35367 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35368 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35370 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35371 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35374 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | <0.1% Theoretical Threat | Not Applicable |
| CVE-2026-35377 | NONE0 | rust-coreutils 0.8.0-0ubuntu3 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-25680 | NONE0 | golang.org/x/net v0.40.0 fixed in 0.55.0 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-25681 | NONE0 | golang.org/x/net v0.40.0 fixed in 0.55.0 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-27136 | NONE0 | golang.org/x/net v0.40.0 fixed in 0.55.0 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-42502 | NONE0 | golang.org/x/net v0.40.0 fixed in 0.55.0 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-42506 | NONE0 | golang.org/x/net v0.40.0 fixed in 0.55.0 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-39824 | NONE0 | golang.org/x/sys v0.33.0 fixed in 0.44.0 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-27145 | NONE0 | stdlib v1.26.3 fixed in 1.25.11, 1.26.4 | 0.6% Theoretical Threat | Not Applicable |
| CVE-2026-42504 | NONE0 | stdlib v1.26.3 fixed in 1.25.11, 1.26.4 | 0.6% Theoretical Threat | Not Applicable |