StackPatch is liveSee product

Back to StackPatch
Action needed — 1 active finding

mss-vps / srv1550816

Ubuntu 24.04 · kernel 6.8.0-110-generic

Last inventory captured: Sat, 02 May 2026 14:03:01 GMT · Audit generated: Sat, 02 May 2026 15:01:59 GMT

Active findings

1/ 6 ever

CVEs not yet patched on this host

Resolved findings

5

Patched, removed, or mitigated

Inventory

969 packages

2 Docker images

13 listening ports

Active mitigations

Persistent guardrails applied to this host that block known exploit paths.

  • CVE-2026-31431-copyfail

    /etc/modprobe.d/cve-2026-31431-copyfail.conf

    blacklist algif_aead
install algif_aead /bin/false

Active findings (1)

CVEs the matcher detected against this host's installed packages, with the recommended action to apply.

USN-8221-1Patch soonCVE-2026-24049

wheel vulnerability

Package python3-wheel: installed 0.42.0-2 → fixed 0.42.0-2ubuntu0.1~esm1

Recommended action: Fixed version 0.42.0-2ubuntu0.1~esm1 is in Ubuntu Pro / ESM, not standard apt. Enable Ubuntu Pro (free for personal + small-team) or treat as watch item.

sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y python3-wheel=0.42.0-2ubuntu0.1~esm1

Ubuntu Pro is free for up to 5 machines for personal + small-business use. Sign up at https://ubuntu.com/pro.

Recent resolutions (5 total)

CVEs that were detected, then patched or otherwise resolved on this host.

  1. Fri, 01 May 2026 12:33:02 GMTUSN-8226-1libkmod2 · resolved via package upgraded
  2. Fri, 01 May 2026 12:33:02 GMTUSN-8226-1kmod · resolved via package upgraded
  3. Thu, 30 Apr 2026 14:42:01 GMTUSN-8222-1openssh-sftp-server · resolved via package upgraded
  4. Thu, 30 Apr 2026 14:42:01 GMTUSN-8222-1openssh-server · resolved via package upgraded
  5. Thu, 30 Apr 2026 14:42:01 GMTUSN-8222-1openssh-client · resolved via package upgraded
Share this with customers

This URL is your security-due-diligence answer. When a prospect asks “how do you handle server security updates?”, send them this link. It is live, it updates hourly, and it shows everything they need to verify your posture without an NDA.

Suggested copy:

We use StackPatch for continuous CVE monitoring on our infrastructure. Our live audit page is here:

https://mindsparkstack.com/patch/audit/mss-vps

It shows current active findings, applied mitigations, and recent resolutions. The page updates hourly; no PDF to keep in sync.
What this audit certifies / does not certify

This page DOES show:

  • • Active CVE matches against installed packages on this host
  • • Applied modprobe-blacklist mitigations
  • • Kernel version + reboot-pending state
  • • Package, Docker image, and listening-port counts
  • • Hourly inventory freshness timestamp
  • • Recent resolution history

This page does NOT certify:

  • • Application-layer vulnerabilities (your code)
  • • SOC 2, ISO 27001, HIPAA, or any compliance attestation
  • • Zero-day vulnerabilities not yet in USN/DSA/NVD feeds
  • • Misconfigurations (open S3 buckets, weak passwords, etc.)
  • • Third-party SaaS posture (Stripe, AWS, etc.)
  • • Anything outside the package + kernel CVE catch

StackPatch is the patch-ops layer of a security posture. It is not a substitute for an audit, a SOC 2 report, or a security engineer.

Want this for your servers?

Five-second setup. curl mindsparkstack.com/scan.sh | bash for a free anonymous CVE check. $99 lifetime founder seat (50 only) for hourly monitoring + your own audit URL like this one.

See StackPatch →$99 lifetime founder seat →Free quickscan
Export JSON·Export CSV·For compliance tickets and security emails