docker scan <image> provides many actionable CVE reports for our images, but most users are unaware of this feature.

Please can we follow in dependabot’s footsteps, and have Docker Hub automatically email image owners once each week with a list of actionable CVE’s to patch?