diff --git a/.changeset/heureka-mitigate-manually.md b/.changeset/heureka-mitigate-manually.md
new file mode 100644
index 0000000000..215e7dcfd2
--- /dev/null
+++ b/.changeset/heureka-mitigate-manually.md
@@ -0,0 +1,5 @@
+---
+"@cloudoperators/juno-app-heureka": patch
+---
+
+Add Mitigate Manually action to vulnerability rows. Users can now mark a CVE as manually mitigated from the popup menu in both the Active and Remediated vulnerability tabs. The CVE moves to the Remediated tab immediately and can be reverted via the Remediation History Panel.
diff --git a/apps/heureka/src/components/Service/ImageDetails/FalsePositiveModal/index.tsx b/apps/heureka/src/components/Service/ImageDetails/FalsePositiveModal/index.tsx
index 788f1b6d76..42c6e1b211 100644
--- a/apps/heureka/src/components/Service/ImageDetails/FalsePositiveModal/index.tsx
+++ b/apps/heureka/src/components/Service/ImageDetails/FalsePositiveModal/index.tsx
@@ -3,19 +3,9 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import React, { useState, useRef, useEffect } from "react"
-import {
-  Modal,
-  ModalFooter,
-  Button,
-  Stack,
-  Textarea,
-  TextInput,
-  DateTimePicker,
-  Message,
-} from "@cloudoperators/juno-ui-components"
-import { RemediationInput, RemediationTypeValues, SeverityValues } from "../../../../generated/graphql"
-import { useAuth } from "@cloudoperators/greenhouse-auth-provider"
+import React from "react"
+import { RemediationInput, RemediationTypeValues } from "../../../../generated/graphql"
+import { RemediationModal } from "../RemediationModal"
 
 type FalsePositiveModalProps = {
   open: boolean
@@ -27,202 +17,13 @@ type FalsePositiveModalProps = {
   image: string
 }
 
-const CONFIRM_LABEL = "Mark as False Positive"
-const CANCEL_LABEL = "Cancel"
-
-const toSeverityValue = (severity: string): SeverityValues | undefined => {
-  if (!severity) return undefined
-  const normalized = severity.charAt(0).toUpperCase() + severity.slice(1).toLowerCase()
-  const value = normalized as SeverityValues
-  return Object.values(SeverityValues).includes(value) ? value : undefined
-}
-
-export const FalsePositiveModal: React.FC<FalsePositiveModalProps> = ({
-  open,
-  onClose,
-  onConfirm,
-  vulnerability,
-  severity,
-  service,
-  image,
-}) => {
-  const auth = useAuth()
-  const authUserId = auth.status === "authenticated" ? auth.userId || auth.userName : null
-  const [description, setDescription] = useState<string>("")
-  const [manualUserId, setManualUserId] = useState<string>("")
-  const [expirationDate, setExpirationDate] = useState<Date | null>(null)
-  const [isSubmitting, setIsSubmitting] = useState(false)
-  const [descriptionError, setDescriptionError] = useState<string>("")
-  const [userIdError, setUserIdError] = useState<string>("")
-  const [expirationDateError, setExpirationDateError] = useState<string>("")
-  const [apiError, setApiError] = useState<string | null>(null)
-  const isMountedRef = useRef(true)
-
-  const manualUserIdTrimmed = manualUserId.trim()
-  const remediatedBy = authUserId ?? (manualUserIdTrimmed || undefined)
-  const isUserIdValid = !!remediatedBy
-
-  useEffect(() => {
-    isMountedRef.current = true
-    return () => {
-      isMountedRef.current = false
-    }
-  }, [])
-
-  useEffect(() => {
-    if (!open) {
-      setDescription("")
-      setManualUserId("")
-      setExpirationDate(null)
-      setDescriptionError("")
-      setUserIdError("")
-      setExpirationDateError("")
-      setApiError(null)
-    }
-  }, [open])
-
-  const descriptionTrimmed = description.trim()
-
-  const handleConfirm = async () => {
-    if (!descriptionTrimmed) {
-      setDescriptionError("Description is required")
-      return
-    }
-    if (!remediatedBy) {
-      setUserIdError("User ID is required")
-      return
-    }
-    if (!expirationDate) {
-      setExpirationDateError("Expiration date is required")
-      return
-    }
-
-    setDescriptionError("")
-    setUserIdError("")
-    setExpirationDateError("")
-    setIsSubmitting(true)
-    try {
-      const severityValue = severity ? toSeverityValue(severity) : undefined
-      const input: RemediationInput = {
-        type: RemediationTypeValues.FalsePositive,
-        vulnerability,
-        service,
-        image,
-        description: descriptionTrimmed,
-        ...(remediatedBy && { remediatedBy }),
-        ...(severityValue !== undefined && { severity: severityValue }),
-        expirationDate: expirationDate.toISOString(),
-      }
-      const result = await onConfirm(input)
-      if (result?.error) {
-        setApiError(result.error)
-      } else if (isMountedRef.current) {
-        setDescription("")
-        setManualUserId("")
-        setExpirationDate(null)
-        onClose()
-      }
-    } catch (error) {
-      const message = error instanceof Error ? error.message : "Failed to create remediation"
-      setApiError(message)
-    } finally {
-      setIsSubmitting(false)
-    }
-  }
-
-  const handleClose = () => {
-    setDescription("")
-    setManualUserId("")
-    setExpirationDate(null)
-    setDescriptionError("")
-    setUserIdError("")
-    setExpirationDateError("")
-    setApiError(null)
-    onClose()
-  }
-
-  const handleDescriptionChange = (e: React.ChangeEvent<HTMLTextAreaElement>) => {
-    setDescription(e.target.value)
-    // Clear error when user starts typing
-    if (descriptionError) {
-      setDescriptionError("")
-    }
-  }
-
-  return (
-    <Modal
-      title="Mark as False Positive"
-      open={open}
-      onCancel={handleClose}
-      modalFooter={
-        <ModalFooter>
-          <Stack direction="horizontal" gap="2" distribution="end" className="w-full">
-            <Button onClick={handleClose} label={CANCEL_LABEL} disabled={isSubmitting} />
-            <Button
-              onClick={handleConfirm}
-              label={CONFIRM_LABEL}
-              variant="primary"
-              disabled={isSubmitting || !descriptionTrimmed || !isUserIdValid || !expirationDate}
-            />
-          </Stack>
-        </ModalFooter>
-      }
-    >
-      <Stack gap="4" direction="vertical">
-        {apiError && <Message text={apiError} variant="error" />}
-        <div>
-          <strong>Vulnerability:</strong> {vulnerability}
-        </div>
-        <div>
-          <strong>Service:</strong> {service}
-        </div>
-        <div>
-          <strong>Image:</strong> {image}
-        </div>
-        <div>
-          <TextInput
-            label="User ID"
-            value={authUserId ?? manualUserId}
-            onChange={(e) => {
-              setManualUserId(e.target.value)
-              if (userIdError) setUserIdError("")
-            }}
-            disabled={!!authUserId}
-            required
-            invalid={!!userIdError}
-            errortext={userIdError}
-            placeholder={authUserId ? undefined : "Enter your user ID"}
-            helptext={authUserId ? "User ID from current session (read-only)." : "Enter your user ID."}
-          />
-        </div>
-        <div>
-          <DateTimePicker
-            label="Expiration Date"
-            value={expirationDate ?? undefined}
-            onChange={(dates) => {
-              setExpirationDate(dates?.[0] ?? null)
-              if (expirationDateError) setExpirationDateError("")
-            }}
-            minDate="today"
-            required
-            invalid={!!expirationDateError}
-            errortext={expirationDateError}
-            helptext="When this false positive should no longer be considered valid."
-          />
-        </div>
-        <div>
-          <Textarea
-            label="Description"
-            placeholder="Add a description explaining why this is a false positive..."
