2026-05-105 Proxmox nodes (PVE 9.1)14 Linux systems
Summary cluster-wide Linux only — Windows VMs excluded
Pending Patches
982
across 11 systems
EOL Systems
1
CentOS 7 (VM 126)
Heavy Backlogs (≥100)
3
VM 120, 142, 123
Recently Patched
2
VM 114, 121
Disclaimer: Counts pulled from each VM's cached apt metadata (no apt update run during audit). True patch counts after a fresh metadata refresh will likely be higher.
Ubuntu / Debian — Patch Backlog sorted by severity
VMID
Hostname
Node
OS
Upgradable
Tier
120
MySQL-Dev-Server-3.210
JMFPMX02
Ubuntu 24.04 LTS
219
Critical
142
MySQL-Dev-2
JMFPMX02
Ubuntu 24.04 LTS
219
Critical
123
API-Server-3.244
JMFPMX01
Ubuntu 24.04.3
151
Critical
130
MariaDB-3.230
JMFPMX05
Ubuntu 22.04.4 LTS
93
High
122
aivqueue-3.216
JMFPMX01
Ubuntu 22.04.4 LTS
88
High
145
FreePBX-v17
JMFPMX03
Debian 12 (bookworm)
63
Medium
137
Enhance-Backup-Server
JMFPMX03
Ubuntu 24.04.4
61
Medium
132
aivtpcserver-3.217
JMFPMX04
Ubuntu 24.04.4
44
Medium
134
pulse LXC
JMFPMX04
Debian (LXC)
27
Medium
141
WebServer-Enhance
JMFPMX04
Ubuntu 24.04.4
9
Low
139
callcenter
JMFPMX03
Ubuntu 24.04.4
8
Low
RHEL Family guest-exec disabled; status confirmed manually
VMID
Hostname
Node
OS
Status
114
FTP-Production
JMFPMX02
AlmaLinux 10.1
Patched (Greg, 2026-05-10)
121
aivscripttesting3.202
JMFPMX02
AlmaLinux 8.10
Current — migrated from CentOS 7 ~1mo ago
126
aivscript-3.240
JMFPMX04
CentOS 7
EOL — replace
Recommended Action Plan
Tier 1 — patch this week (≥150 backlog):
VM 120 + 142 (MySQL dev pair, 219 each) — snapshot, apt update && apt -y upgrade, reboot if kernel
VM 123 (API-Server, 151) — snapshot first; coordinate with API consumers if reboot needed
Tier 2 — patch in next 2 weeks (60-99):
VM 130 (MariaDB-3.230, 93) — DB box; snapshot and patch in maintenance window
VM 122 (aivqueue, 88)
VM 145 (FreePBX-v17, 63) — Sangoma stack, test SIP after
VM 137 (Enhance-Backup, 61)
Tier 3 — patch monthly cadence (≤50):
VM 132 (aivtpcserver, 44), VM 134 LXC pulse (27), VM 141 (9), VM 139 (8)
Decommission / replace:
VM 126 (CentOS 7, EOL Jun 2024) — migrate workload to AlmaLinux 9 or 10, retire VM
Methodology
Cluster-wide enumeration via pvesh get /cluster/resources --type vm
OS detection via QEMU guest-agent get-osinfo (Windows VMs filtered out)
Patch counts via guest-exec apt list --upgradable (cached metadata) / pct exec for LXC
RHEL family agents have guest-exec disabled (security default) — manual confirmation
14 Linux systems audited; 11 produced live counts, 3 confirmed manually