Rpm

security-exporter returned 0 CVEs on every CentOS and RHEL host. The root cause was a silent data drop: ParsePackages silently skips any line that does not match its exact tab-separated format, and our rpm collector was producing the wrong format. This post covers the full diagnosis, the fix using the vuls-recommended 6-field rpm query, source package extraction using the NVR last-two-hyphens algorithm, and the Helm chart simplification that removed the entire legacy go-cve-dictionary + PostgreSQL pipeline.