diff --git a/test/docker/expected_results/openssh_4.0p1_test1.txt b/test/docker/expected_results/openssh_4.0p1_test1.txt
index 419105a..3b4a40f 100644
--- a/test/docker/expected_results/openssh_4.0p1_test1.txt
+++ b/test/docker/expected_results/openssh_4.0p1_test1.txt
@@ -6,7 +6,10 @@
 (gen) compression: enabled (zlib)
 
 # security
-(cve) CVE-2018-15473                      -- (CVSSv2: 5.3) enumerate usernames due to timing discrepencies
+(cve) CVE-2020-15778                      -- (CVSSv2: 7.8) command injection via anomalous argument transfers
+(cve) CVE-2018-15473                      -- (CVSSv2: 5.3) enumerate usernames due to timing discrepancies
+(cve) CVE-2017-15906                      -- (CVSSv2: 5.3) readonly bypass via sftp
+(cve) CVE-2016-20012                      -- (CVSSv2: 5.3) enumerate usernames via challenge response
 (cve) CVE-2016-3115                       -- (CVSSv2: 5.5) bypass command restrictions via crafted X11 forwarding data
 (cve) CVE-2014-1692                       -- (CVSSv2: 7.5) cause DoS via triggering error condition (memory corruption)
 (cve) CVE-2012-0814                       -- (CVSSv2: 3.5) leak data via debug messages
diff --git a/test/docker/expected_results/openssh_5.6p1_test1.txt b/test/docker/expected_results/openssh_5.6p1_test1.txt
index 014d7e7..d11b4f5 100644
--- a/test/docker/expected_results/openssh_5.6p1_test1.txt
+++ b/test/docker/expected_results/openssh_5.6p1_test1.txt
@@ -5,7 +5,10 @@
 (gen) compression: enabled (zlib@openssh.com)
 
 # security
-(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepencies
+(cve) CVE-2020-15778                        -- (CVSSv2: 7.8) command injection via anomalous argument transfers
+(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepancies
+(cve) CVE-2017-15906                        -- (CVSSv2: 5.3) readonly bypass via sftp
+(cve) CVE-2016-20012                        -- (CVSSv2: 5.3) enumerate usernames via challenge response
 (cve) CVE-2016-3115                         -- (CVSSv2: 5.5) bypass command restrictions via crafted X11 forwarding data
 (cve) CVE-2016-1907                         -- (CVSSv2: 5.0) cause DoS via crafted network traffic (out of bounds read)
 (cve) CVE-2015-6564                         -- (CVSSv2: 6.9) privilege escalation via leveraging sshd uid
diff --git a/test/docker/expected_results/openssh_5.6p1_test2.txt b/test/docker/expected_results/openssh_5.6p1_test2.txt
index 2a6825f..d127814 100644
--- a/test/docker/expected_results/openssh_5.6p1_test2.txt
+++ b/test/docker/expected_results/openssh_5.6p1_test2.txt
@@ -5,7 +5,10 @@
 (gen) compression: enabled (zlib@openssh.com)
 
 # security
-(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepencies
+(cve) CVE-2020-15778                        -- (CVSSv2: 7.8) command injection via anomalous argument transfers
+(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepancies
+(cve) CVE-2017-15906                        -- (CVSSv2: 5.3) readonly bypass via sftp
+(cve) CVE-2016-20012                        -- (CVSSv2: 5.3) enumerate usernames via challenge response
 (cve) CVE-2016-3115                         -- (CVSSv2: 5.5) bypass command restrictions via crafted X11 forwarding data
 (cve) CVE-2016-1907                         -- (CVSSv2: 5.0) cause DoS via crafted network traffic (out of bounds read)
 (cve) CVE-2015-6564                         -- (CVSSv2: 6.9) privilege escalation via leveraging sshd uid
diff --git a/test/docker/expected_results/openssh_5.6p1_test3.txt b/test/docker/expected_results/openssh_5.6p1_test3.txt
index 657b22e..39ccda1 100644
--- a/test/docker/expected_results/openssh_5.6p1_test3.txt
+++ b/test/docker/expected_results/openssh_5.6p1_test3.txt
@@ -5,7 +5,10 @@
 (gen) compression: enabled (zlib@openssh.com)
 
