Tell us your distro + kernel version. Find out if you're affected by recent CVEs.
Live join against the cached Ubuntu USN feed and the Debian Security Tracker (~110K fix-records across bookworm/trixie/bullseye), using dpkg --compare-versions for correct Debian-policy version compare. Returns real CVE matches with the exact apt one-liner per finding. Anonymous, no card, no signup.
Faster: pipe-to-bash on your actual server
curl https://mindsparkstack.com/scan.sh | bash
Source is rendered as text/plain so you can read it before piping. Reads /etc/os-release, uname -r, top 200 packages from dpkg-query. POSTs to the same endpoint the form below uses.
What we collect
- • distro name + codename (from /etc/os-release)
- • kernel version (from uname -r)
- • installed package names + versions (top 200, from dpkg-query)
Held in a 5-minute server cache, then dropped.
What we never collect
- • hostname, IP, MAC, machine-id
- • env vars, .env files, secrets, SSH keys
- • application source code or DB contents
- • cookies (the page sets none) or third-party trackers
Or fill out the fields below if you can't pipe-to-bash:
Don't know your kernel version?
On any Linux box, paste this command into your shell:
# distro + codename lsb_release -is && lsb_release -cs # kernel running uname -r # (optional) get a few key package versions to paste dpkg -l openssh-server openssh-client openssh-sftp-server | grep ^ii
Want this every hour against YOUR full stack?
StackPatch runs 50+ USN + 200+ NVD records continuously, with the playbook engine telling you the exact command per finding. Audit log per server is publicly shareable. $99 lifetime, 50 founder seats.
Buy lifetime →See the live audit log of our own VPS
MindSparkStack runs StackPatch on its own production server. Active findings, applied mitigations, recent resolutions — all public, no signup.
Live audit →