diff --git a/src/lib/components/Image.svelte b/src/lib/components/Image.svelte
deleted file mode 100644
index 6f215b49..00000000
--- a/src/lib/components/Image.svelte
+++ /dev/null
@@ -1,93 +0,0 @@
-<script lang="ts">
-	import { page } from '$app/state';
-	import { fragment, graphql, type WorkloadImage } from '$houdini';
-	import { docURL } from '$lib/doc';
-	import SuccessIcon from '$lib/icons/SuccessIcon.svelte';
-	import WarningIcon from '$lib/icons/WarningIcon.svelte';
-	import { BodyShort, Heading, Link } from '@nais/ds-svelte-community';
-	import VulnerabilityBadges from './VulnerabilityBadges.svelte';
-
-	interface Props {
-		workload: WorkloadImage;
-	}
-
-	let { workload }: Props = $props();
-
-	let data = $derived(
-		fragment(
-			workload,
-			graphql(`
-				fragment WorkloadImage on Workload {
-					__typename
-					name
-					image {
-						name
-						hasSBOM
-						tag
-						vulnerabilitySummary {
-							critical
-							high
-							medium
-							low
-							unassigned
-							riskScore
-						}
-					}
-					deployments(first: 1) {
-						nodes {
-							deployerUsername
-							createdAt
-							triggerUrl
-						}
-					}
-				}
-			`)
-		)
-	);
-
-	const imageDetailsUrl = $derived(
-		`/team/${page.params.team}/${page.params.env}/${$data.__typename === 'Application' ? 'app' : 'job'}/${$data.name}/vulnerability-report`
-	);
-
-	const categories = ['critical', 'high', 'medium', 'low', 'unassigned'] as const;
-	const hasFindings = categories.some(
-		(severity) => ($data.image.vulnerabilitySummary?.[severity] ?? 0) > 0
-	);
-</script>
-
-{#if $data.image}
-	{@const image = $data.image}
-	<div class="wrapper">
-		<Heading level="3" size="small">Vulnerabilities</Heading>
-
-		{#if !image.hasSBOM && image.vulnerabilitySummary !== null}
-			<BodyShort>
-				<WarningIcon class="text-aligned-icon" /> Data was discovered, but the SBOM was not rendered.
-				Refer to the <Link href={docURL('/services/vulnerabilities/')}>Nais documentation</Link> for
-				further assistance.
-			</BodyShort>
-		{:else if image.vulnerabilitySummary === null}
-			<BodyShort>
-				<WarningIcon class="text-aligned-icon" /> No data found.
-				<a href={docURL('/services/vulnerabilities/how-to/sbom/')} target="_blank">How to fix</a>
-			</BodyShort>
-		{:else if image.hasSBOM && image.vulnerabilitySummary && hasFindings}
-			<VulnerabilityBadges summary={image.vulnerabilitySummary} />
-		{:else if image.hasSBOM}
-			<BodyShort>
-				<SuccessIcon class="text-aligned-icon" /> No vulnerabilities found. Good work!
-			</BodyShort>
-		{/if}
-
-		<Link href={imageDetailsUrl}>View vulnerability report</Link>
-	</div>
-{/if}
-
-<style>
-	.wrapper {
-		display: flex;
-		flex-direction: column;
-		gap: var(--a-spacing-1);
-		align-items: start;
-	}
-</style>
diff --git a/src/lib/components/VulnerabilitySummary.svelte b/src/lib/components/TeamVulnerabilitySummary.svelte
similarity index 100%
rename from src/lib/components/VulnerabilitySummary.svelte
rename to src/lib/components/TeamVulnerabilitySummary.svelte
diff --git a/src/lib/components/Vulnerability.svelte b/src/lib/components/Vulnerability.svelte
index 9fdf4733..e6f36e28 100644
--- a/src/lib/components/Vulnerability.svelte
+++ b/src/lib/components/Vulnerability.svelte
@@ -18,7 +18,7 @@
 {:else if count === PendingValue}
 	<Skeleton variant="circle" width={size} height={size} />
 {:else if count > 0}
-	<VulnerabilityBadge text={String(count)} color={severityToColor(severity)} {size} />
+	<VulnerabilityBadge text={String(count)} color={severityToColor({ severity: severity })} {size} />
 {:else}
 	<code class="check">&check;</code>
 {/if}
diff --git a/src/lib/components/VulnerabilityBadges.svelte b/src/lib/components/VulnerabilityBadges.svelte
index ebd0fb5b..9bbec87e 100644
--- a/src/lib/components/VulnerabilityBadges.svelte
+++ b/src/lib/components/VulnerabilityBadges.svelte
@@ -26,48 +26,52 @@
 	const categories = ['critical', 'high', 'medium', 'low', 'unassigned'] as const;
 </script>
 
-<div class="vulnerability-summary">
+<div class="wrapper">
+	<div class="vulnerability-summary">
+		{#if summary !== PendingValue}
+			{#each categories as category (category)}
+				<BodyShort
+					class="vulnerability-count"
+					style="background-color: {severityToColor({ severity: category })}"
+				>
+					{summary[category]}
+				</BodyShort>
+				<div class="category">{category}</div>
+			{/each}
+		{:else}
+			<Loader />
+		{/if}
+	</div>
+
 	{#if summary !== PendingValue}
-		{#each categories as category (category)}
-			<BodyShort class="vulnerability-count" style="background-color: {severityToColor(category)}">
-				{summary[category]}
-			</BodyShort>
-			<div class="category">{category}</div>
-		{/each}
-	{:else}
-		<Loader />
-	{/if}
-</div>
-{#if summary !== PendingValue}
-	<div class="container">
-		<dl>
+		<BodyShort>
 			{#if summary['riskScore']}
-				<dt>Risk score:</dt>
-				<dd>
-					<span class={summary['riskScore'] > 100 ? 'red' : 'green'}>{summary['riskScore']}</span>
-				</dd>
-				<!--HelpText title="Risk score"
-				>The risk score is a calculated value based on the severity of the vulnerabilities
-				discovered within the workloads. A higher risk score indicates a higher risk of
-				exploitation. Algorithms may vary, but a common approach is to assign a score based on the
-				severity of the vulnerabilities found. The Score is calculated: "((critical * 10) + (high *
-				5) + (medium * 3) + (low * 1) + (unassigned * 5))".
-			</HelpText-->
+				<strong>Risk score:</strong>
+				{#if summary['coverage']}
+					{summary['riskScore']}
+				{:else if summary['riskScore'] > 100}
+					<span class="red">{summary['riskScore']}</span> (above defined threshold of 100)
+				{:else}
+					<span class="green">{summary['riskScore']}</span>
+				{/if}
 			{/if}
-
+		</BodyShort>
+		<BodyShort>
 			{#if summary['coverage']}
-				<dt>Coverage:</dt>
-				<dd>
-					<span class={summary['coverage'] < 100 ? 'red' : 'green'}
-						>{percentageFormatter(summary['coverage'] ? summary['coverage'] : 0, 0)}</span
-					>
-				</dd>
+				<strong>Coverage:</strong>
+				<span class={summary['coverage'] < 100 ? 'red' : 'green'}
+					>{percentageFormatter(summary['coverage'] ? summary['coverage'] : 0, 0)}</span
+				>
 			{/if}
-		</dl>
-	</div>
-{/if}
+		</BodyShort>
+	{/if}
+</div>
 
 <style>
+	.wrapper {
+		display: grid;
+		row-gap: var(--a-spacing-2);
+	}
 	.category {
 		text-transform: capitalize;
 	}
@@ -95,12 +99,6 @@
 		}
 	}
 
-	.container {
-		display: flex;
-		gap: 0.5rem;
-		justify-content: space-between;
-	}
-
 	.red {
 		color: var(--a-surface-danger);
 	}
@@ -108,21 +106,4 @@
 	.green {
 		color: var(--a-surface-success);
 	}
-
-	dl {
-		display: grid;
-		grid-template-columns: 90px auto;
-		margin-block-start: 0;
-		margin-block-end: 0;
-		padding-top: var(--a-spacing-4);
-	}
-
-	dt {
-		font-weight: bold;
-		text-align: left;
-	}
-
-	dd {
-		margin: 0;
-	}
 </style>
diff --git a/src/lib/components/WorkloadDeploy.svelte b/src/lib/components/WorkloadDeploy.svelte
index 15d13abf..6b118605 100644
--- a/src/lib/components/WorkloadDeploy.svelte
+++ b/src/lib/components/WorkloadDeploy.svelte
@@ -1,9 +1,11 @@
 <script lang="ts">
 	import { fragment, graphql, type WorkloadDeploy } from '$houdini';
 	import Time from '$lib/Time.svelte';
+	import { getImageDisplayName } from '$lib/utils/image';
 	import { isValidSha } from '$lib/utils/isValidSha';
 	import { BodyShort, Heading, Link, Tag } from '@nais/ds-svelte-community';
 	import { ExternalLinkIcon } from '@nais/ds-svelte-community/icons';
+	import WorkloadLink from './WorkloadLink.svelte';
 
 	interface Props {
 		workload: WorkloadDeploy;
@@ -17,7 +19,29 @@
 			graphql(`
 				fragment WorkloadDeploy on Workload {
 					__typename
+					id
 					name
+					image {
+						name
+						tag
+						workloadReferences {
+							nodes {
+								workload {
+									id
+									__typename
+									team {
+										slug
+									}
+									teamEnvironment {
+										environment {
+											name
+										}
+									}
+									name
+								}
+							}
+						}
+					}
 					deployments(first: 1) {
 						nodes {
 							deployerUsername
@@ -40,6 +64,12 @@
 	let deploymentInfo = $derived(
 		$data.deployments.nodes.length > 0 ? $data.deployments.nodes[0] : null
 	);
+
+	const relatedWorkloads = $derived(
+		$data.image.workloadReferences.nodes
+			.map((node) => node.workload)
+			.filter((workload) => workload.id !== $data.id)
+	);
 </script>
 