-            value={description}
-            onChange={handleDescriptionChange}
-            rows={14}
-            required
-            invalid={!!descriptionError}
-            errortext={descriptionError || ""}
-          />
-        </div>
-      </Stack>
-    </Modal>
-  )
-}
+export const FalsePositiveModal: React.FC<FalsePositiveModalProps> = (props) => (
+  <RemediationModal
+    {...props}
+    title="Mark as False Positive"
+    confirmLabel="Mark as False Positive"
+    remediationType={RemediationTypeValues.FalsePositive}
+    descriptionPlaceholder="Add a description explaining why this is a false positive..."
+    expirationHelptext="When this false positive should no longer be considered valid."
+  />
+)
diff --git a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/IssuesDataRow/index.tsx b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/IssuesDataRow/index.tsx
index 8284cc2df7..fffe41093c 100644
--- a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/IssuesDataRow/index.tsx
+++ b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/IssuesDataRow/index.tsx
@@ -20,6 +20,7 @@ import { ImageVulnerability } from "../../../../../Services/utils"
 import { getSeverityColor, useTextOverflow } from "../../../../../../utils"
 import { FalsePositiveModal } from "../../../FalsePositiveModal"
 import { RiskAcceptanceModal } from "../../../RiskAcceptanceModal"
+import { MitigateManuallyModal } from "../../../MitigateManuallyModal"
 import { useRouteContext } from "@tanstack/react-router"
 import { createRemediation } from "../../../../../../api/createRemediation"
 import { RemediationInput } from "../../../../../../generated/graphql"
@@ -42,6 +43,7 @@ type IssuesDataRowProps = {
   showFalsePositiveAction?: boolean
   onFalsePositiveSuccess?: (cveNumber: string) => void | Promise<void>
   onRiskAcceptanceSuccess?: (cveNumber: string) => void | Promise<void>
+  onMitigateManuallySuccess?: (cveNumber: string) => void | Promise<void>
 }
 
 export const IssuesDataRow = ({
@@ -51,10 +53,12 @@ export const IssuesDataRow = ({
   showFalsePositiveAction = true,
   onFalsePositiveSuccess,
   onRiskAcceptanceSuccess,
+  onMitigateManuallySuccess,
 }: IssuesDataRowProps) => {
   const [isExpanded, setIsExpanded] = useState(false)
   const [isModalOpen, setIsModalOpen] = useState(false)
   const [isRiskAcceptanceModalOpen, setIsRiskAcceptanceModalOpen] = useState(false)
+  const [isMitigateManuallyModalOpen, setIsMitigateManuallyModalOpen] = useState(false)
   const [isSubmitting, setIsSubmitting] = useState(false)
   const { needsExpansion, textRef } = useTextOverflow(issue?.description || "")
   const { apiClient, queryClient } = useRouteContext({ from: "/services/$service" })
@@ -68,95 +72,50 @@ export const IssuesDataRow = ({
     setIsExpanded(!isExpanded)
   }
 
-  const handleModalConfirm = async (input: RemediationInput): Promise<{ error: string } | void> => {
-    setIsSubmitting(true)
-    try {
-      const remediation = await createRemediation({ apiClient, input })
-      const cveNumber = issue?.name || "unknown"
-      if (remediation) {
-        queryClient.setQueriesData(
-          {
-            predicate: (query) => {
-              const [key, filter] = query.queryKey as [string, any]
-              if (key !== "remediations") return false
-              if (filter?.service && !filter.service.includes(service)) return false
-              if (filter?.image && !filter.image.includes(image)) return false
-              if (filter?.vulnerability && !filter.vulnerability.includes(cveNumber)) return false
-              return true
-            },
-          },
-
-          (old: any) => {
-            if (!old?.data?.Remediations) return old
-            const edges = old.data.Remediations.edges ?? []
-
-            if (edges.some((e: any) => e?.node?.id === remediation.id)) return old
-            return {
-              ...old,
-              data: {
-                ...old.data,
-                Remediations: {
-                  ...old.data.Remediations,
-                  edges: [...edges, { node: remediation }],
-                  totalCount: (old.data.Remediations.totalCount ?? 0) + 1,
-                },
+  const makeRemediationHandler =
+    (onSuccess?: (cveNumber: string) => void | Promise<void>) =>
+    async (input: RemediationInput): Promise<{ error: string } | void> => {
+      setIsSubmitting(true)
+      try {
+        const remediation = await createRemediation({ apiClient, input })
+        const cveNumber = issue?.name || "unknown"
+        if (remediation) {
+          queryClient.setQueriesData(
+            {
+              predicate: (query) => {
+                const [key, filter] = query.queryKey as [string, any]
+                if (key !== "remediations") return false
+                if (filter?.service && !filter.service.includes(service)) return false
+                if (filter?.image && !filter.image.includes(image)) return false
+                if (filter?.vulnerability && !filter.vulnerability.includes(cveNumber)) return false
+                return true
               },
-            }
-          }
-        )
-      }
-      await onFalsePositiveSuccess?.(cveNumber)
-    } catch (error) {
-      return { error: error instanceof Error ? error.message : "Failed to create remediation" }
-    } finally {
-      setIsSubmitting(false)
-    }
-  }
-
-  const handleRiskAcceptanceConfirm = async (input: RemediationInput): Promise<{ error: string } | void> => {
-    setIsSubmitting(true)
-    try {
-      const remediation = await createRemediation({ apiClient, input })
-      const cveNumber = issue?.name || "unknown"
-      if (remediation) {
-        queryClient.setQueriesData(
-          {
-            predicate: (query) => {
-              const [key, filter] = query.queryKey as [string, any]
-              if (key !== "remediations") return false
-              if (filter?.service && !filter.service.includes(service)) return false
-              if (filter?.image && !filter.image.includes(image)) return false
-              if (filter?.vulnerability && !filter.vulnerability.includes(cveNumber)) return false
-              return true
             },
-          },
-
-          (old: any) => {
-            if (!old?.data?.Remediations) return old
-            const edges = old.data.Remediations.edges ?? []
-
-            if (edges.some((e: any) => e?.node?.id === remediation.id)) return old
-            return {
-              ...old,
-              data: {
-                ...old.data,
-                Remediations: {
-                  ...old.data.Remediations,
-                  edges: [...edges, { node: remediation }],
-                  totalCount: (old.data.Remediations.totalCount ?? 0) + 1,
+            (old: any) => {
+              if (!old?.data?.Remediations) return old
+              const edges = old.data.Remediations.edges ?? []
+              if (edges.some((e: any) => e?.node?.id === remediation.id)) return old
+              return {
+                ...old,
+                data: {
+                  ...old.data,
+                  Remediations: {
+                    ...old.data.Remediations,
+                    edges: [...edges, { node: remediation }],
+                    totalCount: (old.data.Remediations.totalCount ?? 0) + 1,
+                  },
                 },
-              },
+              }
             }
-          }
-        )
+          )
+        }
+        await onSuccess?.(cveNumber)
+      } catch (error) {
+        return { error: error instanceof Error ? error.message : "Failed to create remediation" }
+      } finally {
+        setIsSubmitting(false)
       }
-      await onRiskAcceptanceSuccess?.(cveNumber)
-    } catch (error) {
