| Reporter | Title | Published | Views | Family All 20696 |
|---|---|---|---|---|
| MINI-2JPP-44FQ-3JF8 | 17 Jun 202621:36 | – | osv | |
| MINI-2JPP-8GV4-PX67 | 7 Jun 202619:24 | – | osv | |
| MINI-2JQM-Q5WV-6FJ8 | 11 Apr 202615:46 | – | osv | |
| MINI-2JQQ-G947-3888 | 14 Jul 202613:30 | – | osv | |
| MINI-2JV6-759J-QCHM | 11 Apr 202620:46 | – | osv | |
| MINI-2JVF-CRPC-579J | 23 Jun 202623:17 | – | osv | |
| MINI-2JVQ-FVC7-9925 | 28 Jun 202613:46 | – | osv | |
| MINI-2JWV-F8MQ-MJ5R | 5 Jun 202603:55 | – | osv | |
| MINI-2JXH-756F-R9Q3 | 23 Jun 202623:17 | – | osv | |
| MINI-2JXP-4V96-7M79 | 5 Jun 202617:12 | – | osv |
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
| bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
| bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
| bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
| bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
| bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
| bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
| bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2026:41019. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(327424);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/07/16");
script_cve_id(
"CVE-2025-61729",
"CVE-2026-25679",
"CVE-2026-27137",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-33186",
"CVE-2026-33811",
"CVE-2026-33815",
"CVE-2026-33816",
"CVE-2026-35469",
"CVE-2026-39821",
"CVE-2026-39828",
"CVE-2026-39829",
"CVE-2026-39830",
"CVE-2026-39832",
"CVE-2026-39835",
"CVE-2026-42151",
"CVE-2026-42154",
"CVE-2026-42508",
"CVE-2026-46595"
);
script_xref(name:"RHSA", value:"2026:41019");
script_name(english:"RHEL 10 / 9 : Red Hat Edge Manager Version 1.1.3 Security Update (Important) (RHSA-2026:41019)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2026:41019 advisory.
Red Hat Edge Manager (RHEM) provides simple, scalable, and security-focused
management of edge devices and applications. It supports image-mode RHEL and
container workloads that run on Podman/Docker or Kubernetes.
RHEM is now available as a standalone feature, providing greater flexibility for
edge deployments. In addition to the standalone version, RHEM continues to be
offered as a plugin for the following platforms:
Red Hat Advanced Cluster Management (RHACM): Extends fleet management to edge
devices.
Red Hat Ansible Automation Platform (AAP): Integrates edge management with
Ansible automation.
This integration enables organizations to optimize the management and
orchestration of their fleets of edge devices; whether its thousands of
dispersed retail point-of-sale systems or industrial machinery on remote factory
floors.
Value for customers and partners:
* This solution not only helps customers manage thousands of devices but helps
scale operations.
* To manage large-scale deployments, customers need to be able to integrate with
their existing management systems, support remote configuration and over-the-air
updates, and collect telemetry data for advanced analytics.
* Red Hat Edge Manager offers a simple and security-focused lifecycle
management, from onboarding to decommissioning of edge devices.
This complete end-to-end solution empowers organizations to gain the most value
from the fleets of devices that generate data, all from a centralized location.