 <div class="wrapper">
@@ -69,6 +99,25 @@
 		<BodyShort>No deployment metadata found for workload.</BodyShort>
 	{/if}
 </div>
+<div class="wrapper">
+	<Heading level="3" size="small">Image</Heading>
+	{#if $data.image.name.startsWith('europe-north1-docker.pkg.dev')}
+		<a href="https://{$data.image.name + ':' + $data.image.tag}">
+			<span
+				>{getImageDisplayName($data.image.name)}:{$data.image.tag}
+				<ExternalLinkIcon /></span
+			>
+		</a>
+	{:else}
+		{$data.image.name}:{$data.image.tag}
+	{/if}
+	{#if relatedWorkloads.length > 0}
+		<Heading level="4" size="xsmall">Other workloads using this image</Heading>
+		{#each relatedWorkloads as workload (workload.id)}
+			<WorkloadLink {workload} />
+		{/each}
+	{/if}
+</div>
 
 <style>
 	.wrapper {
diff --git a/src/lib/components/WorkloadVulnerabilitySummary.svelte b/src/lib/components/WorkloadVulnerabilitySummary.svelte
new file mode 100644
index 00000000..7dc2f625
--- /dev/null
+++ b/src/lib/components/WorkloadVulnerabilitySummary.svelte
@@ -0,0 +1,67 @@
+<script lang="ts">
+	import { docURL } from '$lib/doc';
+	import WarningIcon from '$lib/icons/WarningIcon.svelte';
+	import { BodyShort, Link } from '@nais/ds-svelte-community';
+	import VulnerabilityBadges from './VulnerabilityBadges.svelte';
+
+	interface Props {
+		showReportLink?: boolean;
+		workload: {
+			__typename: string | null;
+			name: string;
+			team: {
+				slug: string;
+			};
+			teamEnvironment: {
+				environment: {
+					name: string;
+				};
+			};
+			image: {
+				hasSBOM: boolean;
+				vulnerabilitySummary: {
+					critical: number;
+					high: number;
+					medium: number;
+					low: number;
+					unassigned: number;
+					riskScore: number;
+				} | null;
+			};
+		};
+	}
+
+	const { workload, showReportLink = true }: Props = $props();
+
+	const { image } = workload;
+
+	const imageDetailsUrl = $derived(
+		`/team/${workload.team.slug}/${workload.teamEnvironment.environment.name}/${workload.__typename === 'Application' ? 'app' : 'job'}/${workload.name}/vulnerability-report`
+	);
+</script>
+
+<div class="wrapper">
+	{#if image.hasSBOM && image.vulnerabilitySummary}
+		<VulnerabilityBadges summary={image.vulnerabilitySummary} />
+		{#if showReportLink}
+			<Link href={imageDetailsUrl}>View vulnerability report</Link>
+		{/if}
+	{:else}
+		<BodyShort>
+			<WarningIcon class="text-aligned-icon" /> No vulnerability data available. Learn how to generate
+			SBOMs and attestations for your workloads in the
+			<a href={docURL('/services/vulnerabilities/how-to/sbom/')} target="_blank"
+				>Nais documentation
+			</a>.
+		</BodyShort>
+	{/if}
+</div>
+
+<style>
+	.wrapper {
+		display: flex;
+		flex-direction: column;
+		gap: var(--a-spacing-1);
+		align-items: start;
+	}
+</style>
diff --git a/src/lib/components/WorkloadsWithSBOM.svelte b/src/lib/components/WorkloadsWithVulnerabilities.svelte
similarity index 100%
rename from src/lib/components/WorkloadsWithSBOM.svelte
rename to src/lib/components/WorkloadsWithVulnerabilities.svelte
diff --git a/src/lib/components/errors/ErrorMessage.svelte b/src/lib/components/errors/ErrorMessage.svelte
index 3e55a75c..2872323c 100644
--- a/src/lib/components/errors/ErrorMessage.svelte
+++ b/src/lib/components/errors/ErrorMessage.svelte
@@ -2,9 +2,9 @@
 	export const supportedErrorTypes = [
 		'WorkloadStatusInvalidNaisYaml',
 		'WorkloadStatusSynchronizationFailing',
-		'WorkloadStatusDeprecatedRegistry',
 		'WorkloadStatusNoRunningInstances',
 		'WorkloadStatusFailedRun',
+		'WorkloadStatusDeprecatedRegistry',
 		'WorkloadStatusVulnerable'
 	] as const;
 </script>
@@ -52,8 +52,10 @@
 					  }
 					| {
 							__typename: 'WorkloadStatusVulnerable';
-							riskScore: number;
-							critical: number;
+							summary: {
+								riskScore: number;
+								critical: number;
+							};
 					  }
 			  ))
 			| { __typename: "non-exhaustive; don't match this" };
@@ -172,13 +174,13 @@
 					</BodyLong>
 				{:else if error.__typename === 'WorkloadStatusVulnerable'}
 					<BodyLong>
-						{#if error.riskScore > 100}
+						{#if error.summary.riskScore > 100}
 							<strong>Risk Score:</strong>
-							{error.riskScore} (Exceeds threshold of 100)<br />
+							{error.summary.riskScore} (Exceeds threshold of 100)<br />
 						{/if}
-						{#if error.critical > 0}
+						{#if error.summary.critical > 0}
 							<strong>Critical Vulnerabilities:</strong>
-							{error.critical}
+							{error.summary.critical}
 						{/if}
 					</BodyLong>
 					<BodyLong>
diff --git a/src/lib/components/errors/RiskScore.stories.svelte b/src/lib/components/errors/RiskScore.stories.svelte
index fe22e2bf..84221118 100644
--- a/src/lib/components/errors/RiskScore.stories.svelte
+++ b/src/lib/components/errors/RiskScore.stories.svelte
@@ -15,8 +15,10 @@
 		error={{
 			__typename: 'WorkloadStatusVulnerable',
 			level: 'WARNING',
-			riskScore: 276,
-			critical: 0
+			summary: {
+				riskScore: 276,
+				critical: 0
+			}
 		}}
 		teamSlug="team-service-management"
 		workloadName="ip-lookup-preprod"
@@ -31,8 +33,10 @@
 		error={{
 			__typename: 'WorkloadStatusVulnerable',
 			level: 'WARNING',
-			riskScore: 70,
-			critical: 7
+			summary: {
+				riskScore: 70,
+				critical: 7
+			}
 		}}
 		teamSlug="team-service-management"
 		workloadName="ip-lookup-preprod"
@@ -47,8 +51,10 @@
 		error={{
 			__typename: 'WorkloadStatusVulnerable',
 			level: 'WARNING',
-			riskScore: 276,
-			critical: 1
+			summary: {
+				riskScore: 276,
+				critical: 1
+			}
 		}}
 		teamSlug="team-service-management"
 		workloadName="ip-lookup-preprod"
diff --git a/src/lib/components/image/ImageVulnerabilities.svelte b/src/lib/components/image/ImageVulnerabilities.svelte
index c8c8f208..7d1a1d92 100644
--- a/src/lib/components/image/ImageVulnerabilities.svelte
+++ b/src/lib/components/image/ImageVulnerabilities.svelte
@@ -3,7 +3,17 @@
 	import Pagination from '$lib/Pagination.svelte';
 	import { changeParams } from '$lib/utils/searchparams';
 	import { severityToColor } from '$lib/utils/vulnerabilities';
-	import { Button, Heading, Table, Tbody, Td, Th, Thead, Tr } from '@nais/ds-svelte-community';
+	import {
+		Button,
+		Heading,
+		Loader,
+		Table,
+		Tbody,
+		Td,
+		Th,
+		Thead,
+		Tr
+	} from '@nais/ds-svelte-community';
 	import { CheckmarkIcon } from '@nais/ds-svelte-community/icons';
 	import { untrack } from 'svelte';
 	import type { ImageVulnerabilitiesVariables } from './$houdini';
@@ -147,32 +157,32 @@
 	};
 </script>
 