-      return { error: error instanceof Error ? error.message : "Failed to create remediation" }
-    } finally {
-      setIsSubmitting(false)
     }
-  }
 
   return (
     <>
@@ -207,6 +166,7 @@ export const IssuesDataRow = ({
                 <PopupMenuOptions>
                   <PopupMenuItem label="Mark False Positive" onClick={() => setIsModalOpen(true)} />
                   <PopupMenuItem label="Accept Risk" onClick={() => setIsRiskAcceptanceModalOpen(true)} />
+                  <PopupMenuItem label="Mitigate Manually" onClick={() => setIsMitigateManuallyModalOpen(true)} />
                 </PopupMenuOptions>
               </PopupMenu>
             )}
@@ -218,7 +178,7 @@ export const IssuesDataRow = ({
           <FalsePositiveModal
             open={isModalOpen}
             onClose={() => setIsModalOpen(false)}
-            onConfirm={handleModalConfirm}
+            onConfirm={makeRemediationHandler(onFalsePositiveSuccess)}
             vulnerability={issue.name}
             severity={issue.severity}
             service={service}
@@ -227,7 +187,16 @@ export const IssuesDataRow = ({
           <RiskAcceptanceModal
             open={isRiskAcceptanceModalOpen}
             onClose={() => setIsRiskAcceptanceModalOpen(false)}
-            onConfirm={handleRiskAcceptanceConfirm}
+            onConfirm={makeRemediationHandler(onRiskAcceptanceSuccess)}
+            vulnerability={issue.name}
+            severity={issue.severity}
+            service={service}
+            image={image}
+          />
+          <MitigateManuallyModal
+            open={isMitigateManuallyModalOpen}
+            onClose={() => setIsMitigateManuallyModalOpen(false)}
+            onConfirm={makeRemediationHandler(onMitigateManuallySuccess)}
             vulnerability={issue.name}
             severity={issue.severity}
             service={service}
diff --git a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/IssuesDataRows.test.tsx b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/IssuesDataRows.test.tsx
index 9e31ca3543..a60423c129 100644
--- a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/IssuesDataRows.test.tsx
+++ b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/IssuesDataRows.test.tsx
@@ -123,6 +123,7 @@ function renderWithRouter(
           image="repo/image"
           onFalsePositiveSuccess={() => {}}
           onRiskAcceptanceSuccess={() => {}}
+          onMitigateManuallySuccess={() => {}}
         />
       </Suspense>
     ),
@@ -169,6 +170,7 @@ describe("IssuesDataRows — active/remediated split", () => {
             image="repo/image"
             onFalsePositiveSuccess={() => {}}
             onRiskAcceptanceSuccess={() => {}}
+            onMitigateManuallySuccess={() => {}}
           />
         </Suspense>
       )
@@ -209,6 +211,7 @@ describe("IssuesDataRows — active/remediated split", () => {
             image="repo/image"
             onFalsePositiveSuccess={() => {}}
             onRiskAcceptanceSuccess={() => {}}
+            onMitigateManuallySuccess={() => {}}
           />
         </Suspense>
       )
diff --git a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/index.tsx b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/index.tsx
index 4e60492bc2..2d741e4b3e 100644
--- a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/index.tsx
+++ b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/IssuesDataRows/index.tsx
@@ -17,6 +17,7 @@ type IssuesDataRowsProps = {
   image: string
   onFalsePositiveSuccess: (cveNumber: string) => void | Promise<void>
   onRiskAcceptanceSuccess: (cveNumber: string) => void | Promise<void>
+  onMitigateManuallySuccess: (cveNumber: string) => void | Promise<void>
 }
 
 export const IssuesDataRows = ({
@@ -26,6 +27,7 @@ export const IssuesDataRows = ({
   image,
   onFalsePositiveSuccess,
   onRiskAcceptanceSuccess,
+  onMitigateManuallySuccess,
 }: IssuesDataRowsProps) => {
   const { error, data } = use(issuesPromise)
   const remediationsResult = use(remediationsPromise)
@@ -55,6 +57,7 @@ export const IssuesDataRows = ({
       image={image}
       onFalsePositiveSuccess={onFalsePositiveSuccess}
       onRiskAcceptanceSuccess={onRiskAcceptanceSuccess}
+      onMitigateManuallySuccess={onMitigateManuallySuccess}
     />
   ))
 }
diff --git a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/RemediatedIssuesDataRows/RemediatedIssueDataRow/index.tsx b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/RemediatedIssuesDataRows/RemediatedIssueDataRow/index.tsx
index a889f81068..f128af43c1 100644
--- a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/RemediatedIssuesDataRows/RemediatedIssueDataRow/index.tsx
+++ b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/RemediatedIssuesDataRows/RemediatedIssueDataRow/index.tsx
@@ -20,6 +20,7 @@ import { ImageVulnerability } from "../../../../../Services/utils"
 import { getSeverityColor, useTextOverflow } from "../../../../../../utils"
 import { FalsePositiveModal } from "../../../FalsePositiveModal"
 import { RiskAcceptanceModal } from "../../../RiskAcceptanceModal"
+import { MitigateManuallyModal } from "../../../MitigateManuallyModal"
 import { useRouteContext } from "@tanstack/react-router"
 import { createRemediation } from "../../../../../../api/createRemediation"
 import { RemediationInput, RemediationTypeValues } from "../../../../../../generated/graphql"
@@ -54,6 +55,7 @@ export const RemediatedIssueDataRow = ({
   const [isExpanded, setIsExpanded] = useState(false)
   const [isFalsePositiveModalOpen, setIsFalsePositiveModalOpen] = useState(false)
   const [isRiskAcceptanceModalOpen, setIsRiskAcceptanceModalOpen] = useState(false)
+  const [isMitigateManuallyModalOpen, setIsMitigateManuallyModalOpen] = useState(false)
   const [isSubmitting, setIsSubmitting] = useState(false)
   const { needsExpansion, textRef } = useTextOverflow(issue?.description || "")
   const { apiClient, queryClient } = useRouteContext({ from: "/services/$service" })
@@ -179,6 +181,7 @@ export const RemediatedIssueDataRow = ({
               <PopupMenuOptions>
                 <PopupMenuItem label="Mark False Positive" onClick={() => setIsFalsePositiveModalOpen(true)} />
                 <PopupMenuItem label="Accept Risk" onClick={() => setIsRiskAcceptanceModalOpen(true)} />
+                <PopupMenuItem label="Mitigate Manually" onClick={() => setIsMitigateManuallyModalOpen(true)} />
               </PopupMenuOptions>
             </PopupMenu>
           )}
@@ -202,6 +205,15 @@ export const RemediatedIssueDataRow = ({
         service={service}
         image={image}
       />
+      <MitigateManuallyModal
+        open={isMitigateManuallyModalOpen}
+        onClose={() => setIsMitigateManuallyModalOpen(false)}
+        onConfirm={handleRemediationConfirm}
+        vulnerability={issue.name}
+        severity={issue.severity}
+        service={service}
+        image={image}
+      />
     </>
   )
 }
diff --git a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/RemediationHistoryPanel/index.tsx b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/RemediationHistoryPanel/index.tsx
index 670b61e4a5..2c9ff60953 100644
--- a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/RemediationHistoryPanel/index.tsx
+++ b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/RemediationHistoryPanel/index.tsx
@@ -177,6 +177,54 @@ export const RemediationHistoryPanel = ({
           }
         }
       )
+
+      // The panel fetched its data fresh when it opened (staleTime: 0). Read that
+      // cache synchronously — no network request needed — to patch the broad cache
+      // with any remediations that were created in other sessions and are therefore
+      // missing from it. Without this, a CVE could wrongly move to Active even
+      // though other remediations still exist.
