mss-vps / srv1550816
Ubuntu 24.04 · kernel 6.8.0-124-generic
Last inventory captured: Mon, 22 Jun 2026 07:03:06 GMT · Audit generated: Mon, 22 Jun 2026 08:03:43 GMT
20/ 115 ever
CVEs not yet patched on this host
95
Patched, removed, or mitigated
973 packages
2 Docker images
13 listening ports
Active mitigations
Persistent guardrails applied to this host that block known exploit paths.
CVE-2026-31431-copyfail
/etc/modprobe.d/cve-2026-31431-copyfail.conf
blacklist algif_aead install algif_aead /bin/false
Active findings (20)
CVEs the matcher detected against this host's installed packages, with the recommended action to apply.
nginx vulnerability
Package nginx: installed 1.24.0-2ubuntu7.7 → fixed 1.24.0-2ubuntu7.8
Recommended action: Upgrade nginx from 1.24.0-2ubuntu7.7 to 1.24.0-2ubuntu7.8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y nginx
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
nginx vulnerability
Package nginx-common: installed 1.24.0-2ubuntu7.7 → fixed 1.24.0-2ubuntu7.8
Recommended action: Upgrade nginx-common from 1.24.0-2ubuntu7.7 to 1.24.0-2ubuntu7.8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y nginx-common
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
FFmpeg vulnerability
Package ffmpeg: installed 7:6.1.1-3ubuntu5 → fixed 7:6.1.1-3ubuntu5+esm8
Recommended action: Upgrade ffmpeg from 7:6.1.1-3ubuntu5 to 7:6.1.1-3ubuntu5+esm8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y ffmpeg
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
FFmpeg vulnerability
Package libavcodec60: installed 7:6.1.1-3ubuntu5 → fixed 7:6.1.1-3ubuntu5+esm8
Recommended action: Upgrade libavcodec60 from 7:6.1.1-3ubuntu5 to 7:6.1.1-3ubuntu5+esm8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y libavcodec60
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
FFmpeg vulnerability
Package libavdevice60: installed 7:6.1.1-3ubuntu5 → fixed 7:6.1.1-3ubuntu5+esm8
Recommended action: Upgrade libavdevice60 from 7:6.1.1-3ubuntu5 to 7:6.1.1-3ubuntu5+esm8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y libavdevice60
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
FFmpeg vulnerability
Package libavfilter9: installed 7:6.1.1-3ubuntu5 → fixed 7:6.1.1-3ubuntu5+esm8
Recommended action: Upgrade libavfilter9 from 7:6.1.1-3ubuntu5 to 7:6.1.1-3ubuntu5+esm8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y libavfilter9
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
FFmpeg vulnerability
Package libavformat60: installed 7:6.1.1-3ubuntu5 → fixed 7:6.1.1-3ubuntu5+esm8
Recommended action: Upgrade libavformat60 from 7:6.1.1-3ubuntu5 to 7:6.1.1-3ubuntu5+esm8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y libavformat60
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
FFmpeg vulnerability
Package libavutil58: installed 7:6.1.1-3ubuntu5 → fixed 7:6.1.1-3ubuntu5+esm8
Recommended action: Upgrade libavutil58 from 7:6.1.1-3ubuntu5 to 7:6.1.1-3ubuntu5+esm8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y libavutil58
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
FFmpeg vulnerability
Package libpostproc57: installed 7:6.1.1-3ubuntu5 → fixed 7:6.1.1-3ubuntu5+esm8
Recommended action: Upgrade libpostproc57 from 7:6.1.1-3ubuntu5 to 7:6.1.1-3ubuntu5+esm8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y libpostproc57
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
FFmpeg vulnerability
Package libswresample4: installed 7:6.1.1-3ubuntu5 → fixed 7:6.1.1-3ubuntu5+esm8
Recommended action: Upgrade libswresample4 from 7:6.1.1-3ubuntu5 to 7:6.1.1-3ubuntu5+esm8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y libswresample4
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
FFmpeg vulnerability
Package libswscale7: installed 7:6.1.1-3ubuntu5 → fixed 7:6.1.1-3ubuntu5+esm8
Recommended action: Upgrade libswscale7 from 7:6.1.1-3ubuntu5 to 7:6.1.1-3ubuntu5+esm8. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y libswscale7
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
pip vulnerabilities
Package python3-pip: installed 24.0+dfsg-1ubuntu1.3 → fixed 24.0+dfsg-1ubuntu1.3+esm1
Recommended action: Upgrade python3-pip from 24.0+dfsg-1ubuntu1.3 to 24.0+dfsg-1ubuntu1.3+esm1. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-pip
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
pip vulnerabilities
Package python3-pip-whl: installed 24.0+dfsg-1ubuntu1.3 → fixed 24.0+dfsg-1ubuntu1.3+esm1
Recommended action: Upgrade python3-pip-whl from 24.0+dfsg-1ubuntu1.3 to 24.0+dfsg-1ubuntu1.3+esm1. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-pip-whl
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
pip regression
Package python3-pip: installed 24.0+dfsg-1ubuntu1.3 → fixed 24.0+dfsg-1ubuntu1.3+esm2