-<Heading level="4" size="small">Vulnerabilities</Heading>
-<Table
-	size="small"
-	sort={{
-		orderBy: tableSort.orderBy || ImageVulnerabilityOrderField.SEVERITY,
-		direction: tableSort.direction === 'ASC' ? 'ascending' : 'descending'
-	}}
-	onsortchange={tableSortChange}
->
-	<Thead>
-		<Tr>
-			<Th style="width: 13rem" sortable={true} sortKey={ImageVulnerabilityOrderField.IDENTIFIER}
-				>ID</Th
-			>
-			<Th sortable={true} sortKey={ImageVulnerabilityOrderField.PACKAGE}>Package</Th>
-			<Th style="width: 7rem " sortable={true} sortKey={ImageVulnerabilityOrderField.SEVERITY}
-				>Severity</Th
-			>
-			<Th style="width: 3rem" sortable={true} sortKey={ImageVulnerabilityOrderField.SUPPRESSED}
-				>Suppressed</Th
-			>
-			<Th sortable={true} sortKey={ImageVulnerabilityOrderField.STATE}>State</Th>
-		</Tr>
-	</Thead>
-	<Tbody>
-		{#if $vulnerabilities.data}
+<Heading level="2" size="medium" spacing>Vulnerabilities</Heading>
+{#if $vulnerabilities.data}
+	<Table
+		size="small"
+		sort={{
+			orderBy: tableSort.orderBy || ImageVulnerabilityOrderField.SEVERITY,
+			direction: tableSort.direction === 'ASC' ? 'ascending' : 'descending'
+		}}
+		onsortchange={tableSortChange}
+	>
+		<Thead>
+			<Tr>
+				<Th style="width: 13rem" sortable={true} sortKey={ImageVulnerabilityOrderField.IDENTIFIER}
+					>ID</Th
+				>
+				<Th sortable={true} sortKey={ImageVulnerabilityOrderField.PACKAGE}>Package</Th>
+				<Th style="width: 7rem " sortable={true} sortKey={ImageVulnerabilityOrderField.SEVERITY}
+					>Severity</Th
+				>
+				<Th style="width: 3rem" sortable={true} sortKey={ImageVulnerabilityOrderField.SUPPRESSED}
+					>Suppressed</Th
+				>
+				<Th sortable={true} sortKey={ImageVulnerabilityOrderField.STATE}>State</Th>
+			</Tr>
+		</Thead>
+		<Tbody>
 			{@const vulnz = $vulnerabilities.data.team.environment.workload.image.vulnerabilities.nodes}
 			{#each vulnz as v (v)}
 				<Tr>
@@ -194,8 +204,11 @@
 					</Td>
 					<Td><code>{v.package}</code></Td>
 					<Td
-						><code style="color: {severityToColor(v.severity.toLocaleLowerCase())}"
-							>{v.severity}</code
+						><code
+							style="color: {severityToColor({
+								severity: v.severity.toLocaleLowerCase(),
+								isText: true
+							})}">{v.severity}</code
 						></Td
 					>
 					<Td style="text-align: center">
@@ -222,9 +235,14 @@
 					<Td colspan={999}>No vulnerabilities</Td>
 				</Tr>
 			{/each}
-		{/if}
-	</Tbody>
-</Table>
+		</Tbody>
+	</Table>
+{:else}
+	<div style="display: flex; justify-content: center; align-items: center; height: 200px;">
+		<Loader size="2xlarge" />
+	</div>
+{/if}
+
 {#if image}
 	<Pagination
 		page={image.vulnerabilities.pageInfo}
diff --git a/src/lib/components/image/ImageWorkloadReferences.svelte b/src/lib/components/image/ImageWorkloadReferences.svelte
index 6aa440d3..619445f4 100644
--- a/src/lib/components/image/ImageWorkloadReferences.svelte
+++ b/src/lib/components/image/ImageWorkloadReferences.svelte
@@ -1,8 +1,5 @@
 <script lang="ts">
 	import { fragment, graphql, type ImageWorkloadReferences } from '$houdini';
-	import Time from '$lib/Time.svelte';
-
-	import { Heading, Table, Tbody, Td, Th, Thead, Tr } from '@nais/ds-svelte-community';
 	import WorkloadLink from '../WorkloadLink.svelte';
 
 	interface Props {
@@ -30,12 +27,6 @@
 									}
 								}
 								name
-								deployments(first: 1) {
-									nodes {
-										triggerUrl
-										createdAt
-									}
-								}
 							}
 						}
 					}
@@ -45,48 +36,6 @@
 	);
 </script>
 
-<div class="workloads">
-	<Heading level="4" size="small" spacing>Workloads using image</Heading>
-	<Table size="small">
-		<Thead>
-			<Tr>
-				<Th>Workload</Th>
-				<Th>Deploy ref</Th>
-				<Th>Age</Th>
-			</Tr>
-		</Thead>
-		<Tbody>
-			{#each $workloadRefs.workloadReferences.nodes as node (node.workload.id)}
-				{@const { workload } = node}
-				{@const deployInfo =
-					workload.deployments.nodes.length > 0 ? workload.deployments.nodes[0] : null}
-				<Tr>
-					<Td>
-						<WorkloadLink {workload} />
-					</Td>
-					<Td>
-						{#if deployInfo?.triggerUrl}
-							<a href={deployInfo?.triggerUrl} target="_blank">Run</a>
-						{/if}
-					</Td>
-					<Td
-						>{#if deployInfo?.createdAt}
-							<Time distance time={deployInfo.createdAt} />
-						{/if}
-					</Td>
-				</Tr>
-			{:else}
-				<Tr>
-					<Td colspan={5}>No workloads found using this image in Dependency-Track</Td>
-				</Tr>
-			{/each}
-		</Tbody>
-	</Table>
-</div>
-
-<style>
-	.workloads {
-		display: flex;
-		flex-direction: column;
-	}
-</style>
+{#each $workloadRefs.workloadReferences.nodes as node (node.workload.id)}
+	<WorkloadLink workload={node.workload} />
+{/each}
diff --git a/src/lib/components/image/TrailFinding.svelte b/src/lib/components/image/TrailFinding.svelte
index 7e18dd04..ef1c26c9 100644
--- a/src/lib/components/image/TrailFinding.svelte
+++ b/src/lib/components/image/TrailFinding.svelte
@@ -111,51 +111,6 @@
 									<Td><Time time={node.timestamp} distance={true} /></Td>
 								</Tr>
 							{/if}
-							{#if node}
-								<Tr>
-									<Td>{node.onBehalfOf}</Td>
-									<Td>{node.state}</Td>
-									<Td>{node.suppressed}</Td>
-									<Td>{node.comment}</Td>
-									<Td><Time time={node.timestamp} distance={true} /></Td>
-								</Tr>
-							{/if}
-							{#if node}
-								<Tr>
-									<Td>{node.onBehalfOf}</Td>
-									<Td>{node.state}</Td>
-									<Td>{node.suppressed}</Td>
-									<Td>{node.comment}</Td>
-									<Td><Time time={node.timestamp} distance={true} /></Td>
-								</Tr>
-							{/if}
-							{#if node}
-								<Tr>
-									<Td>{node.onBehalfOf}</Td>
-									<Td>{node.state}</Td>
-									<Td>{node.suppressed}</Td>
-									<Td>{node.comment}</Td>
-									<Td><Time time={node.timestamp} distance={true} /></Td>
-								</Tr>
-							{/if}
-							{#if node}
-								<Tr>
-									<Td>{node.onBehalfOf}</Td>
-									<Td>{node.state}</Td>
-									<Td>{node.suppressed}</Td>
-									<Td>{node.comment}</Td>
-									<Td><Time time={node.timestamp} distance={true} /></Td>
-								</Tr>
-							{/if}
-							{#if node}
-								<Tr>
-									<Td>{node.onBehalfOf}</Td>
-									<Td>{node.state}</Td>
-									<Td>{node.suppressed}</Td>
-									<Td>{node.comment}</Td>
-									<Td><Time time={node.timestamp} distance={true} /></Td>
-								</Tr>
-							{/if}
 						{/each}
 					{/if}
 				</Tbody>
diff --git a/src/lib/components/image/imageUtils.ts b/src/lib/components/image/imageUtils.ts
index b62c2768..2014d0e4 100644
--- a/src/lib/components/image/imageUtils.ts
+++ b/src/lib/components/image/imageUtils.ts
@@ -39,5 +39,8 @@ export const detailsUrl = (vulnId: string) => {
 	if (vulnId.startsWith('RUSTSEC')) {
 		return `https://rustsec.org/advisories/${vulnId}`;
 	}
+	if (vulnId.startsWith('UBUNTU')) {
+		return `https://ubuntu.com/security/${vulnId.replace(/^UBUNTU-/, '')}`;
+	}
 	return '';
 };
diff --git a/src/lib/menuItems.test.ts b/src/lib/menuItems.test.ts
index 24fec386..f9997c2f 100644
--- a/src/lib/menuItems.test.ts
+++ b/src/lib/menuItems.test.ts
@@ -15,7 +15,8 @@ describe('menuItems', () => {
 				menuItems({
 					path: '/team/devteam',
 					features,
-					member: true
+					member: true,
+					isAdmin: false
 				})
 			).toEqual([
 				[{ label: 'Team overview', href: '/team/devteam', active: true }],
@@ -53,7 +54,8 @@ describe('menuItems', () => {
 			expect(
 				menuItems({
 					path: '/team/nais/prod-gcp/secret/github-backup-config',
-					member: true
+					member: true,
+					isAdmin: false
 				})
 					.flatMap((g) => g)
 					.find((i) => i.label === 'Secrets')?.active
@@ -64,7 +66,8 @@ describe('menuItems', () => {
 			expect(
 				menuItems({
 					path: '/team/nais/prod-gcp/postgres/gemini',
-					member: true
+					member: true,
+					isAdmin: false
 				})
 					.flatMap((g) => g)
 					.find((i) => i.label === 'Postgres')?.active
@@ -76,7 +79,8 @@ describe('menuItems', () => {
 				menuItems({
 					path: '/team/nais/prod-gcp/valkey/gemini',
 					features,
-					member: true
+					member: true,
+					isAdmin: false
 				})
 					.flatMap((g) => g)
 					.find((i) => i.label === 'Valkey')?.active
@@ -87,7 +91,8 @@ describe('menuItems', () => {
 			expect(
 				menuItems({
 					path: '/team/devteam/jobs',
-					member: true
+					member: true,
+					isAdmin: false
 				})
 					.flatMap((g) => g)
 					.find((i) =>
@@ -101,7 +106,8 @@ describe('menuItems', () => {
 				menuItems({
 					path: '/team/tbd/jobs',
 					features,
-					member: false
+					member: false,
+					isAdmin: false
 				})
 					.flatMap((g) => g)
 					.find((i) => ['Secrets', 'Activity log', 'Settings'].includes(i.label))
@@ -113,6 +119,7 @@ describe('menuItems', () => {
 				path: '/team/tbd/jobs',
 				features,
 				member: true,
+				isAdmin: false,
 				inventory: {
 					applications: { total: 42, notNais: 10 },
 					jobs: { total: 1, notNais: 1 },
@@ -145,6 +152,18 @@ describe('menuItems', () => {
 				{ label: 'BigQuery', count: 49 }
 			]);
 		});
+		test('show settings when admin', () => {
+			expect(
+				menuItems({
+					path: '/team/nais',
+					features,
+					member: false,
+					isAdmin: true
+				})
+					.flatMap((g) => g)
+					.find((i) => ['Settings'].includes(i.label))
+			).toBeDefined();
+		});
 	});
 
