This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit CVE-2026-2332 to perform HTTP request smuggling, potentially gaining unauthorized access or poisoning caches. Disabling the ZooKeeper Admin Server or isolating it from untrusted networks would fully eliminate this specific risk, but the high volume of other vulnerabilities (e.g., CVE-2026-41989) still makes the image unsuitable for production without comprehensive remediation.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-2332 | HIGH7.73 | org.eclipse.jetty:jetty-http 9.4.57.v20241219 fixed in 12.1.7, 12.0.33 | 0.4% Theoretical Threat | Directly ExposedContext importance: HIGH |
| CVE-2026-41989 | MEDIUM6.38 | libgcrypt20 1.9.4-3ubuntu3 fixed in 1.9.4-3ubuntu3.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-33846 | MEDIUM6.38 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-42009 | MEDIUM6.38 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-3731 | MEDIUM6.38 | libssh-4 0.9.6-2ubuntu0.22.04.5 fixed in 0.9.6-2ubuntu0.22.04.7 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM6.38 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-45416 | MEDIUM6.38 | io.netty:netty-handler 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-3833 | MEDIUM6.29 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42011 | MEDIUM6.29 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-24281 | MEDIUM6.29 | org.apache.zookeeper:zookeeper 3.8.5 fixed in 3.8.6, 3.9.5 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42012 | MEDIUM6.03 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-24308 | MEDIUM6 | org.apache.zookeeper:zookeeper 3.8.5 fixed in 3.9.5, 3.8.6 | 1.1% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2026-4878 | MEDIUM5.95 | libcap2 1:2.44-1ubuntu0.22.04.2 fixed in 1:2.44-1ubuntu0.22.04.3 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-2236 | MEDIUM5.9 | libgcrypt20 1.9.4-3ubuntu3 No fix yet | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-42013 | MEDIUM5.58 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.4% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-6238 | MEDIUM5.52 | libc-bin 2.35-0ubuntu3.13 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6238 | MEDIUM5.52 | libc6 2.35-0ubuntu3.13 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-11143 | MEDIUM5.52 | org.eclipse.jetty:jetty-http 9.4.57.v20241219 fixed in 12.0.31, 12.1.5 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-44249 | MEDIUM5.5 | io.netty:netty-handler 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.5% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-40225 | MEDIUM5.44 | libsystemd0 249.11-0ubuntu3.17 fixed in 249.11-0ubuntu3.19 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-40226 | MEDIUM5.44 | libsystemd0 249.11-0ubuntu3.17 fixed in 249.11-0ubuntu3.21 | <0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-11226 | MEDIUM5.44 | ch.qos.logback:logback-core 1.3.15 fixed in 1.5.19, 1.3.16 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-0964 | MEDIUM5.35 | libssh-4 0.9.6-2ubuntu0.22.04.5 fixed in 0.9.6-2ubuntu0.22.04.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-58057 | MEDIUM5.1 | io.netty:netty-codec 4.1.119.Final fixed in 4.1.125.Final | 0.6% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-5435 | MEDIUM5.02 | libc-bin 2.35-0ubuntu3.13 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | libc6 2.35-0ubuntu3.13 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2023-7008 | MEDIUM5.02 | libsystemd0 249.11-0ubuntu3.17 fixed in 249.11-0ubuntu3.21 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-66382 | MEDIUM4.67 | libexpat1 2.4.7-1ubuntu0.7 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2022-27943 | MEDIUM4.67 | libgcc-s1 12.3.0-1ubuntu1~22.04.2 No fix yet | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-0967 | MEDIUM4.67 | libssh-4 0.9.6-2ubuntu0.22.04.5 fixed in 0.9.6-2ubuntu0.22.04.6 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2022-27943 | MEDIUM4.67 | libstdc++6 12.3.0-1ubuntu1~22.04.2 No fix yet | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc-bin 2.35-0ubuntu3.13 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc6 2.35-0ubuntu3.13 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-14831 | MEDIUM4.5 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.8 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42015 | MEDIUM4.5 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-34743 | MEDIUM4.5 | liblzma5 5.2.5-2ubuntu1 fixed in 5.2.5-2ubuntu1.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-6763 | MEDIUM4.5 | org.eclipse.jetty:jetty-http 9.4.57.v20241219 fixed in 12.0.12 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-1225 | MEDIUM4.25 | ch.qos.logback:logback-core 1.3.15 fixed in 1.5.25 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libblkid1 2.37.2-4ubuntu3.4 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libmount1 2.37.2-4ubuntu3.4 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libuuid1 2.37.2-4ubuntu3.4 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-6276 | LOW3.82 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW3.82 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6276 | LOW3.82 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-34182 | LOW3.77 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-34757 | LOW3.74 | libpng16-16 1.6.37-3ubuntu0.4 fixed in 1.6.37-3ubuntu0.5 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2021-31879 | LOW3.66 | wget 1.21.2-2ubuntu1.1 No fix yet | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-1965 | LOW3.47 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.23 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-1965 | LOW3.47 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.23 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-9820 | LOW3.4 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.8 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45536 | LOW3.4 | io.netty:netty-transport-native-epoll 4.1.119.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-5545 | LOW3.31 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW3.31 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-14524 | LOW3.31 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.22 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-3784 | LOW3.31 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.23 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-5545 | LOW3.31 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW3.31 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-14524 | LOW3.31 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.22 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-3784 | LOW3.31 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.23 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-5958 | LOW3.21 | sed 4.8-1ubuntu2 fixed in 4.8-1ubuntu2.1 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-3832 | LOW3.15 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | LOW3.01 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 1.0% Theoretical Threat | Post-Exploit |
| CVE-2026-42770 | LOW3.01 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-9076 | LOW3.01 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42010 | LOW3 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-3783 | LOW2.91 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.23 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-3783 | LOW2.91 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.23 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-45582 | LOW2.86 | tar 1.34+dfsg-1ubuntu0.1.22.04.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-7383 | LOW2.8 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-5704 | LOW2.8 | tar 1.34+dfsg-1ubuntu0.1.22.04.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-0965 | LOW2.8 | libssh-4 0.9.6-2ubuntu0.22.04.5 fixed in 0.9.6-2ubuntu0.22.04.6 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40228 | LOW2.8 | libsystemd0 249.11-0ubuntu3.17 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-33845 | LOW2.78 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2017-11164 | LOW2.7 | libpcre3 2:8.39-13ubuntu0.22.04.1 No fix yet | 3.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-33416 | LOW2.7 | libpng16-16 1.6.37-3ubuntu0.4 fixed in 1.6.37-3ubuntu0.5 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2022-4899 | LOW2.7 | libzstd1 1.4.8+dfsg-3build1 No fix yet | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-4873 | LOW2.7 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-4873 | LOW2.7 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42766 | LOW2.7 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-42767 | LOW2.7 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-0968 | LOW2.63 | libssh-4 0.9.6-2ubuntu0.22.04.5 fixed in 0.9.6-2ubuntu0.22.04.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-8277 | LOW2.63 | libssh-4 0.9.6-2ubuntu0.22.04.5 fixed in 0.9.6-2ubuntu0.22.04.