 # security
-(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepencies
+(cve) CVE-2020-15778                        -- (CVSSv2: 7.8) command injection via anomalous argument transfers
+(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepancies
+(cve) CVE-2017-15906                        -- (CVSSv2: 5.3) readonly bypass via sftp
+(cve) CVE-2016-20012                        -- (CVSSv2: 5.3) enumerate usernames via challenge response
 (cve) CVE-2016-3115                         -- (CVSSv2: 5.5) bypass command restrictions via crafted X11 forwarding data
 (cve) CVE-2016-1907                         -- (CVSSv2: 5.0) cause DoS via crafted network traffic (out of bounds read)
 (cve) CVE-2015-6564                         -- (CVSSv2: 6.9) privilege escalation via leveraging sshd uid
diff --git a/test/docker/expected_results/openssh_5.6p1_test4.txt b/test/docker/expected_results/openssh_5.6p1_test4.txt
index fb48d1c..def1421 100644
--- a/test/docker/expected_results/openssh_5.6p1_test4.txt
+++ b/test/docker/expected_results/openssh_5.6p1_test4.txt
@@ -5,7 +5,10 @@
 (gen) compression: enabled (zlib@openssh.com)
 
 # security
-(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepencies
+(cve) CVE-2020-15778                        -- (CVSSv2: 7.8) command injection via anomalous argument transfers
+(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepancies
+(cve) CVE-2017-15906                        -- (CVSSv2: 5.3) readonly bypass via sftp
+(cve) CVE-2016-20012                        -- (CVSSv2: 5.3) enumerate usernames via challenge response
 (cve) CVE-2016-3115                         -- (CVSSv2: 5.5) bypass command restrictions via crafted X11 forwarding data
 (cve) CVE-2016-1907                         -- (CVSSv2: 5.0) cause DoS via crafted network traffic (out of bounds read)
 (cve) CVE-2015-6564                         -- (CVSSv2: 6.9) privilege escalation via leveraging sshd uid
diff --git a/test/docker/expected_results/openssh_5.6p1_test5.txt b/test/docker/expected_results/openssh_5.6p1_test5.txt
index 5ff250a..0460b2e 100644
--- a/test/docker/expected_results/openssh_5.6p1_test5.txt
+++ b/test/docker/expected_results/openssh_5.6p1_test5.txt
@@ -5,7 +5,10 @@
 (gen) compression: enabled (zlib@openssh.com)
 
 # security
-(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepencies
+(cve) CVE-2020-15778                        -- (CVSSv2: 7.8) command injection via anomalous argument transfers
+(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepancies
+(cve) CVE-2017-15906                        -- (CVSSv2: 5.3) readonly bypass via sftp
+(cve) CVE-2016-20012                        -- (CVSSv2: 5.3) enumerate usernames via challenge response
 (cve) CVE-2016-3115                         -- (CVSSv2: 5.5) bypass command restrictions via crafted X11 forwarding data
 (cve) CVE-2016-1907                         -- (CVSSv2: 5.0) cause DoS via crafted network traffic (out of bounds read)
 (cve) CVE-2015-6564                         -- (CVSSv2: 6.9) privilege escalation via leveraging sshd uid
diff --git a/test/docker/expected_results/openssh_8.0p1_test1.txt b/test/docker/expected_results/openssh_8.0p1_test1.txt
index d7e45b1..aafd004 100644
--- a/test/docker/expected_results/openssh_8.0p1_test1.txt
+++ b/test/docker/expected_results/openssh_8.0p1_test1.txt
@@ -4,6 +4,12 @@
 (gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
 (gen) compression: enabled (zlib@openssh.com)
 