 	describe('workload menu', () => {
@@ -152,7 +171,8 @@ describe('menuItems', () => {
 			expect(
 				menuItems({
 					path: '/team/devteam/dev/app/app-w-all-storage/utilization',
-					member: true
+					member: true,
+					isAdmin: false
 				})
 			).toEqual([
 				[{ label: 'App overview', href: '/team/devteam/dev/app/app-w-all-storage' }],
@@ -187,7 +207,8 @@ describe('menuItems', () => {
 			expect(
 				menuItems({
 					path: '/team/devteam/dev/job/dataproduct-apps-topics/vulnerability-report',
-					member: false
+					member: false,
+					isAdmin: false
 				})
 					.flatMap((g) => g)
 					.find((i) => ['Delete'].includes(i.label))
diff --git a/src/lib/menuItems.ts b/src/lib/menuItems.ts
index 7419f032..3a53b253 100644
--- a/src/lib/menuItems.ts
+++ b/src/lib/menuItems.ts
@@ -2,7 +2,8 @@ export const menuItems = ({
 	path,
 	features,
 	member,
-	inventory
+	inventory,
+	isAdmin
 }: {
 	path: string;
 	features?: {
@@ -24,6 +25,7 @@ export const menuItems = ({
 		kafkaTopics: { total: number };
 		bigQueryDatasets: { total: number };
 	};
+	isAdmin: boolean;
 }): { label: string; href: string; active?: boolean; count?: number; badge?: boolean }[][] => {
 	const split = path.split('/');
 
@@ -111,7 +113,7 @@ export const menuItems = ({
 		[
 			menuItem('Members', 'members'),
 			menuItem('Repositories', 'repositories'),
-			member && menuItem('Settings', 'settings'),
+			(member || isAdmin) && menuItem('Settings', 'settings'),
 			member && menuItem('Activity log', 'activity-log')
 		].filter(Boolean) as { label: string; href: string; active?: boolean }[]
 	];
diff --git a/src/lib/utils/image.test.ts b/src/lib/utils/image.test.ts
new file mode 100644
index 00000000..634ae749
--- /dev/null
+++ b/src/lib/utils/image.test.ts
@@ -0,0 +1,14 @@
+import { getImageDisplayName } from './image';
+
+test.each([
+	[
+		'europe-north1-docker.pkg.dev/nais-management-233d/klage/kabal-e2e-tests',
+		'klage/kabal-e2e-tests'
+	],
+	[
+		'europe-north1-docker.pkg.dev/nais-io/nais/images/dataproduct-topics',
+		'nais/images/dataproduct-topics'
+	]
+])('getImageDisplayName(%s)', (name, expected) => {
+	expect(getImageDisplayName(name)).toBe(expected);
+});
diff --git a/src/lib/utils/image.ts b/src/lib/utils/image.ts
index 18cfc70e..7cf7ab16 100644
--- a/src/lib/utils/image.ts
+++ b/src/lib/utils/image.ts
@@ -1,4 +1,7 @@
-export const parseImage = (image: string) => {
+export const parseImage = (image?: string) => {
+	if (!image) {
+		return {};
+	}
 	const tag = image.split(':')[1];
 	const name = image.split(':')[0].split('/').pop();
 	const registry = image.split('/')[0];
@@ -8,3 +11,7 @@ export const parseImage = (image: string) => {
 	}
 	return { registry, repository, name, tag };
 };
+
+export const getImageDisplayName = (name: string): string => {
+	return name.split('/').slice(2).join('/');
+};
diff --git a/src/lib/utils/vulnerabilities.ts b/src/lib/utils/vulnerabilities.ts
index 291a1041..52adc4dc 100644
--- a/src/lib/utils/vulnerabilities.ts
+++ b/src/lib/utils/vulnerabilities.ts
@@ -1,16 +1,39 @@
-export function severityToColor(severity: string): string {
-	switch (severity) {
-		case 'critical':
-			return 'var(--a-red-200)';
-		case 'high':
-			return 'color-mix(in oklab, var(--a-red-200), var(--a-orange-200))';
-		case 'medium':
-			return 'var(--a-orange-200)';
-		case 'low':
-			return 'var(--a-green-200)';
-		case 'unassigned':
-			return 'var(--a-gray-200)';
-		default:
-			return 'var(--a-gray-200)';
+export function severityToColor({
+	severity,
+	isText
+}: {
+	severity: string;
+	isText?: boolean;
+}): string {
+	if (isText) {
+		switch (severity) {
+			case 'critical':
+				return 'var(--a-red-400)';
+			case 'high':
+				return 'color-mix(in oklab, var(--a-red-400), var(--a-orange-400))';
+			case 'medium':
+				return 'var(--a-orange-400)';
+			case 'low':
+				return 'var(--a-green-400)';
+			case 'unassigned':
+				return 'var(--a-gray-400)';
+			default:
+				return 'var(--a-gray-400)';
+		}
+	} else {
+		switch (severity) {
+			case 'critical':
+				return 'var(--a-red-200)';
+			case 'high':
+				return 'color-mix(in oklab, var(--a-red-200), var(--a-orange-200))';
+			case 'medium':
+				return 'var(--a-orange-200)';
+			case 'low':
+				return 'var(--a-green-200)';
+			case 'unassigned':
+				return 'var(--a-gray-200)';
+			default:
+				return 'var(--a-gray-200)';
+		}
 	}
 }
diff --git a/src/routes/admin/+page.ts b/src/routes/admin/+page.ts
deleted file mode 100644
index 784815cd..00000000
--- a/src/routes/admin/+page.ts
+++ /dev/null
@@ -1,13 +0,0 @@
-// TODO: Denne trengs vel ikke lenger? Kommenterer ut for å få npm run check ok.
-/*import { error } from '@sveltejs/kit';
-import type { AdminUsersVariables } from './$houdini';
-export const _AdminUsersVariables: AdminUsersVariables = ({ url }) => {
-	const page = parseInt(url.searchParams.get('page') || '1');
-	if (!page || page < 1) {
-		error(400, 'Bad pagenumber');
-	}
-	const limit = 50;
-	const offset = (page - 1) * limit;
-
-	return { limit, offset };
-};*/
diff --git a/src/routes/dataproduct/image/+page.gql b/src/routes/dataproduct/image/+page.gql
index 80073d78..4372e95b 100644
--- a/src/routes/dataproduct/image/+page.gql
+++ b/src/routes/dataproduct/image/+page.gql
@@ -15,6 +15,12 @@ query AllImages {
 							name
 						}
 					}
+					image {
+						hasSBOM
+						vulnerabilitySummary {
+							riskScore
+						}
+					}
 