Security fixes:
* golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate (CVE-2026-39835)
* golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses
(CVE-2026-39830)
* golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters
(CVE-2026-39829)
* golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions (CVE-2026-39828)
* golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation (CVE-2026-46595)
* golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions
(CVE-2026-39832)
* golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey (CVE-2026-42508)
* golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821)
* Go net package: Denial of Service via long CNAME response in LookupCNAME (CVE-2026-33811)
* Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)
* Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
* Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* Go crypto/x509: Incorrect enforcement of email constraints (CVE-2026-27137)
* Go net/url: Incorrect parsing of IPv6 host literals (CVE-2026-25679)
* golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
* github.com/jackc/pgx: Memory-safety vulnerability (CVE-2026-33816)
* github.com/jackc/pgx: Memory-safety vulnerability (CVE-2026-33815)
* gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)
* Prometheus: Information disclosure of Azure OAuth client secret via config API (CVE-2026-42151)
* Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint
(CVE-2026-42154)
* Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code (CVE-2026-35469)
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
# https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.1/html/installing_red_hat_edge_manager_on_red_hat_enterprise_linux/rhem-integrating-with-aap
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?147a1dda");
# https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.1/html/installing_red_hat_edge_manager_on_red_hat_openshift_container_platform/edge-manager-install-rhem-ocp#edge-manager-verify-rhem-acm-console
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fae07753");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2418462");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2445345");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2445356");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2449833");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2455972");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2455975");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2456333");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2456336");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2456338");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2456339");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2457729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2466505");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2466507");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2467822");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2480680");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2480681");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2480684");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2480685");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2480687");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2480688");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2480689");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2480756");
# https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_41019.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?955e2ebb");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2026:41019");
script_set_attribute(attribute:"solution", value:
"Update the affected flightctl-agent and / or flightctl-cli packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:M/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:P");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-32282");
script_set_attribute(attribute:"cvss4_score_source", value:"CVE-2026-35469");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(256, 281, 295, 303, 367, 476, 551, 764, 770, 772, 787, 1050, 1284, 1286, 1289, 1341);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/12/02");
script_set_attribute(attribute:"patch_publication_date", value:"2026/07/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/07/16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:9");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:flightctl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:flightctl-agent");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:flightctl-cli");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'Red Hat' >!< os_product) audit(AUDIT_OS_NOT, 'Red Hat');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
if (!rhel_check_release_list(operator: 'ge', os_version: os_version, rhel_versions: ['10','9'])) audit(AUDIT_OS_NOT, 'Red Hat 10.x / 9.x', 'Red Hat ' + os_version);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'release': '10',
'repo_relative_urls': [
'content/dist/layered/rhel10/aarch64/edge-manager/1.1/debug',
'content/dist/layered/rhel10/aarch64/edge-manager/1.1/os',
'content/dist/layered/rhel10/aarch64/edge-manager/1.1/source/SRPMS',
'content/dist/layered/rhel10/ppc64le/edge-manager/1.1/debug',
'content/dist/layered/rhel10/ppc64le/edge-manager/1.1/os',
'content/dist/layered/rhel10/ppc64le/edge-manager/1.1/source/SRPMS',
'content/dist/layered/rhel10/s390x/edge-manager/1.1/debug',
'content/dist/layered/rhel10/s390x/edge-manager/1.1/os',
'content/dist/layered/rhel10/s390x/edge-manager/1.1/source/SRPMS',
'content/dist/layered/rhel10/x86_64/edge-manager/1.1/debug',
'content/dist/layered/rhel10/x86_64/edge-manager/1.1/os',
'content/dist/layered/rhel10/x86_64/edge-manager/1.1/source/SRPMS'
],
'pkgs': [
{'reference':'flightctl-agent-1.1.3-1.el10em', 'el_string':'el10em', 'rpm_spec_vers_cmp':TRUE},
{'reference':'flightctl-cli-1.1.3-1.el10em', 'el_string':'el10em', 'rpm_spec_vers_cmp':TRUE}
]
},
{
'release': '9',
'repo_relative_urls': [
'content/dist/layered/rhel9/aarch64/edge-manager/1.1/debug',
'content/dist/layered/rhel9/aarch64/edge-manager/1.1/os',
'content/dist/layered/rhel9/aarch64/edge-manager/1.1/source/SRPMS',
'content/dist/layered/rhel9/ppc64le/edge-manager/1.1/debug',
'content/dist/layered/rhel9/ppc64le/edge-manager/1.1/os',
'content/dist/layered/rhel9/ppc64le/edge-manager/1.1/source/SRPMS',
'content/dist/layered/rhel9/s390x/edge-manager/1.1/debug',
'content/dist/layered/rhel9/s390x/edge-manager/1.1/os',
'content/dist/layered/rhel9/s390x/edge-manager/1.1/source/SRPMS',
'content/dist/layered/rhel9/x86_64/edge-manager/1.1/debug',
'content/dist/layered/rhel9/x86_64/edge-manager/1.1/os',
'content/dist/layered/rhel9/x86_64/edge-manager/1.1/source/SRPMS'
],
'pkgs': [
{'reference':'flightctl-agent-1.1.3-1.el9em', 'el_string':'el9em', 'rpm_spec_vers_cmp':TRUE},
{'reference':'flightctl-cli-1.1.3-1.el9em', 'el_string':'el9em', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var repo_relative_urls;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
if (!empty_or_null(constraint['repo_relative_urls'])) repo_relative_urls = constraint['repo_relative_urls'];
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(rpm:exists_check))) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'flightctl-agent / flightctl-cli');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation