Critical
High
Medium
Low
Secrets
Misconfig
| Severity | CVE ID | Package | Installed | Fixed In | Description |
|---|---|---|---|---|---|
| CRITICAL | CVE-2025-66516 | org.apache.tika:tika-core | 2.9.1 | 3.2.2 | tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika |
| HIGH | CVE-2026-41731 | org.springframework.kafka:spring-kafka | 3.2.1 | 4.0.6, 3.3.16 | spring-kafka: Spring for Apache Kafka: Arbitrary code execution via insecure deserialization of craf |
| MEDIUM | CVE-2026-41726 | org.springframework.kafka:spring-kafka | 3.2.1 | 4.0.6, 3.3.16 | spring-kafka: Spring-kafka: Denial of Service due to unbounded heap growth via unique header values |
| Type | File | Line | Match |
|---|---|---|---|
| ✅ No secrets found | |||
| Severity | ID | Check | File | Message |
|---|---|---|---|---|
| HIGH | DS002 | Image user should not be 'root' | Dockerfile | Specify at least 1 USER command in Dockerfile with non-root user as argument |