 					status {
 						errors {
diff --git a/src/routes/team/[team]/+layout.svelte b/src/routes/team/[team]/+layout.svelte
index 18567ce6..1ccbf7db 100644
--- a/src/routes/team/[team]/+layout.svelte
+++ b/src/routes/team/[team]/+layout.svelte
@@ -19,6 +19,10 @@
 	} = $derived(data);
 	const gitHubOrganization = page.data.githubOrganization;
 	const gitHubTeam = $derived(externalResources.gitHubTeam?.slug);
+
+	const isAdmin = $derived(
+		UserInfo.data?.me.__typename === 'User' ? UserInfo.data?.me.isAdmin : false
+	);
 </script>
 
 <svelte:head><title>{teamSlug} - Console</title></svelte:head>
@@ -37,7 +41,7 @@
 	{/if}
 
 	<div class="main">
-		<Menu features={UserInfo.data?.features} member={viewerIsMember} {teamSlug} />
+		<Menu features={UserInfo.data?.features} member={viewerIsMember} {teamSlug} {isAdmin} />
 		<div class="container">
 			<PageHeader {gitHubOrganization} {gitHubTeam} {purpose} {slackChannel} />
 
diff --git a/src/routes/team/[team]/+page.svelte b/src/routes/team/[team]/+page.svelte
index d937710b..6441bad3 100644
--- a/src/routes/team/[team]/+page.svelte
+++ b/src/routes/team/[team]/+page.svelte
@@ -4,11 +4,11 @@
 	import AggregatedCostForTeam from '$lib/components/AggregatedCostForTeam.svelte';
 	import Deploys from '$lib/components/TeamDeployments.svelte';
 	import TeamUtilizationAndOverage from '$lib/components/TeamUtilizationAndOverage.svelte';
-	import VulnerabilitySummary from '$lib/components/VulnerabilitySummary.svelte';
 	import { Alert, Heading } from '@nais/ds-svelte-community';
 
 	import { supportedErrorTypes } from '$lib/components/errors/ErrorMessage.svelte';
 	import TeamErrorMessage from '$lib/components/errors/TeamErrorMessage.svelte';
+	import TeamVulnerabilitySummary from '$lib/components/TeamVulnerabilitySummary.svelte';
 	import type { PageProps } from './$houdini';
 
 	let { data }: PageProps = $props();
@@ -59,7 +59,7 @@
 	</Card-->
 
 	<Card rows={1} columns={3}>
-		<VulnerabilitySummary {teamSlug} />
+		<TeamVulnerabilitySummary {teamSlug} />
 	</Card>
 
 	<Card rows={1} columns={3}>
diff --git a/src/routes/team/[team]/Menu.svelte b/src/routes/team/[team]/Menu.svelte
index f6755d8c..1bd6329a 100644
--- a/src/routes/team/[team]/Menu.svelte
+++ b/src/routes/team/[team]/Menu.svelte
@@ -7,10 +7,12 @@
 
 	const {
 		member,
+		isAdmin,
 		features,
 		teamSlug
 	}: {
 		member: boolean;
+		isAdmin: boolean;
 		features?: {
 			unleash: { enabled: boolean };
 			redis: { enabled: boolean };
@@ -71,6 +73,7 @@
 		path: page.url.pathname,
 		member,
 		inventory: $Inventory.fetching ? undefined : $Inventory.data?.team.inventoryCounts,
-		features
+		features,
+		isAdmin
 	})}
 />
diff --git a/src/routes/team/[team]/[env]/app/[app]/+page.gql b/src/routes/team/[team]/[env]/app/[app]/+page.gql
index 38b0f5f7..591d16e8 100644
--- a/src/routes/team/[team]/[env]/app/[app]/+page.gql
+++ b/src/routes/team/[team]/[env]/app/[app]/+page.gql
@@ -9,7 +9,15 @@ query App($app: String!, $team: Slug!, $env: String!) {
 					slug
 				}
 				image {
-					tag
+					hasSBOM
+					vulnerabilitySummary {
+						critical
+						high
+						medium
+						low
+						unassigned
+						riskScore
+					}
 				}
 				teamEnvironment {
 					environment {
@@ -63,7 +71,6 @@ query App($app: String!, $team: Slug!, $env: String!) {
 				...AppInstances
 				...Persistence
 				...WorkloadDeploy
-				...WorkloadImage
 				...NetworkPolicy
 				...Manifest
 				...Ingresses
diff --git a/src/routes/team/[team]/[env]/app/[app]/+page.svelte b/src/routes/team/[team]/[env]/app/[app]/+page.svelte
index 18a4b5ee..c62ceee4 100644
--- a/src/routes/team/[team]/[env]/app/[app]/+page.svelte
+++ b/src/routes/team/[team]/[env]/app/[app]/+page.svelte
@@ -5,11 +5,11 @@
 	import AggregatedCostForWorkload from '$lib/components/AggregatedCostForWorkload.svelte';
 	import Confirm from '$lib/components/Confirm.svelte';
 	import ErrorMessage, { supportedErrorTypes } from '$lib/components/errors/ErrorMessage.svelte';
-	import Image from '$lib/components/Image.svelte';
 	import NetworkPolicy from '$lib/components/NetworkPolicy.svelte';
 	import Persistence from '$lib/components/persistence/Persistence.svelte';
 	import Secrets from '$lib/components/Secrets.svelte';
 	import WorkloadDeploy from '$lib/components/WorkloadDeploy.svelte';
+	import WorkloadVulnerabilitySummary from '$lib/components/WorkloadVulnerabilitySummary.svelte';
 	import { docURL } from '$lib/doc';
 	import GraphErrors from '$lib/GraphErrors.svelte';
 	import Time from '$lib/Time.svelte';
@@ -121,7 +121,11 @@
 			</div>
 			<div class="sidebar">
 				<AggregatedCostForWorkload workload={app.name} {environment} {teamSlug} />
-				<Image workload={app} />
+				<div>
+					<Heading level="2" size="small" spacing>Vulnerabilities</Heading>
+					<WorkloadVulnerabilitySummary workload={app} />
+				</div>
+
 				<WorkloadDeploy workload={app} />
 				{#if viewerIsMember}
 					<Secrets workload={app.name} {environment} {teamSlug} />
diff --git a/src/routes/team/[team]/[env]/app/[app]/vulnerability-report/+page.gql b/src/routes/team/[team]/[env]/app/[app]/vulnerability-report/+page.gql
index 4f82754e..174c1292 100644
--- a/src/routes/team/[team]/[env]/app/[app]/vulnerability-report/+page.gql
+++ b/src/routes/team/[team]/[env]/app/[app]/vulnerability-report/+page.gql
@@ -3,15 +3,37 @@ query ApplicationImageDetails($team: Slug!, $env: String!, $app: String!)
 	team(slug: $team) {
 		slug
 		environment(name: $env) {
-			name
+			environment {
+				name
+			}
 			workload(name: $app) {
 				__typename
 				name
+				team {
+					slug
+				}
+				teamEnvironment {
+					environment {
+						name
+					}
+				}
+				status {
+					errors {
+						__typename
+						level
+						... on WorkloadStatusVulnerable {
+							summary {
+								critical
+								riskScore
+							}
+						}
+					}
+				}
 				image {
+					id
 					name
 					tag
 					hasSBOM
-
 					vulnerabilitySummary {
 						critical
 						high
@@ -20,8 +42,23 @@ query ApplicationImageDetails($team: Slug!, $env: String!, $app: String!)
 						unassigned
 						riskScore
 					}
-
-					...ImageWorkloadReferences
+					workloadReferences {
+						nodes {
+							workload {
+								id
+								__typename
+								team {
+									slug
+								}
+								teamEnvironment {
+									environment {
+										name
+									}
+								}
+								name
+							}
+						}
+					}
 				}
 			}
 		}
diff --git a/src/routes/team/[team]/[env]/app/[app]/vulnerability-report/+page.svelte b/src/routes/team/[team]/[env]/app/[app]/vulnerability-report/+page.svelte
index 2a6ba9d4..52370eb6 100644
--- a/src/routes/team/[team]/[env]/app/[app]/vulnerability-report/+page.svelte
+++ b/src/routes/team/[team]/[env]/app/[app]/vulnerability-report/+page.svelte
@@ -1,151 +1,108 @@
 <script lang="ts">
-	import Card from '$lib/Card.svelte';
 	import ImageVulnerabilities from '$lib/components/image/ImageVulnerabilities.svelte';
-	import ImageWorkloadReferences from '$lib/components/image/ImageWorkloadReferences.svelte';
-	import VulnerabilityBadges from '$lib/components/VulnerabilityBadges.svelte';
+	import WorkloadVulnerabilitySummary from '$lib/components/WorkloadVulnerabilitySummary.svelte';
 	import { docURL } from '$lib/doc';
+	import { envTagVariant } from '$lib/envTagVariant';
 	import GraphErrors from '$lib/GraphErrors.svelte';
 	import WarningIcon from '$lib/icons/WarningIcon.svelte';
 	import { parseImage } from '$lib/utils/image';
-	import { CopyButton, Heading } from '@nais/ds-svelte-community';
+	import { BodyShort, Detail, Heading, Tag } from '@nais/ds-svelte-community';
 	import type { PageProps } from './$houdini';
 
 	let { data }: PageProps = $props();
 
 	let { ApplicationImageDetails, viewerIsMember } = $derived(data);
 
-	let registry: string = $state('');
-	let repository: string = $state('');
-	let name: string = $state('');
-
-	$effect(() => {
-		if ($ApplicationImageDetails.data?.team.environment.workload.image) {
-			({ registry, repository, name } = parseImage(
-				$ApplicationImageDetails.data.team.environment.workload.image.name
-			));
-		}
-	});
+	const { registry, repository, name } = $derived(
+		parseImage($ApplicationImageDetails.data?.team.environment.workload.image.name)
+	);
 </script>
 
 <GraphErrors errors={$ApplicationImageDetails.errors} />
 
 {#if $ApplicationImageDetails.data}
-	{@const image = $ApplicationImageDetails.data.team.environment.workload.image}
-
-	<div class="grid">
-		<Card columns={8}>
-			<div class="details">
-				<Heading level="4" size="small" spacing>Image</Heading>
-				<CopyButton
-					size="xsmall"
-					variant="action"
-					text="Copy image name"
-					activeText="Image name copied"
-					copyText={image.name + ':' + image.tag}
-				/>
-			</div>
-			<div class="imageGrid">
-				<div class="registry">
-					<h5>Registry</h5>
-					<code>{registry}</code>
-				</div>
-				<div class="repository">
-					<h5>Repository</h5>
-					<code>{repository}</code>
+	{@const workload = $ApplicationImageDetails.data.team.environment.workload}
+	<div class="wrapper">
+		<div>
+			{#if workload.image.hasSBOM}
+				<p>
+					This page provides a list of vulnerabilities in <strong>{workload.name}</strong>
+					in <Tag variant={envTagVariant(workload.teamEnvironment.environment.name)}
+						>{workload.teamEnvironment.environment.name}</Tag
+					>. It includes a summary of the security status and a complete list of identified
+					vulnerabilities.
+				</p>
+
+				<p>
+					Review detailed information on each vulnerability and update affected dependencies to the
+					latest patched version. If no upgrade path is available, vulnerabilities can be reviewed
+					and suppressed by the team responsible for the workload.
+				</p>
+
+				<div>
+					<ImageVulnerabilities
+						team={$ApplicationImageDetails.data?.team.slug}
+						environment={$ApplicationImageDetails.data?.team.environment.environment.name}
+						workload={$ApplicationImageDetails.data?.team.environment.workload.name}
+						authorized={viewerIsMember}
+					/>
 				</div>
-				<div class="imageName">
-					<h5>Name</h5>
-					<code>{name}</code>
-				</div>
-				<div class="tag">
-					<h5>Tag</h5>
-					<code>{image.tag ? image.tag : ''}</code>
-				</div>
-			</div>
-		</Card>
-
-		<Card columns={3}>
-			<div class="summary">
-				<Heading level="4" size="small" spacing>Summary</Heading>
-
-				{#if image.vulnerabilitySummary}
-					<VulnerabilityBadges summary={image.vulnerabilitySummary} />
-				{:else if !image.hasSBOM && image.vulnerabilitySummary !== null}
-					<WarningIcon class="text-aligned-icon" /> Data was discovered, but the SBOM was not rendered.
-					Refer to the
-					<a href={docURL('/services/vulnerabilities/')}>Nais documentation</a>
-					for further assistance.
+			{:else}
+				<BodyShort>
+					<WarningIcon class="text-aligned-icon" /> No vulnerability data available. Learn how to generate
+					SBOMs and attestations for your workloads in the
+					<a href={docURL('/services/vulnerabilities/how-to/sbom/')} target="_blank"
+						>Nais documentation
+					</a>.
+				</BodyShort>
+			{/if}
+		</div>
+		<div class="right">
+			<div class="card">
+				<Heading level="2" size="small" spacing
+					><!-- TODO: This card should be called SBOM when we have more info from v13z-->Image</Heading
+				>
+				{#if registry === '' || repository === '' || name === ''}
+					<Detail><strong>Name:</strong> {workload.image.name}</Detail>
 				{:else}
-					<WarningIcon class="text-aligned-icon" /> No data found.
-					<a href={docURL('/services/vulnerabilities/how-to/sbom/')}> How to fix</a>
+					<Detail><strong>Registry:</strong> {registry}</Detail>
+					<Detail><strong>Repository:</strong> {repository}</Detail>
+					<Detail><strong>Name:</strong> {name}</Detail>
 				{/if}
+				<Detail><strong>Tag:</strong> {workload.image.tag}</Detail>
+
+				<!-- TODO: When we have project id from dependency track <a
+					href="https://dependencytrack.nais.io/#/vulnerability-management/scan-results/scan-results?scanId=1"
+					target="_blank"
+					rel="noopener noreferrer"
+					>Dependency Track
+				</a><ExternalLinkIcon /> -->
 			</div>
-		</Card>
-		<Card columns={11}>
-			<ImageVulnerabilities
-				team={$ApplicationImageDetails.data?.team.slug}
-				environment={$ApplicationImageDetails.data?.team.environment.name}
-				workload={$ApplicationImageDetails.data?.team.environment.workload.name}
-				authorized={viewerIsMember}
-			/>
-		</Card>
+			{#if workload.image.hasSBOM}
+				<div class="card">
+					<Heading level="2" size="small" spacing>Summary</Heading>
 
-		<Card columns={11}>
-			<ImageWorkloadReferences {image} />
-		</Card>
+					<WorkloadVulnerabilitySummary {workload} />
+				</div>
+			{/if}
+		</div>
 	</div>
 {/if}
 
 <style>
-	.details {
-		display: flex;
-		justify-content: space-between;
-	}
-
-	code {
-		font-size: 1rem;
-	}
-
-	.grid {
+	.wrapper {
 		display: grid;
-		grid-template-columns: repeat(12, 1fr);
-		column-gap: 1rem;
-		row-gap: 1rem;
+		grid-template-columns: 1fr 300px;
+		gap: 1rem;
 	}
-
-	.imageGrid {
-		display: grid;
-		grid-template-columns: repeat(2, 1fr);
-		column-gap: 0.2rem;
-		row-gap: 0.2rem;
-	}
-
-	code {
-		font-size: 0.8rem;
-	}
-
-	.registry {
-		grid-column: 1;
-		grid-row: 2;
-	}
-
-	.repository {
-		grid-column: 2;
-		grid-row: 2;
-	}
-
-	.imageName {
-		grid-column: 1;
-		grid-row: 1;
-	}
-
-	.tag {
-		grid-column: 2;
-		grid-row: 1;
-	}
-	.summary {
+	.right {
 		display: flex;
 		flex-direction: column;
-		gap: var(--a-spacing-1);
+		gap: 1rem;
+	}
+	.card {
+		background-color: var(--a-surface-subtle);
+		padding: var(--a-spacing-5);
+		border-radius: 12px;
 	}
 </style>
diff --git a/src/routes/team/[team]/[env]/job/[job]/+page.gql b/src/routes/team/[team]/[env]/job/[job]/+page.gql
index 7e6f6e3e..76ca06ef 100644
--- a/src/routes/team/[team]/[env]/job/[job]/+page.gql
+++ b/src/routes/team/[team]/[env]/job/[job]/+page.gql
@@ -2,9 +2,24 @@ query Job($job: String!, $team: Slug!, $env: String!) @cache(policy: NetworkOnly
 	team(slug: $team) {
 		environment(name: $env) {
 			job(name: $job) {
+				__typename
 				id
 				name
 				deletionStartedAt
+				team {
+					slug
+				}
+				image {
+					hasSBOM
+					vulnerabilitySummary {
+						critical
+						high
+						medium
+						low
+						unassigned
+						riskScore
+					}
+				}
 				schedule {
 					expression
 					timeZone
@@ -44,13 +59,18 @@ query Job($job: String!, $team: Slug!, $env: String!) @cache(policy: NetworkOnly
 							detail
 							name
 						}
+						... on WorkloadStatusVulnerable {
+							summary {
+								riskScore
+								critical
+							}
+						}
 					}
 				}
 
 				...JobRuns
 				...Persistence
 				...WorkloadDeploy
-				...WorkloadImage
 				...NetworkPolicy
 				...Manifest
 			}
diff --git a/src/routes/team/[team]/[env]/job/[job]/+page.svelte b/src/routes/team/[team]/[env]/job/[job]/+page.svelte
index 492cf422..a77abd15 100644
--- a/src/routes/team/[team]/[env]/job/[job]/+page.svelte
+++ b/src/routes/team/[team]/[env]/job/[job]/+page.svelte
@@ -3,11 +3,11 @@
 	import { graphql } from '$houdini';
 	import AggregatedCostForWorkload from '$lib/components/AggregatedCostForWorkload.svelte';
 	import ErrorMessage, { supportedErrorTypes } from '$lib/components/errors/ErrorMessage.svelte';
-	import Image from '$lib/components/Image.svelte';
 	import NetworkPolicy from '$lib/components/NetworkPolicy.svelte';
 	import Persistence from '$lib/components/persistence/Persistence.svelte';
 	import Secrets from '$lib/components/Secrets.svelte';
 	import WorkloadDeploy from '$lib/components/WorkloadDeploy.svelte';
+	import WorkloadVulnerabilitySummary from '$lib/components/WorkloadVulnerabilitySummary.svelte';
 	import { docURL } from '$lib/doc';
 	import GraphErrors from '$lib/GraphErrors.svelte';
 	import Time from '$lib/Time.svelte';
@@ -121,7 +121,10 @@
 			<!-- <Status {job} /> -->
 			<Schedule schedule={job.schedule} />
 			<AggregatedCostForWorkload workload={jobName} {environment} {teamSlug} />
-			<Image workload={job} />
+			<div>
+				<Heading level="2" size="small" spacing>Vulnerabilities</Heading>
+				<WorkloadVulnerabilitySummary workload={job} />
+			</div>
 			<WorkloadDeploy workload={job} />
 
 			{#if viewerIsMember}
diff --git a/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.gql b/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.gql
index 1845390f..cfa08b3d 100644
--- a/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.gql
+++ b/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.gql
@@ -2,11 +2,34 @@ query JobImageDetails($team: Slug!, $env: String!, $job: String!) @cache(policy:
 	team(slug: $team) {
 		slug
 		environment(name: $env) {
-			name
+			environment {
+				name
+			}
 			workload(name: $job) {
 				__typename
 				name
+				team {
+					slug
+				}
+				teamEnvironment {
+					environment {
+						name
+					}
+				}
+				status {
+					errors {
+						__typename
+						level
+						... on WorkloadStatusVulnerable {
+							summary {
+								critical
+								riskScore
+							}
+						}
+					}
+				}
 				image {
+					id
 					name
 					tag
 					hasSBOM
@@ -18,7 +41,23 @@ query JobImageDetails($team: Slug!, $env: String!, $job: String!) @cache(policy:
 						unassigned
 						riskScore
 					}
-					...ImageWorkloadReferences
+					workloadReferences {
+						nodes {
+							workload {
+								id
+								__typename
+								team {
+									slug
+								}
+								teamEnvironment {
+									environment {
+										name
+									}
+								}
+								name
+							}
+						}
+					}
 				}
 			}
 		}
diff --git a/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.svelte b/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.svelte
index 61a617ff..c5bd73db 100644
--- a/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.svelte
+++ b/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.svelte
@@ -1,142 +1,108 @@
 <script lang="ts">
-	import Card from '$lib/Card.svelte';
 	import ImageVulnerabilities from '$lib/components/image/ImageVulnerabilities.svelte';
-	import ImageWorkloadReferences from '$lib/components/image/ImageWorkloadReferences.svelte';
-	import VulnerabilityBadges from '$lib/components/VulnerabilityBadges.svelte';
+	import WorkloadVulnerabilitySummary from '$lib/components/WorkloadVulnerabilitySummary.svelte';
 	import { docURL } from '$lib/doc';
+	import { envTagVariant } from '$lib/envTagVariant';
 	import GraphErrors from '$lib/GraphErrors.svelte';
 	import WarningIcon from '$lib/icons/WarningIcon.svelte';
 	import { parseImage } from '$lib/utils/image';
-	import { CopyButton, Heading } from '@nais/ds-svelte-community';
+	import { BodyShort, Detail, Heading, Tag } from '@nais/ds-svelte-community';
 	import type { PageProps } from './$houdini';
 
 	let { data }: PageProps = $props();
 
 	let { JobImageDetails, viewerIsMember } = $derived(data);
 
-	let registry: string = $state('');
-	let repository: string = $state('');
-	let name: string = $state('');
-
-	$effect(() => {
-		if ($JobImageDetails.data?.team.environment.workload.image) {
-			({ registry, repository, name } = parseImage(
-				$JobImageDetails.data.team.environment.workload.image.name
-			));
-		}
-	});
+	const { registry, repository, name } = $derived(
+		parseImage($JobImageDetails.data?.team.environment.workload.image.name)
+	);
 </script>
 
 <GraphErrors errors={$JobImageDetails.errors} />
+
 {#if $JobImageDetails.data}
-	{@const image = $JobImageDetails.data.team.environment.workload.image}
-	<div class="grid">
-		<Card columns={8}>
-			<div class="details">
-				<Heading level="4" size="small" spacing>Image</Heading>
-				<CopyButton
-					size="xsmall"
-					variant="action"
-					text="Copy image name"
-					activeText="Image name copied"
-					copyText={image.name + ':' + image.tag}
-				/>
-			</div>
-			<div class="imageGrid">
-				<div class="registry">
-					<h5>Registry</h5>
-					<code>{registry}</code>
-				</div>
-				<div class="repository">
-					<h5>Repository</h5>
-					<code>{repository}</code>
+	{@const workload = $JobImageDetails.data.team.environment.workload}
+	<div class="wrapper">
+		<div>
+			{#if workload.image.hasSBOM}
+				<p>
+					This page provides a list of vulnerabilities in <strong>{workload.name}</strong>
+					in <Tag variant={envTagVariant(workload.teamEnvironment.environment.name)}
+						>{workload.teamEnvironment.environment.name}</Tag
+					>. It includes a summary of the security status and a complete list of identified
+					vulnerabilities.
+				</p>
+
+				<p>
+					Review detailed information on each vulnerability and update affected dependencies to the
+					latest patched version. If no upgrade path is available, vulnerabilities can be reviewed
+					and suppressed by the team responsible for the workload.
+				</p>
+
+				<div>
+					<ImageVulnerabilities
+						team={$JobImageDetails.data?.team.slug}
+						environment={$JobImageDetails.data?.team.environment.environment.name}
+						workload={$JobImageDetails.data?.team.environment.workload.name}
+						authorized={viewerIsMember}
+					/>
 				</div>
-				<div class="imageName">
-					<h5>Name</h5>
-					<code>{name}</code>
-				</div>
-				<div class="tag">
-					<h5>Tag</h5>
-					<code>{image.tag ? image.tag : ''}</code>
-				</div>
-			</div>
-		</Card>
-
-		<Card columns={3}>
-			<Heading level="4" size="small" spacing>Summary</Heading>
-			{#if image.vulnerabilitySummary}
-				<VulnerabilityBadges summary={image.vulnerabilitySummary} />
-			{:else if !image.hasSBOM && image.vulnerabilitySummary !== null}
-				<WarningIcon class="text-aligned-icon" />
-				Data was discovered, but the SBOM was not rendered. Refer to the
-				<a href={docURL('/services/vulnerabilities/')}>Nais documentation</a>
-				for further assistance.
 			{:else}
-				<WarningIcon class="text-aligned-icon" />
-				No data found.
-				<a href={docURL('/services/vulnerabilities/how-to/sbom/')}> How to fix</a>
+				<BodyShort>
+					<WarningIcon class="text-aligned-icon" /> No vulnerability data available. Learn how to generate
+					SBOMs and attestations for your workloads in the
+					<a href={docURL('/services/vulnerabilities/how-to/sbom/')} target="_blank"
+						>Nais documentation
+					</a>.
+				</BodyShort>
 			{/if}
-		</Card>
-		<Card columns={11}>
-			<ImageVulnerabilities
-				team={$JobImageDetails.data?.team.slug}
-				environment={$JobImageDetails.data?.team.environment.name}
-				workload={$JobImageDetails.data?.team.environment.workload.name}
-				authorized={viewerIsMember}
-			/>
-		</Card>
+		</div>
+		<div class="right">
+			<div class="card">
+				<Heading level="2" size="small" spacing
+					><!-- TODO: This card should be called SBOM when we have more info from v13z-->Image</Heading
+				>
+				{#if registry === '' || repository === '' || name === ''}
+					<Detail><strong>Name:</strong> {workload.image.name}</Detail>
+				{:else}
+					<Detail><strong>Registry:</strong> {registry}</Detail>
+					<Detail><strong>Repository:</strong> {repository}</Detail>
+					<Detail><strong>Name:</strong> {name}</Detail>
+				{/if}
+				<Detail><strong>Tag:</strong> {workload.image.tag}</Detail>
+
+				<!-- TODO: When we have project id from dependency track <a
+				href="https://dependencytrack.nais.io/#/vulnerability-management/scan-results/scan-results?scanId=1"
+				target="_blank"
+				rel="noopener noreferrer"
+				>Dependency Track
+			</a><ExternalLinkIcon /> -->
+			</div>
+			{#if workload.image.hasSBOM}
+				<div class="card">
+					<Heading level="2" size="small" spacing>Summary</Heading>
 
-		<Card columns={11}>
-			<ImageWorkloadReferences {image} />
-		</Card>
+					<WorkloadVulnerabilitySummary {workload} />
+				</div>
+			{/if}
+		</div>
 	</div>
 {/if}
 
 <style>
-	.details {
-		display: flex;
-		justify-content: space-between;
-	}
-
-	code {
-		font-size: 1rem;
-	}
-
-	.grid {
+	.wrapper {
 		display: grid;
-		grid-template-columns: repeat(12, 1fr);
-		column-gap: 1rem;
-		row-gap: 1rem;
-	}
-
-	.imageGrid {
-		display: grid;
-		grid-template-columns: repeat(2, 1fr);
-		column-gap: 0.2rem;
-		row-gap: 0.2rem;
-	}
-
-	code {
-		font-size: 0.8rem;
+		grid-template-columns: 1fr 300px;
+		gap: 1rem;
 	}
-
-	.registry {
-		grid-column: 1;
-		grid-row: 2;
-	}
-
-	.repository {
-		grid-column: 2;
-		grid-row: 2;
-	}
-
-	.imageName {
-		grid-column: 1;
-		grid-row: 1;
+	.right {
+		display: flex;
+		flex-direction: column;
+		gap: 1rem;
 	}
-
-	.tag {
-		grid-column: 2;
-		grid-row: 1;
+	.card {
+		background-color: var(--a-surface-subtle);
+		padding: var(--a-spacing-5);
+		border-radius: 12px;
 	}
 </style>
diff --git a/src/routes/team/[team]/settings/+page.svelte b/src/routes/team/[team]/settings/+page.svelte
index b3394834..e2e2e5db 100644
--- a/src/routes/team/[team]/settings/+page.svelte
+++ b/src/routes/team/[team]/settings/+page.svelte
@@ -21,7 +21,7 @@
 	import EditText from './EditText.svelte';
 
 	let { data }: PageProps = $props();
-	let { teamSlug } = $derived(data);
+	let { teamSlug, viewerIsMember } = $derived(data);
 
 	const rotateKey = graphql(`
 		mutation RotateDeployKey($team: Slug!) {
@@ -143,6 +143,7 @@
 							descriptionErrors = data.errors;
 						}
 					}}
+					isMember={viewerIsMember}
 				/>
 			</i>
 
@@ -168,6 +169,7 @@
 								defaultSlackChannelErrors = data.errors;
 							}
 						}}
+						isMember={viewerIsMember}
 					/>
 				</p>
 				<GraphErrors errors={defaultSlackChannelErrors} size="small" />
@@ -199,6 +201,7 @@
 										slackChannelsErrors = data.errors;
 									}
 								}}
+								isMember={viewerIsMember}
 							/>
 						</div>
 					{/each}
@@ -301,6 +304,7 @@
 										showKey = !showKey;
 									}}
 									icon={EyeIcon}
+									disabled={!viewerIsMember}
 								/>
 							{/if}
 						</div>
@@ -314,6 +318,7 @@
 							variant="action"
 							copyText={deployKey.key}
 							size="small"
+							disabled={!viewerIsMember}
 						/>
 					</div>
 					<div class="button">
@@ -324,6 +329,7 @@
 								showRotateKey = !showRotateKey;
 							}}
 							icon={ArrowsCirclepathIcon}
+							disabled={!viewerIsMember}
 						>
 							Rotate key
 						</Button>
diff --git a/src/routes/team/[team]/settings/+page.ts b/src/routes/team/[team]/settings/+page.ts
index 7d34022e..947a6c91 100644
--- a/src/routes/team/[team]/settings/+page.ts
+++ b/src/routes/team/[team]/settings/+page.ts
@@ -4,7 +4,10 @@ import type { BeforeLoadEvent } from './$houdini';
 export async function _houdini_beforeLoad({ parent }: BeforeLoadEvent) {
 	const pd = await parent();
 
-	if (!pd.viewerIsMember) {
+	if (
+		!pd.viewerIsMember &&
+		!(pd.UserInfo.data?.me.__typename === 'User' && pd.UserInfo.data?.me.isAdmin)
+	) {
 		error(403, 'You are not allowed to view this page');
 	}
 }
diff --git a/src/routes/team/[team]/settings/EditText.svelte b/src/routes/team/[team]/settings/EditText.svelte
index f36d1d3c..fdd825a9 100644
--- a/src/routes/team/[team]/settings/EditText.svelte
+++ b/src/routes/team/[team]/settings/EditText.svelte
@@ -5,10 +5,11 @@
 
 	interface Props {
 		text: string;
+		isMember: boolean;
 		variant?: 'textfield' | 'textarea';
 	}
 
-	let { text, variant = 'textarea' }: Props = $props();
+	let { text, variant = 'textarea', isMember }: Props = $props();
 
 	const distpatch = createEventDispatcher<{ save: string }>();
 
@@ -37,7 +38,7 @@
 				bind:value={newText}
 			></textarea>
 		{/if}
-		<Button onclick={save} size="xsmall">Save</Button>
+		<Button onclick={save} size="xsmall" disabled={!isMember}>Save</Button>
 		<Button onclick={reset} size="xsmall" variant="secondary-neutral">Cancel</Button>
 	</div>
 {:else if height !== undefined}
diff --git a/src/routes/team/[team]/vulnerabilities/+page.svelte b/src/routes/team/[team]/vulnerabilities/+page.svelte
index c064510e..8619aba3 100644
--- a/src/routes/team/[team]/vulnerabilities/+page.svelte
+++ b/src/routes/team/[team]/vulnerabilities/+page.svelte
@@ -8,7 +8,7 @@
 	import CircleProgressBar from '$lib/components/CircleProgressBar.svelte';
 	import SummaryCard from '$lib/components/SummaryCard.svelte';
 	import Vulnerability from '$lib/components/Vulnerability.svelte';
-	import WorkloadsWithSbom from '$lib/components/WorkloadsWithSBOM.svelte';
+	import WorkloadsWithVulnerabilities from '$lib/components/WorkloadsWithVulnerabilities.svelte';
 	import GraphErrors from '$lib/GraphErrors.svelte';
 	import { Alert, Heading, HelpText, Select, Skeleton } from '@nais/ds-svelte-community';
 	import {
@@ -152,7 +152,7 @@
 			</SummaryCard>
 		</Card>
 		<Card columns={12}>
-			<Heading level="3" size="small" spacing>Workloads with SBOM</Heading>
+			<Heading level="3" size="medium" spacing>Workloads with vulnerabilities</Heading>
 
 			<div class="env-filter">
 				<Select size="small" hideLabel={true} bind:value={selectedEnvironment} label="Environment">
@@ -168,7 +168,7 @@
 					{/if}
 				</Select>
 			</div>
-			<WorkloadsWithSbom team={teamSlug} environment={selectedEnvironment} />
+			<WorkloadsWithVulnerabilities team={teamSlug} environment={selectedEnvironment} />
 		</Card>
 	</div>
 {/if}
diff --git a/static/SBOM.png b/static/SBOM.png
new file mode 100644
index 00000000..73f891a7
Binary files /dev/null and b/static/SBOM.png differ