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | LOW2.55 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-5260 | LOW2.51 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-0966 | LOW2.51 | libssh-4 0.9.6-2ubuntu0.22.04.5 fixed in 0.9.6-2ubuntu0.22.04.6 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-15079 | LOW2.48 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.22 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-15079 | LOW2.48 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.22 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | libssl3 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-14017 | LOW2.45 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.22 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-14017 | LOW2.45 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.22 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | bsdutils 1:2.37.2-4ubuntu3.4 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-15224 | LOW2.4 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.22 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-15224 | LOW2.4 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.22 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | mount 2.37.2-4ubuntu3.4 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | util-linux 2.37.2-4ubuntu3.4 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-29111 | LOW2.39 | libsystemd0 249.11-0ubuntu3.17 fixed in 249.11-0ubuntu3.19 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-33636 | LOW2.33 | libpng16-16 1.6.37-3ubuntu0.4 fixed in 1.6.37-3ubuntu0.5 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW2.29 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.24 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-27135 | LOW2.29 | libnghttp2-14 1.43.0-1ubuntu0.2 fixed in 1.43.0-1ubuntu0.3 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2022-41409 | LOW2.29 | libpcre2-8-0 10.39-3ubuntu0.1 No fix yet | 1.0% Theoretical Threat | Post-Exploit |
| CVE-2026-28388 | LOW2.29 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW2.29 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28390 | LOW2.29 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.23 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-45446 | LOW1.89 | openssl 3.0.2-0ubuntu1.21 fixed in 3.0.2-0ubuntu1.25 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2024-56433 | LOW1.84 | login 1:4.8.1-2ubuntu2.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2024-56433 | LOW1.84 | passwd 1:4.8.1-2ubuntu2.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2023-29383 | LOW1.68 | login 1:4.8.1-2ubuntu2.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2023-29383 | LOW1.68 | passwd 1:4.8.1-2ubuntu2.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-29111 | NONE0 | libudev1 249.11-0ubuntu3.17 fixed in 249.11-0ubuntu3.19 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2023-50495 | NONE0 | libncurses6 6.3-2ubuntu0.1 No fix yet | 1.0% Theoretical Threat | Not Applicable |
| CVE-2023-50495 | NONE0 | libncursesw6 6.3-2ubuntu0.1 No fix yet | 1.0% Theoretical Threat | Not Applicable |
| CVE-2023-50495 | NONE0 | libtinfo6 6.3-2ubuntu0.1 No fix yet | 1.0% Theoretical Threat | Not Applicable |
| CVE-2026-6238 | NONE0 | locales 2.35-0ubuntu3.13 No fix yet | 0.3% Theoretical Threat | Not Applicable |
| CVE-2023-50495 | NONE0 | ncurses-base 6.3-2ubuntu0.1 No fix yet | 1.0% Theoretical Threat | Not Applicable |
| CVE-2023-50495 | NONE0 | ncurses-bin 6.3-2ubuntu0.1 No fix yet | 1.0% Theoretical Threat | Not Applicable |
| CVE-2026-40225 | NONE0 | libudev1 249.11-0ubuntu3.17 fixed in 249.11-0ubuntu3.19 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-40226 | NONE0 | libudev1 249.11-0ubuntu3.17 fixed in 249.11-0ubuntu3.21 | <0.1% Theoretical Threat | Not Applicable |
| CVE-2023-7008 | NONE0 | libudev1 249.11-0ubuntu3.17 fixed in 249.11-0ubuntu3.21 | 0.8% Theoretical Threat | Not Applicable |
| CVE-2026-5435 | NONE0 | locales 2.35-0ubuntu3.13 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| CVE-2022-27943 | NONE0 | gcc-12-base 12.3.0-1ubuntu1~22.04.2 No fix yet | 0.9% Theoretical Threat | Not Applicable |
| CVE-2026-4046 | NONE0 | locales 2.35-0ubuntu3.13 No fix yet | 0.4% Theoretical Threat | Not Applicable |
| CVE-2026-27456 | NONE0 | libsmartcols1 2.37.2-4ubuntu3.4 No fix yet | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-40228 | NONE0 | libudev1 249.11-0ubuntu3.17 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| CVE-2025-0167 | NONE0 | curl 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.23 | 0.6% Theoretical Threat | Not Applicable |
| CVE-2025-0167 | NONE0 | libcurl4 7.81.0-1ubuntu1.21 fixed in 7.81.0-1ubuntu1.23 | 0.6% Theoretical Threat | Not Applicable |
| CVE-2026-42014 | NONE0 | libgnutls30 3.7.3-4ubuntu1.7 fixed in 3.7.3-4ubuntu1.9 | — | Not Applicable |
| CVE-2026-40930 | NONE0 | libpng16-16 1.6.37-3ubuntu0.4 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.15.2 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
| CVE-2026-42583 | NONE0 | io.netty:netty-codec 4.1.119.Final fixed in 4.1.133.Final | 0.4% Theoretical Threat | Not Applicable |