Recommended action: Upgrade python3-pip from 24.0+dfsg-1ubuntu1.3 to 24.0+dfsg-1ubuntu1.3+esm2. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-pip
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
pip regression
Package python3-pip-whl: installed 24.0+dfsg-1ubuntu1.3 → fixed 24.0+dfsg-1ubuntu1.3+esm2
Recommended action: Upgrade python3-pip-whl from 24.0+dfsg-1ubuntu1.3 to 24.0+dfsg-1ubuntu1.3+esm2. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-pip-whl
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
nginx vulnerabilities
Package nginx: installed 1.24.0-2ubuntu7.8 → fixed 1.24.0-2ubuntu7.9
Recommended action: Upgrade nginx from 1.24.0-2ubuntu7.8 to 1.24.0-2ubuntu7.9. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y nginx
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
nginx vulnerabilities
Package nginx-common: installed 1.24.0-2ubuntu7.8 → fixed 1.24.0-2ubuntu7.9
Recommended action: Upgrade nginx-common from 1.24.0-2ubuntu7.8 to 1.24.0-2ubuntu7.9. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y nginx-common
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
pip vulnerability
Package python3-pip: installed 24.0+dfsg-1ubuntu1.3 → fixed 24.0+dfsg-1ubuntu1.3+esm3
Recommended action: Upgrade python3-pip from 24.0+dfsg-1ubuntu1.3 to 24.0+dfsg-1ubuntu1.3+esm3. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-pip
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
pip vulnerability
Package python3-pip-whl: installed 24.0+dfsg-1ubuntu1.3 → fixed 24.0+dfsg-1ubuntu1.3+esm3
Recommended action: Upgrade python3-pip-whl from 24.0+dfsg-1ubuntu1.3 to 24.0+dfsg-1ubuntu1.3+esm3. Patched version available in standard apt repos.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-pip-whl
Most apt upgrades restart their service automatically. needrestart lists anything needing manual restart. No reboot required.
wheel vulnerability
Package python3-wheel: installed 0.42.0-2 → fixed 0.42.0-2ubuntu0.1~esm1
Recommended action: Fixed version 0.42.0-2ubuntu0.1~esm1 is in Ubuntu Pro / ESM, not standard apt. Enable Ubuntu Pro (free for personal + small-team) or treat as watch item.
sudo pro attach <token> sudo apt-get update sudo apt-get install --only-upgrade -y python3-wheel=0.42.0-2ubuntu0.1~esm1
Ubuntu Pro is free for up to 5 machines for personal + small-business use. Sign up at https://ubuntu.com/pro.
Recent resolutions (95 total)
CVEs that were detected, then patched or otherwise resolved on this host.
- Thu, 18 Jun 2026 22:33:30 GMTUSN-8451-1
xxd· resolved via package upgraded - Thu, 18 Jun 2026 22:33:30 GMTUSN-8451-1
vim-tiny· resolved via package upgraded - Thu, 18 Jun 2026 22:33:30 GMTUSN-8451-1
vim-runtime· resolved via package upgraded - Thu, 18 Jun 2026 22:33:29 GMTUSN-8451-1
vim-common· resolved via package upgraded - Thu, 18 Jun 2026 22:33:29 GMTUSN-8451-1
vim· resolved via package upgraded - Thu, 18 Jun 2026 22:33:23 GMTUSN-8454-1
libheif1· resolved via package upgraded - Thu, 18 Jun 2026 22:33:23 GMTUSN-8454-1
libheif-plugin-libde265· resolved via package upgraded - Thu, 18 Jun 2026 22:33:23 GMTUSN-8454-1
libheif-plugin-aomenc· resolved via package upgraded - Thu, 18 Jun 2026 22:33:22 GMTUSN-8454-1
libheif-plugin-aomdec· resolved via package upgraded - Tue, 16 Jun 2026 17:33:19 GMTUSN-8437-1
librabbitmq4· resolved via package upgraded
This URL is your security-due-diligence answer. When a prospect asks “how do you handle server security updates?”, send them this link. It is live, it updates hourly, and it shows everything they need to verify your posture without an NDA.
Suggested copy:
We use StackPatch for continuous CVE monitoring on our infrastructure. Our live audit page is here: https://mindsparkstack.com/patch/audit/mss-vps It shows current active findings, applied mitigations, and recent resolutions. The page updates hourly; no PDF to keep in sync.
This page DOES show:
- • Active CVE matches against installed packages on this host
- • Applied modprobe-blacklist mitigations
- • Kernel version + reboot-pending state
- • Package, Docker image, and listening-port counts
- • Hourly inventory freshness timestamp
- • Recent resolution history
This page does NOT certify:
- • Application-layer vulnerabilities (your code)
- • SOC 2, ISO 27001, HIPAA, or any compliance attestation
- • Zero-day vulnerabilities not yet in USN/DSA/NVD feeds
- • Misconfigurations (open S3 buckets, weak passwords, etc.)
- • Third-party SaaS posture (Stripe, AWS, etc.)
- • Anything outside the package + kernel CVE catch
StackPatch is the patch-ops layer of a security posture. It is not a substitute for an audit, a SOC 2 report, or a security engineer.
Five-second setup. curl mindsparkstack.com/scan.sh | bash for a free anonymous CVE check. From $9/mo (14-day free trial) for hourly monitoring + your own audit URL like this one.