+      if (vulnerability) {
+        const panelFilter = { service: [service], image: [image], vulnerability: [vulnerability] }
+        const panelCache = queryClient.getQueryData<any>(["remediations", panelFilter])
+        const remainingEdges = (panelCache?.data?.Remediations?.edges ?? []).filter(
+          (e: any) => e?.node?.id !== remediation.remediationId
+        )
+
+        if (remainingEdges.length > 0) {
+          queryClient.setQueriesData(
+            {
+              predicate: (query) => {
+                const [key, filter] = query.queryKey as [string, any]
+                if (key !== "remediations") return false
+                if (filter?.service && !filter.service.includes(service)) return false
+                if (filter?.image && !filter.image.includes(image)) return false
+                if (filter?.vulnerability) return false // broad cache only
+                return true
+              },
+            },
+            (old: any) => {
+              if (!old?.data?.Remediations) return old
+              const edges: any[] = old.data.Remediations.edges ?? []
+              const existingIds = new Set(edges.map((e: any) => e?.node?.id).filter(Boolean))
+              const missingEdges = remainingEdges.filter((e: any) => e?.node?.id && !existingIds.has(e.node.id))
+              if (missingEdges.length === 0) return old
+              const newEdges = [...edges, ...missingEdges]
+              return {
+                ...old,
+                data: {
+                  ...old.data,
+                  Remediations: {
+                    ...old.data.Remediations,
+                    edges: newEdges,
+                    totalCount: (old.data.Remediations.totalCount ?? 0) + missingEdges.length,
+                  },
+                },
+              }
+            }
+          )
+        }
+      }
+
       const typeLabel = remediation.type ?? "remediation"
       const dateLabel = remediation.remediationDate ? ` from ${formatDateTime(remediation.remediationDate)}` : ""
       const text = `The ${typeLabel}${dateLabel} for ${vulnerability ?? "unknown"} has been reverted.`
diff --git a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/index.tsx b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/index.tsx
index 52dac08d93..4f8dbfa36c 100644
--- a/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/index.tsx
+++ b/apps/heureka/src/components/Service/ImageDetails/ImageIssuesList/index.tsx
@@ -54,6 +54,7 @@ const VulnerabilitiesTabContent = ({
   successMessage,
   onFalsePositiveSuccess,
   onRiskAcceptanceSuccess,
+  onMitigateManuallySuccess,
 }: {
   service: string
   image: ServiceImage
@@ -64,6 +65,7 @@ const VulnerabilitiesTabContent = ({
   successMessage: string | null
   onFalsePositiveSuccess: (cveNumber: string) => void | Promise<void>
   onRiskAcceptanceSuccess: (cveNumber: string) => void | Promise<void>
+  onMitigateManuallySuccess: (cveNumber: string) => void | Promise<void>
 }) => {
   return (
     <>
@@ -107,6 +109,7 @@ const VulnerabilitiesTabContent = ({
                 image={image.repository}
                 onFalsePositiveSuccess={onFalsePositiveSuccess}
                 onRiskAcceptanceSuccess={onRiskAcceptanceSuccess}
+                onMitigateManuallySuccess={onMitigateManuallySuccess}
               />
             </Suspense>
           </ErrorBoundary>
@@ -349,10 +352,20 @@ export const ImageIssuesList = ({
     )
   }, [])
 
+  const handleMitigateManuallySuccess = useCallback((cveNumber: string) => {
+    setVulnerabilitiesSuccessMessage(
+      `Vulnerability ${cveNumber} has been manually mitigated and moved to the Remediated list.`
+    )
+  }, [])
+
   const handleRemediatedTabRemediationSuccess = useCallback(
     (cveNumber: string, remediationType: RemediationTypeValues) => {
       const remediationTypeLabel =
-        remediationType === RemediationTypeValues.FalsePositive ? "a false positive" : "a risk acceptance"
+        remediationType === RemediationTypeValues.FalsePositive
+          ? "a false positive"
+          : remediationType === RemediationTypeValues.Mitigation
+            ? "manually mitigated"
+            : "a risk acceptance"
       const text = `Vulnerability ${cveNumber} has been marked as ${remediationTypeLabel}.`
       setRemediatedSuccessMessage(text)
     },
@@ -377,6 +390,7 @@ export const ImageIssuesList = ({
             successMessage={vulnerabilitiesSuccessMessage}
             onFalsePositiveSuccess={handleFalsePositiveSuccess}
             onRiskAcceptanceSuccess={handleRiskAcceptanceSuccess}
+            onMitigateManuallySuccess={handleMitigateManuallySuccess}
           />
         </TabPanel>
         <TabPanel>
diff --git a/apps/heureka/src/components/Service/ImageDetails/MitigateManuallyModal/index.tsx b/apps/heureka/src/components/Service/ImageDetails/MitigateManuallyModal/index.tsx
new file mode 100644
index 0000000000..29d49da9dc
--- /dev/null
+++ b/apps/heureka/src/components/Service/ImageDetails/MitigateManuallyModal/index.tsx
@@ -0,0 +1,29 @@
+/*
+ * SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and Juno contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import React from "react"
+import { RemediationInput, RemediationTypeValues } from "../../../../generated/graphql"
+import { RemediationModal } from "../RemediationModal"
+
+type MitigateManuallyModalProps = {
+  open: boolean
+  onClose: () => void
+  onConfirm: (input: RemediationInput) => Promise<{ error: string } | void>
+  vulnerability: string
+  severity?: string
+  service: string
+  image: string
+}
+
+export const MitigateManuallyModal: React.FC<MitigateManuallyModalProps> = (props) => (
+  <RemediationModal
+    {...props}
+    title="Mitigate Manually"
+    confirmLabel="Mitigate Manually"
+    remediationType={RemediationTypeValues.Mitigation}
+    descriptionPlaceholder="Add a description explaining the manual mitigation applied..."
+    expirationHelptext="When this mitigation should no longer be considered valid."
+  />
+)
diff --git a/apps/heureka/src/components/Service/ImageDetails/RemediationModal/RemediationModal.test.tsx b/apps/heureka/src/components/Service/ImageDetails/RemediationModal/RemediationModal.test.tsx
new file mode 100644
index 0000000000..147dc63e47
--- /dev/null
+++ b/apps/heureka/src/components/Service/ImageDetails/RemediationModal/RemediationModal.test.tsx
@@ -0,0 +1,323 @@
+/*
+ * SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and Juno contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import React from "react"
+import { render, screen, fireEvent } from "@testing-library/react"
+import userEvent from "@testing-library/user-event"
+import { PortalProvider } from "@cloudoperators/juno-ui-components"
+import { AuthProvider } from "@cloudoperators/greenhouse-auth-provider"
+import { RemediationModal } from "./index"
+import { FalsePositiveModal } from "../FalsePositiveModal"
+import { RiskAcceptanceModal } from "../RiskAcceptanceModal"
+import { MitigateManuallyModal } from "../MitigateManuallyModal"
+import { RemediationTypeValues } from "../../../../generated/graphql"
+
+// Mock DateTimePicker so tests can set dates without flatpickr DOM interaction
+vi.mock("@cloudoperators/juno-ui-components", async (importActual) => {
+  const actual = await importActual<typeof import("@cloudoperators/juno-ui-components")>()
+  return {
+    ...actual,
+    DateTimePicker: ({ label, onChange, required, invalid, errortext }: any) => (
+      <div>
+        <label htmlFor="mock-date-input">
+          {label}
+          {required ? " *" : ""}
+        </label>
+        <input
+          id="mock-date-input"
+          aria-label={label as string}
+          type="date"