+# security
+(cve) CVE-2021-41617                        -- (CVSSv2: 7.0) privilege escalation via supplemental groups
+(cve) CVE-2020-15778                        -- (CVSSv2: 7.8) command injection via anomalous argument transfers
+(cve) CVE-2019-16905                        -- (CVSSv2: 7.8) memory corruption and local code execution via pre-authentication integer overflow
+(cve) CVE-2016-20012                        -- (CVSSv2: 5.3) enumerate usernames via challenge response
+
 # key exchange algorithms
 (kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
 (kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
diff --git a/test/docker/expected_results/openssh_8.0p1_test2.txt b/test/docker/expected_results/openssh_8.0p1_test2.txt
index a13be8a..a987ab3 100644
--- a/test/docker/expected_results/openssh_8.0p1_test2.txt
+++ b/test/docker/expected_results/openssh_8.0p1_test2.txt
@@ -4,6 +4,12 @@
 (gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
 (gen) compression: enabled (zlib@openssh.com)
 
+# security
+(cve) CVE-2021-41617                        -- (CVSSv2: 7.0) privilege escalation via supplemental groups
+(cve) CVE-2020-15778                        -- (CVSSv2: 7.8) command injection via anomalous argument transfers
+(cve) CVE-2019-16905                        -- (CVSSv2: 7.8) memory corruption and local code execution via pre-authentication integer overflow
+(cve) CVE-2016-20012                        -- (CVSSv2: 5.3) enumerate usernames via challenge response
+
 # key exchange algorithms
 (kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
 (kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
diff --git a/test/docker/expected_results/openssh_8.0p1_test3.txt b/test/docker/expected_results/openssh_8.0p1_test3.txt
index 5b20c3f..3530a63 100644
--- a/test/docker/expected_results/openssh_8.0p1_test3.txt
+++ b/test/docker/expected_results/openssh_8.0p1_test3.txt
@@ -4,6 +4,12 @@
 (gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
 (gen) compression: enabled (zlib@openssh.com)
 
+# security
+(cve) CVE-2021-41617                        -- (CVSSv2: 7.0) privilege escalation via supplemental groups
+(cve) CVE-2020-15778                        -- (CVSSv2: 7.8) command injection via anomalous argument transfers
+(cve) CVE-2019-16905                        -- (CVSSv2: 7.8) memory corruption and local code execution via pre-authentication integer overflow
+(cve) CVE-2016-20012                        -- (CVSSv2: 5.3) enumerate usernames via challenge response
+
 # key exchange algorithms
 (kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
 (kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
diff --git a/test/test_ssh1.py b/test/test_ssh1.py
index d40c157..96e8846 100644
--- a/test/test_ssh1.py
+++ b/test/test_ssh1.py
@@ -138,7 +138,7 @@ class TestSSH1:
         self.audit(out, self._conf())
         out.write()
         lines = output_spy.flush()
-        assert len(lines) == 17
+        assert len(lines) == 21
 
     def test_ssh1_server_invalid_first_packet(self, output_spy, virtual_socket):
         vsocket = virtual_socket
@@ -153,7 +153,7 @@ class TestSSH1:
         out.write()
         assert ret != 0
         lines = output_spy.flush()
-        assert len(lines) == 10
+        assert len(lines) == 14
         assert 'unknown message' in lines[-1]
 
     def test_ssh1_server_invalid_checksum(self, output_spy, virtual_socket):
diff --git a/test/test_ssh2.py b/test/test_ssh2.py
index fc4c0fa..23ce21e 100644
--- a/test/test_ssh2.py
+++ b/test/test_ssh2.py
@@ -147,7 +147,7 @@ class TestSSH2:
         self.audit(out, self._conf())
         out.write()
         lines = output_spy.flush()
-        assert len(lines) == 70
+        assert len(lines) == 74
 
     def test_ssh2_server_invalid_first_packet(self, output_spy, virtual_socket):
         vsocket = virtual_socket
@@ -161,5 +161,5 @@ class TestSSH2:
         out.write()
         assert ret != 0
         lines = output_spy.flush()
-        assert len(lines) == 5
+        assert len(lines) == 9
         assert 'unknown message' in lines[-1]