(installed from /extra)
I was squeamish about being pwned after my password was continually rejected today in terminal. It worked for mounting drives and gparted. Same time too so not a caps lock things. Eventually it worked after continuous lockouts. **WTF??? [**no I did not start a thread for this but read some old ones].
To the point: eos Cinnamon passed with flying colors: “no malicious software”
Like Lynis it offered 100 suggestions like
If not required, consider explicit disabling of core dump in /etc/security/limits.conf file [KRNL-5820]
Related resources
Article: Understand and configure core dumps on Linux: https://linux-audit.com/software/understand-and-configure-core-dumps-work-on-linux/
Website: https://cisofy.com/lynis/controls/KRNL-5820/
Like I can do any of that 
sober..
Had plenty of red boxes but none worrisome.
Only worried about these two:
this means almost nothing, right? if I wanted a cve tool I should get it myself? Is that what I’m seeing?
also in the kernel section a lot of “different” than expected which seems harmless:
Except for the 100 suggestions, I passed, I think, with flying colors. Thanks EOS