Security Updates for Microsoft Visual Studio Products (June 2026)

The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by a denial of service vulnerability: - Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network. CVE-2026-45591 Note that Nessus has not tested f...

CVE-2026-42974

creationtimestamp| type| source ---|---|--- 2026-06-09 15:44:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0181 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review 2026-06-10 21:07:07+00:00| seen|...

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.6.21 shipped with IBM Cloud Pak for Business Automation iFixes for April 2026

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation April 2026 security fixes update this dependency beyond 4.6.21 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: runc is a C...

Hunting-Bugs

2026 Practical Bug Bounty Guide Built on real-world experie...

Security Updates for Microsoft SQL Server (May 2026) (Remote)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - External control of file name or path in SQL Server allows an authorized attacker to execute code over a network. CVE-2026-40370 Note that Nessus has...

Security Updates for Microsoft SharePoint Server 2019 (May 2026)

The Microsoft SharePoint 2019 Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote Code Execution CVE-2026-33112, CVE-2026-33110, CVE-2026-35439, CVE-2026-40357, CVE-2026-40365, CVE-2026-40367, CVE-2026-40368,...

Security Updates for Microsoft SQL Server (April 2026)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerabilities: - A privilege escalation vulnerability CVE-2026-32167, CVE-2026-32176 - A remote code execution vulnerability CVE-2026-33120 Note that Nessus has not...

Security Updates for Microsoft SharePoint Server 2016 (April 2026)

The Microsoft SharePoint 2016 Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Spoofing vulnerabilities CVE-2026-20945, CVE-2026-32201 Note that Nessus has not tested for these issues but has instead relied only on the...

Security Updates for Microsoft SharePoint Server 2016 (March 2026)

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote Code Execution vulnerabilities CVE-2026-26106, CVE-2026-26113, CVE-2026-26114 - Spoofing vulnerability in Microsoft SharePoint Server...

Security Updates for Microsoft Office Products C2R (March 2026)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. CVE-2026-26110, CVE-2026-26113 Note that...

Security Updates for Microsoft SharePoint Server Subscription Edition (March 2026)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote Code Execution vulnerabilities CVE-2026-26106, CVE-2026-26113 - Spoofing vulnerability in Microsoft SharePoint Server...

Security Updates for Microsoft Visual Studio Products (February 2026)

The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including: - Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execu...

CVE-2026-21240

creationtimestamp| type| source ---|---|--- 2026-02-10 17:30:28+00:00| seen| https://www.thezdi.com/blog/2026/2/10/the-february-2026-security-update-review 2026-02-10 18:01:45+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0053...

CVE-2026-21250

creationtimestamp| type| source ---|---|--- 2026-02-10 17:30:28+00:00| seen| https://www.thezdi.com/blog/2026/2/10/the-february-2026-security-update-review 2026-02-10 18:01:45+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0053 2026-05-12 17:33:08+00:00| seen|...

Fedora 42 : java-21-openjdk / java-25-openjdk / java-latest-openjdk (2026-1ad57632f2)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-1ad57632f2 advisory. January 2026 annual updates ---- January 2026 security update Tenable has extracted the preceding description block directly from the Fedora security advisor...

Security Updates for Microsoft SharePoint Server 2016 (February 2026)

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2026-21511,...

Security Updates for Microsoft SharePoint Server Subscription Edition (February 2026)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user...

Security Updates for Microsoft SharePoint Server 2019 (February 2026)

The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...