+          onChange={(e) => (onChange as Function)?.(e.target.value ? [new Date(e.target.value)] : [])}
+        />
+        {invalid && errortext ? <span>{errortext as string}</span> : null}
+      </div>
+    ),
+  }
+})
+
+const mockAuth = { getSnapshot: () => ({ status: "anonymous" as const }) }
+
+const defaultProps = {
+  open: true,
+  onClose: vi.fn(),
+  onConfirm: vi.fn().mockResolvedValue(undefined),
+  vulnerability: "CVE-2024-1234",
+  service: "my-service",
+  image: "my-image",
+  title: "Test Action",
+  confirmLabel: "Confirm Test",
+  remediationType: RemediationTypeValues.FalsePositive,
+  descriptionPlaceholder: "Describe why...",
+  expirationHelptext: "When this should expire.",
+}
+
+const renderModal = (props: Partial<typeof defaultProps> & Record<string, unknown> = {}) =>
+  render(
+    <AuthProvider embedded auth={mockAuth}>
+      <PortalProvider>
+        <RemediationModal {...defaultProps} {...props} />
+      </PortalProvider>
+    </AuthProvider>
+  )
+
+// ---------------------------------------------------------------------------
+// RemediationModal — shared behaviour
+// ---------------------------------------------------------------------------
+
+describe("RemediationModal", () => {
+  beforeEach(() => {
+    vi.clearAllMocks()
+  })
+
+  describe("rendering", () => {
+    it("renders title and vulnerability details when open", () => {
+      renderModal()
+      expect(screen.getByRole("heading", { name: "Test Action" })).toBeInTheDocument()
+      expect(screen.getByText(/Vulnerability:/)).toBeInTheDocument()
+      expect(screen.getByText("CVE-2024-1234")).toBeInTheDocument()
+      expect(screen.getByText(/Service:/)).toBeInTheDocument()
+      expect(screen.getByText("my-service")).toBeInTheDocument()
+      expect(screen.getByText(/Image:/)).toBeInTheDocument()
+      expect(screen.getByText("my-image")).toBeInTheDocument()
+    })
+
+    it("renders Cancel and confirm buttons with correct labels", () => {
+      renderModal()
+      expect(screen.getByRole("button", { name: "Cancel" })).toBeInTheDocument()
+      expect(screen.getByRole("button", { name: "Confirm Test" })).toBeInTheDocument()
+    })
+
+    it("renders the description textarea with the provided placeholder", () => {
+      renderModal()
+      expect(screen.getByPlaceholderText("Describe why...")).toBeInTheDocument()
+    })
+
+    it("confirm button is disabled when all required fields are empty", () => {
+      renderModal()
+      expect(screen.getByRole("button", { name: "Confirm Test" })).toBeDisabled()
+    })
+
+    it("does not render source ticket field by default", () => {
+      renderModal()
+      expect(screen.queryByPlaceholderText("e.g. JIRA-1234")).not.toBeInTheDocument()
+    })
+
+    it("renders source ticket field when showSourceTicket is true", () => {
+      renderModal({ showSourceTicket: true })
+      expect(screen.getByPlaceholderText("e.g. JIRA-1234")).toBeInTheDocument()
+    })
+  })
+
+  describe("validation", () => {
+    it("confirm button becomes enabled only when all required fields are filled", async () => {
+      const user = userEvent.setup()
+      renderModal()
+      const confirmButton = screen.getByRole("button", { name: "Confirm Test" })
+
+      expect(confirmButton).toBeDisabled()
+
+      await user.type(screen.getByPlaceholderText("Describe why..."), "Some reason")
+      expect(confirmButton).toBeDisabled()
+
+      await user.type(screen.getByPlaceholderText(/Enter your user ID/i), "user-123")
+      expect(confirmButton).toBeDisabled()
+
+      fireEvent.change(screen.getByLabelText("Expiration Date"), { target: { value: "2026-12-31" } })
+      expect(confirmButton).not.toBeDisabled()
+    })
+
+    it("does not call onConfirm when confirm button is disabled", () => {
+      const onConfirm = vi.fn()
+      renderModal({ onConfirm })
+      fireEvent.click(screen.getByRole("button", { name: "Confirm Test" }))
+      expect(onConfirm).not.toHaveBeenCalled()
+    })
+  })
+
+  describe("interactions", () => {
+    it("calls onClose when Cancel is clicked", async () => {
+      const onClose = vi.fn()
+      const user = userEvent.setup()
+      renderModal({ onClose })
+      await user.click(screen.getByRole("button", { name: "Cancel" }))
+      expect(onClose).toHaveBeenCalledTimes(1)
+    })
+
+    it("calls onConfirm with correct input when all required fields are filled", async () => {
+      const onConfirm = vi.fn().mockResolvedValue(undefined)
+      const user = userEvent.setup()
+      renderModal({ onConfirm, remediationType: RemediationTypeValues.FalsePositive })
+
+      await user.type(screen.getByPlaceholderText(/Enter your user ID/i), "user-123")
+      await user.type(screen.getByPlaceholderText("Describe why..."), "It's not real")
+      fireEvent.change(screen.getByLabelText("Expiration Date"), { target: { value: "2026-12-31" } })
+      await user.click(screen.getByRole("button", { name: "Confirm Test" }))
+
+      expect(onConfirm).toHaveBeenCalledWith(
+        expect.objectContaining({
+          type: RemediationTypeValues.FalsePositive,
+          vulnerability: "CVE-2024-1234",
+          service: "my-service",
+          image: "my-image",
+          remediatedBy: "user-123",
+          description: "It's not real",
+        })
+      )
+    })
+
+    it("shows an error message when onConfirm returns an error", async () => {
+      const onConfirm = vi.fn().mockResolvedValue({ error: "Server error occurred" })
+      const user = userEvent.setup()
+      renderModal({ onConfirm })
+
+      await user.type(screen.getByPlaceholderText(/Enter your user ID/i), "user-123")
+      await user.type(screen.getByPlaceholderText("Describe why..."), "Some reason")
+      fireEvent.change(screen.getByLabelText("Expiration Date"), { target: { value: "2026-12-31" } })
+      await user.click(screen.getByRole("button", { name: "Confirm Test" }))
+
+      expect(await screen.findByText("Server error occurred")).toBeInTheDocument()
+    })
+
+    it("clears error message and resets fields when Cancel is clicked after an error", async () => {
+      const onConfirm = vi.fn().mockResolvedValue({ error: "Server error occurred" })
+      const onClose = vi.fn()
+      const user = userEvent.setup()
+      renderModal({ onConfirm, onClose })
+
+      await user.type(screen.getByPlaceholderText(/Enter your user ID/i), "user-123")
+      await user.type(screen.getByPlaceholderText("Describe why..."), "Some reason")
+      fireEvent.change(screen.getByLabelText("Expiration Date"), { target: { value: "2026-12-31" } })
+      await user.click(screen.getByRole("button", { name: "Confirm Test" }))
+      expect(await screen.findByText("Server error occurred")).toBeInTheDocument()
+
+      await user.click(screen.getByRole("button", { name: "Cancel" }))
+      expect(onClose).toHaveBeenCalledTimes(1)
+    })
+  })
+
+  describe("source ticket (showSourceTicket=true)", () => {
+    it("prepends source ticket to description when provided", async () => {
+      const onConfirm = vi.fn().mockResolvedValue(undefined)
+      const user = userEvent.setup()
+      renderModal({ onConfirm, showSourceTicket: true, remediationType: RemediationTypeValues.RiskAccepted })
+
+      await user.type(screen.getByPlaceholderText(/Enter your user ID/i), "user-123")
+      await user.type(screen.getByPlaceholderText("e.g. JIRA-1234"), "JIRA-9999")
+      await user.type(screen.getByPlaceholderText("Describe why..."), "Low risk")
+      fireEvent.change(screen.getByLabelText("Expiration Date"), { target: { value: "2026-12-31" } })
+      await user.click(screen.getByRole("button", { name: "Confirm Test" }))
+
+      expect(onConfirm).toHaveBeenCalledWith(
+        expect.objectContaining({
+          description: "Source Ticket: JIRA-9999\n\nLow risk",
+        })
+      )
+    })
+
+    it("does not prepend source ticket prefix when source ticket field is empty", async () => {
+      const onConfirm = vi.fn().mockResolvedValue(undefined)
+      const user = userEvent.setup()
+      renderModal({ onConfirm, showSourceTicket: true, remediationType: RemediationTypeValues.RiskAccepted })
+
+      await user.type(screen.getByPlaceholderText(/Enter your user ID/i), "user-123")
+      await user.type(screen.getByPlaceholderText("Describe why..."), "Low risk")
+      fireEvent.change(screen.getByLabelText("Expiration Date"), { target: { value: "2026-12-31" } })
+      await user.click(screen.getByRole("button", { name: "Confirm Test" }))
+
+      expect(onConfirm).toHaveBeenCalledWith(expect.objectContaining({ description: "Low risk" }))
+    })
+  })
+})
+
+// ---------------------------------------------------------------------------
+// Wrapper smoke tests — verify each wrapper passes the right type and title
+// ---------------------------------------------------------------------------
+
+const wrapperProps = {
+  open: true,
+  onClose: vi.fn(),
+  onConfirm: vi.fn().mockResolvedValue(undefined),
+  vulnerability: "CVE-2024-1234",
+  service: "my-service",
+  image: "my-image",
+}
+
+const renderWrapper = (ui: React.ReactElement) =>
+  render(
+    <AuthProvider embedded auth={mockAuth}>
+      <PortalProvider>{ui}</PortalProvider>
+    </AuthProvider>
+  )
+
+describe("FalsePositiveModal wrapper", () => {
+  it("renders with correct title and confirm label", () => {
+    renderWrapper(<FalsePositiveModal {...wrapperProps} />)
+    expect(screen.getByRole("heading", { name: "Mark as False Positive" })).toBeInTheDocument()
+    expect(screen.getByRole("button", { name: "Mark as False Positive" })).toBeInTheDocument()
+  })
+
+  it("submits with FalsePositive remediation type", async () => {
+    const onConfirm = vi.fn().mockResolvedValue(undefined)
+    const user = userEvent.setup()
+    renderWrapper(<FalsePositiveModal {...wrapperProps} onConfirm={onConfirm} />)
+
+    await user.type(screen.getByPlaceholderText(/Enter your user ID/i), "user-123")
+    await user.type(screen.getByPlaceholderText(/false positive/i), "Not affected")
+    fireEvent.change(screen.getByLabelText("Expiration Date"), { target: { value: "2026-12-31" } })
+    await user.click(screen.getByRole("button", { name: "Mark as False Positive" }))
+
+    expect(onConfirm).toHaveBeenCalledWith(expect.objectContaining({ type: RemediationTypeValues.FalsePositive }))
+  })
+})
+
+describe("RiskAcceptanceModal wrapper", () => {
+  it("renders with correct title, confirm label, and source ticket field", () => {
+    renderWrapper(<RiskAcceptanceModal {...wrapperProps} />)
+    expect(screen.getByRole("heading", { name: "Accept Risk" })).toBeInTheDocument()
+    expect(screen.getByRole("button", { name: "Accept Risk" })).toBeInTheDocument()
+    expect(screen.getByPlaceholderText("e.g. JIRA-1234")).toBeInTheDocument()
+  })
+
+  it("submits with RiskAccepted remediation type, url field, and plain description", async () => {
+    const onConfirm = vi.fn().mockResolvedValue(undefined)
+    const user = userEvent.setup()
+    renderWrapper(<RiskAcceptanceModal {...wrapperProps} onConfirm={onConfirm} />)
+
+    await user.type(screen.getByPlaceholderText(/Enter your user ID/i), "user-123")
+    await user.type(screen.getByPlaceholderText("e.g. JIRA-1234"), "JIRA-9999")
+    await user.type(screen.getByPlaceholderText(/accepting this risk/i), "Accepted")
+    fireEvent.change(screen.getByLabelText("Expiration Date"), { target: { value: "2026-12-31" } })
+    await user.click(screen.getByRole("button", { name: "Accept Risk" }))
+
+    expect(onConfirm).toHaveBeenCalledWith(
+      expect.objectContaining({
+        type: RemediationTypeValues.RiskAccepted,
+        url: "JIRA-9999",
+        description: "Accepted",
+      })
+    )
+  })
+})
+
+describe("MitigateManuallyModal wrapper", () => {
+  it("renders with correct title and confirm label", () => {
+    renderWrapper(<MitigateManuallyModal {...wrapperProps} />)
+    expect(screen.getByRole("heading", { name: "Mitigate Manually" })).toBeInTheDocument()
+    expect(screen.getByRole("button", { name: "Mitigate Manually" })).toBeInTheDocument()
+  })
+
+  it("submits with Mitigation remediation type", async () => {
+    const onConfirm = vi.fn().mockResolvedValue(undefined)
+    const user = userEvent.setup()
+    renderWrapper(<MitigateManuallyModal {...wrapperProps} onConfirm={onConfirm} />)
+
+    await user.type(screen.getByPlaceholderText(/Enter your user ID/i), "user-123")
+    await user.type(screen.getByPlaceholderText(/manual mitigation/i), "Patched internally")
+    fireEvent.change(screen.getByLabelText("Expiration Date"), { target: { value: "2026-12-31" } })
+    await user.click(screen.getByRole("button", { name: "Mitigate Manually" }))
+
+    expect(onConfirm).toHaveBeenCalledWith(expect.objectContaining({ type: RemediationTypeValues.Mitigation }))
+  })
+})
diff --git a/apps/heureka/src/components/Service/ImageDetails/RemediationModal/index.tsx b/apps/heureka/src/components/Service/ImageDetails/RemediationModal/index.tsx
new file mode 100644
index 0000000000..8feef34083
--- /dev/null
+++ b/apps/heureka/src/components/Service/ImageDetails/RemediationModal/index.tsx
@@ -0,0 +1,262 @@
+/*
+ * SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and Juno contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import React, { useState, useRef, useEffect } from "react"
+import {
+  Modal,
+  ModalFooter,
+  Button,
+  Stack,
+  Textarea,
+  TextInput,
+  DateTimePicker,
+  Message,
+} from "@cloudoperators/juno-ui-components"
+import { RemediationInput, RemediationTypeValues, SeverityValues } from "../../../../generated/graphql"
+import { useAuth } from "@cloudoperators/greenhouse-auth-provider"
+
+type RemediationModalProps = {
+  open: boolean
+  onClose: () => void
+  onConfirm: (input: RemediationInput) => Promise<{ error: string } | void>
+  vulnerability: string
+  severity?: string
+  service: string
+  image: string
+  title: string
+  confirmLabel: string
+  remediationType: RemediationTypeValues
+  descriptionPlaceholder: string
+  expirationHelptext: string
+  showSourceTicket?: boolean
+  /** When true: source ticket field is shown as required, validated, and sent as the `url` field (not embedded in description). */
+  sourceTicketRequired?: boolean
+}
+
+const EMPTY_FORM = { description: "", manualUserId: "", sourceTicket: "", expirationDate: null as Date | null }
+const EMPTY_ERRORS = { description: "", userId: "", sourceTicket: "", expirationDate: "" }
+
+const toSeverityValue = (severity: string): SeverityValues | undefined => {
+  if (!severity) return undefined
+  const normalized = severity.charAt(0).toUpperCase() + severity.slice(1).toLowerCase()
+  const value = normalized as SeverityValues
+  return Object.values(SeverityValues).includes(value) ? value : undefined
+}
+
+export const RemediationModal: React.FC<RemediationModalProps> = ({
+  open,
+  onClose,
+  onConfirm,
+  vulnerability,
+  severity,
+  service,
+  image,
+  title,
+  confirmLabel,
+  remediationType,
+  descriptionPlaceholder,
+  expirationHelptext,
+  showSourceTicket = false,
+  sourceTicketRequired = false,
+}) => {
+  const auth = useAuth()
+  const authUserId = auth.status === "authenticated" ? auth.userId || auth.userName : null
+  const [form, setForm] = useState(EMPTY_FORM)
+  const [errors, setErrors] = useState(EMPTY_ERRORS)
+  const [isSubmitting, setIsSubmitting] = useState(false)
+  const [apiError, setApiError] = useState<string | null>(null)
+  const isMountedRef = useRef(true)
+
+  const manualUserIdTrimmed = form.manualUserId.trim()
+  const remediatedBy = authUserId ?? (manualUserIdTrimmed || undefined)
+  const isUserIdValid = !!remediatedBy
+
+  useEffect(() => {
+    isMountedRef.current = true
+    return () => {
+      isMountedRef.current = false
+    }
+  }, [])
+
+  useEffect(() => {
+    if (!open) {
+      setForm(EMPTY_FORM)
+      setErrors(EMPTY_ERRORS)
+      setApiError(null)
+    }
+  }, [open])
+
+  const descriptionTrimmed = form.description.trim()
+  const sourceTicketTrimmed = form.sourceTicket.trim()
+
+  const buildDescription = () => {
+    if (showSourceTicket && !sourceTicketRequired && sourceTicketTrimmed) {
+      return `Source Ticket: ${sourceTicketTrimmed}\n\n${descriptionTrimmed}`
+    }
+    return descriptionTrimmed
+  }
+
+  const handleConfirm = async () => {
+    if (!descriptionTrimmed) {
+      setErrors((prev) => ({ ...prev, description: "Description is required" }))
+      return
+    }
+    if (!remediatedBy) {
+      setErrors((prev) => ({ ...prev, userId: "User ID is required" }))
+      return
+    }
+    if (sourceTicketRequired && !sourceTicketTrimmed) {
+      setErrors((prev) => ({ ...prev, sourceTicket: "Jira ticket is required" }))
+      return
+    }
+    if (!form.expirationDate) {
+      setErrors((prev) => ({ ...prev, expirationDate: "Expiration date is required" }))
+      return
+    }
+
+    setErrors(EMPTY_ERRORS)
+    setIsSubmitting(true)
+    try {
+      const severityValue = severity ? toSeverityValue(severity) : undefined
+      const input: RemediationInput = {
+        type: remediationType,
+        vulnerability,
+        service,
+        image,
+        description: buildDescription(),
+        ...(remediatedBy && { remediatedBy }),
+        ...(severityValue !== undefined && { severity: severityValue }),
+        expirationDate: form.expirationDate.toISOString(),
+        ...(sourceTicketRequired && sourceTicketTrimmed ? { url: sourceTicketTrimmed } : {}),
+      }
+      const result = await onConfirm(input)
+      if (result?.error) {
+        setApiError(result.error)
+      } else if (isMountedRef.current) {
+        setForm(EMPTY_FORM)
+        onClose()
+      }
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Failed to create remediation"
+      setApiError(message)
+    } finally {
+      setIsSubmitting(false)
+    }
+  }
+
+  const handleClose = () => {
+    setForm(EMPTY_FORM)
+    setErrors(EMPTY_ERRORS)
+    setApiError(null)
+    onClose()
+  }
+
+  return (
+    <Modal
+      title={title}
+      open={open}
+      onCancel={handleClose}
+      modalFooter={
+        <ModalFooter>
+          <Stack direction="horizontal" gap="2" distribution="end" className="w-full">
+            <Button onClick={handleClose} label="Cancel" disabled={isSubmitting} />
+            <Button
+              onClick={handleConfirm}
+              label={confirmLabel}
+              variant="primary"
+              disabled={
+                isSubmitting ||
+                !descriptionTrimmed ||
+                !isUserIdValid ||
+                !form.expirationDate ||
+                (sourceTicketRequired && !sourceTicketTrimmed)
+              }
+            />
+          </Stack>
+        </ModalFooter>
+      }
+    >
+      <Stack gap="4" direction="vertical">
+        {apiError && <Message text={apiError} variant="error" />}
+        <div>
+          <strong>Vulnerability:</strong> {vulnerability}
+        </div>
+        <div>
+          <strong>Service:</strong> {service}
+        </div>
+        <div>
+          <strong>Image:</strong> {image}
+        </div>
+        <div>
+          <TextInput
+            label="User ID"
+            value={authUserId ?? form.manualUserId}
+            onChange={(e) => {
+              setForm((prev) => ({ ...prev, manualUserId: e.target.value }))
+              if (errors.userId) setErrors((prev) => ({ ...prev, userId: "" }))
+            }}
+            disabled={!!authUserId}
+            required
+            invalid={!!errors.userId}
+            errortext={errors.userId}
+            placeholder={authUserId ? undefined : "Enter your user ID"}
+            helptext={authUserId ? "User ID from current session (read-only)." : "Enter your user ID."}
+          />
+        </div>
+        {(showSourceTicket || sourceTicketRequired) && (
+          <div>
+            <TextInput
+              label="Jira Ticket / Risk Acceptance Source Ticket"
+              value={form.sourceTicket}
+              onChange={(e) => {
+                setForm((prev) => ({ ...prev, sourceTicket: e.target.value }))
+                if (errors.sourceTicket) setErrors((prev) => ({ ...prev, sourceTicket: "" }))
+              }}
+              placeholder="e.g. JIRA-1234"
+              required={sourceTicketRequired}
+              invalid={!!errors.sourceTicket}
+              errortext={errors.sourceTicket}
+              helptext={
+                sourceTicketRequired
+                  ? "Reference ticket for this risk acceptance decision."
+                  : "Optional. Reference ticket for this risk acceptance decision."
+              }
+            />
+          </div>
+        )}
+        <div>
+          <DateTimePicker
+            label="Expiration Date"
+            value={form.expirationDate ?? undefined}
+            onChange={(dates) => {
+              setForm((prev) => ({ ...prev, expirationDate: dates?.[0] ?? null }))
+              if (errors.expirationDate) setErrors((prev) => ({ ...prev, expirationDate: "" }))
+            }}
+            minDate="today"
+            required
+            invalid={!!errors.expirationDate}
+            errortext={errors.expirationDate}
+            helptext={expirationHelptext}
+          />
+        </div>
+        <div>
+          <Textarea
+            label="Description"
+            placeholder={descriptionPlaceholder}
+            value={form.description}
+            onChange={(e) => {
+              setForm((prev) => ({ ...prev, description: e.target.value }))
+              if (errors.description) setErrors((prev) => ({ ...prev, description: "" }))
+            }}
+            rows={14}
+            required
+            invalid={!!errors.description}
+            errortext={errors.description || ""}
+          />
+        </div>
+      </Stack>
+    </Modal>
+  )
+}
diff --git a/apps/heureka/src/components/Service/ImageDetails/RiskAcceptanceModal/index.tsx b/apps/heureka/src/components/Service/ImageDetails/RiskAcceptanceModal/index.tsx
index d4e98084b6..73c31ca71f 100644
--- a/apps/heureka/src/components/Service/ImageDetails/RiskAcceptanceModal/index.tsx
+++ b/apps/heureka/src/components/Service/ImageDetails/RiskAcceptanceModal/index.tsx
@@ -3,19 +3,9 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import React, { useState, useRef, useEffect } from "react"
-import {
-  Modal,
-  ModalFooter,
-  Button,
-  Stack,
-  Textarea,
-  TextInput,
-  DateTimePicker,
-  Message,
-} from "@cloudoperators/juno-ui-components"
-import { RemediationInput, RemediationTypeValues, SeverityValues } from "../../../../generated/graphql"
-import { useAuth } from "@cloudoperators/greenhouse-auth-provider"
+import React from "react"
+import { RemediationInput, RemediationTypeValues } from "../../../../generated/graphql"
+import { RemediationModal } from "../RemediationModal"
 
 type RiskAcceptanceModalProps = {
   open: boolean
@@ -27,231 +17,14 @@ type RiskAcceptanceModalProps = {
   image: string
 }
 
-const CONFIRM_LABEL = "Accept Risk"
-const CANCEL_LABEL = "Cancel"
-
-const toSeverityValue = (severity: string): SeverityValues | undefined => {
-  if (!severity) return undefined
-  const normalized = severity.charAt(0).toUpperCase() + severity.slice(1).toLowerCase()
-  const value = normalized as SeverityValues
-  return Object.values(SeverityValues).includes(value) ? value : undefined
-}
-
-export const RiskAcceptanceModal: React.FC<RiskAcceptanceModalProps> = ({
-  open,
-  onClose,
-  onConfirm,
-  vulnerability,
-  severity,
-  service,
-  image,
-}) => {
-  const auth = useAuth()
-  const authUserId = auth.status === "authenticated" ? auth.userId || auth.userName : null
-  const [description, setDescription] = useState<string>("")
-  const [manualUserId, setManualUserId] = useState<string>("")
-  const [sourceTicket, setSourceTicket] = useState<string>("")
-  const [expirationDate, setExpirationDate] = useState<Date | null>(null)
-  const [isSubmitting, setIsSubmitting] = useState(false)
-  const [descriptionError, setDescriptionError] = useState<string>("")
-  const [userIdError, setUserIdError] = useState<string>("")
-  const [sourceTicketError, setSourceTicketError] = useState<string>("")
-  const [expirationDateError, setExpirationDateError] = useState<string>("")
-  const [apiError, setApiError] = useState<string | null>(null)
-  const isMountedRef = useRef(true)
-
-  const manualUserIdTrimmed = manualUserId.trim()
-  const remediatedBy = authUserId ?? (manualUserIdTrimmed || undefined)
-  const isUserIdValid = !!remediatedBy
-
-  useEffect(() => {
-    isMountedRef.current = true
-    return () => {
-      isMountedRef.current = false
-    }
-  }, [])
-
-  useEffect(() => {
-    if (!open) {
-      setDescription("")
-      setManualUserId("")
-      setSourceTicket("")
-      setExpirationDate(null)
-      setDescriptionError("")
-      setUserIdError("")
-      setSourceTicketError("")
-      setExpirationDateError("")
-      setApiError(null)
-    }
-  }, [open])
-
-  const descriptionTrimmed = description.trim()
-  const sourceTicketTrimmed = sourceTicket.trim()
-
-  const handleConfirm = async () => {
-    if (!descriptionTrimmed) {
-      setDescriptionError("Description is required")
-      return
-    }
-    if (!remediatedBy) {
-      setUserIdError("User ID is required")
-      return
-    }
-    if (!sourceTicketTrimmed) {
-      setSourceTicketError("Jira ticket is required")
-      return
-    }
-    if (!expirationDate) {
-      setExpirationDateError("Expiration date is required")
-      return
-    }
-
-    setDescriptionError("")
-    setUserIdError("")
-    setSourceTicketError("")
-    setExpirationDateError("")
-    setIsSubmitting(true)
-    try {
-      const severityValue = severity ? toSeverityValue(severity) : undefined
-      const input: RemediationInput = {
-        type: RemediationTypeValues.RiskAccepted,
-        vulnerability,
-        service,
-        image,
-        description: descriptionTrimmed,
-        ...(remediatedBy && { remediatedBy }),
-        ...(severityValue !== undefined && { severity: severityValue }),
-        expirationDate: expirationDate.toISOString(),
-        ...(sourceTicketTrimmed && { url: sourceTicketTrimmed }),
-      }
-      const result = await onConfirm(input)
-      if (result?.error) {
-        setApiError(result.error)
-      } else if (isMountedRef.current) {
-        setDescription("")
-        setManualUserId("")
-        setSourceTicket("")
-        setExpirationDate(null)
-        onClose()
-      }
-    } catch (error) {
-      const message = error instanceof Error ? error.message : "Failed to create remediation"
-      setApiError(message)
-    } finally {
-      setIsSubmitting(false)
-    }
-  }
-
-  const handleClose = () => {
-    setDescription("")
-    setManualUserId("")
-    setSourceTicket("")
-    setExpirationDate(null)
-    setDescriptionError("")
-    setUserIdError("")
-    setExpirationDateError("")
-    setApiError(null)
-    onClose()
-  }
-
-  const handleDescriptionChange = (e: React.ChangeEvent<HTMLTextAreaElement>) => {
-    setDescription(e.target.value)
-    if (descriptionError) {
-      setDescriptionError("")
-    }
-  }
-
-  return (
-    <Modal
-      title="Accept Risk"
-      open={open}
-      onCancel={handleClose}
-      modalFooter={
-        <ModalFooter>
-          <Stack direction="horizontal" gap="2" distribution="end" className="w-full">
-            <Button onClick={handleClose} label={CANCEL_LABEL} disabled={isSubmitting} />
-            <Button
-              onClick={handleConfirm}
-              label={CONFIRM_LABEL}
-              variant="primary"
-              disabled={
-                isSubmitting || !descriptionTrimmed || !isUserIdValid || !sourceTicketTrimmed || !expirationDate
-              }
-            />
-          </Stack>
-        </ModalFooter>
-      }
-    >
-      <Stack gap="4" direction="vertical">
-        {apiError && <Message text={apiError} variant="error" />}
-        <div>
-          <strong>Vulnerability:</strong> {vulnerability}
-        </div>
-        <div>
-          <strong>Service:</strong> {service}
-        </div>
-        <div>
-          <strong>Image:</strong> {image}
-        </div>
-        <div>
-          <TextInput
-            label="User ID"
-            value={authUserId ?? manualUserId}
-            onChange={(e) => {
-              setManualUserId(e.target.value)
-              if (userIdError) setUserIdError("")
-            }}
-            disabled={!!authUserId}
-            required
-            invalid={!!userIdError}
-            errortext={userIdError}
-            placeholder={authUserId ? undefined : "Enter your user ID"}
-            helptext={authUserId ? "User ID from current session (read-only)." : "Enter your user ID."}
-          />
-        </div>
-        <div>
-          <TextInput
-            label="Jira Ticket / Risk Acceptance Source Ticket"
-            value={sourceTicket}
-            onChange={(e) => {
-              setSourceTicket(e.target.value)
-              if (sourceTicketError) setSourceTicketError("")
-            }}
-            placeholder="e.g. JIRA-1234"
-            required
-            invalid={!!sourceTicketError}
-            errortext={sourceTicketError}
-            helptext="Reference ticket for this risk acceptance decision."
-          />
-        </div>
-        <div>
-          <DateTimePicker
-            label="Expiration Date"
-            value={expirationDate ?? undefined}
-            onChange={(dates) => {
-              setExpirationDate(dates?.[0] ?? null)
-              if (expirationDateError) setExpirationDateError("")
-            }}
-            minDate="today"
-            required
-            invalid={!!expirationDateError}
-            errortext={expirationDateError}
-            helptext="When this risk acceptance should no longer be considered valid."
-          />
-        </div>
-        <div>
-          <Textarea
-            label="Description"
-            placeholder="Add a description explaining the reason for accepting this risk..."
-            value={description}
-            onChange={handleDescriptionChange}
-            rows={14}
-            required
-            invalid={!!descriptionError}
-            errortext={descriptionError || ""}
-          />
-        </div>
-      </Stack>
-    </Modal>
-  )
-}
+export const RiskAcceptanceModal: React.FC<RiskAcceptanceModalProps> = (props) => (
+  <RemediationModal
+    {...props}
+    title="Accept Risk"
+    confirmLabel="Accept Risk"
+    remediationType={RemediationTypeValues.RiskAccepted}
+    descriptionPlaceholder="Add a description explaining the reason for accepting this risk..."
+    expirationHelptext="When this risk acceptance should no longer be considered valid."
+    sourceTicketRequired
+  />
+)