Amazon Linux 2023 : compat-golang-github-cpuguy83-md2man-2-devel, golang-github-cpuguy83-md2man, golang-github-cpuguy83-md2man-devel (ALAS2023-2026-1749)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1749 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 Within HostnameError.Error, when constructing ...

RockyLinux 8 : osbuild-composer (RLSA-2026:2124)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:2124 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 Tenable has extracted the preceding descriptio...

RockyLinux 10 : image-builder (RLSA-2026:3840)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3840 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion i...

image-builder security update

An update is available for image-builder. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A local binary for building customized OS artifacts such as VM images...

osbuild-composer security update

An update is available for osbuild-composer. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A service for building customized OS artifacts, such as VM images an...

osbuild-composer security update

An update is available for osbuild-composer. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A service for building customized OS artifacts, such as VM images an...

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security h...

RHCOS 4 : OpenShift Container Platform 4.18.42 (RHSA-2026:17446)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17446 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - golang: net/url: Memory exhaustion in quer...

Important: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

CLEANSTART-2026-HB06257 Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24051, CVE-2026-33186, CVE-2026-39883, ghsa-6v2p-p543-phr9, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-hfvc-g4fc-pqhx, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 0.59.0-r0, 0.59.0-r1, 0.59.0-r2, 0.59.0-r3

Multiple security vulnerabilities affect the kapp-controller-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-JH93057 Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-33186, CVE-2026-39883, ghsa-6v2p-p543-phr9, ghsa-f6x5-jh6r-wrfv, ghsa-hfvc-g4fc-pqhx, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 0.57.0-r0, 0.59.0-r0, 0.59.0-r1

Multiple security vulnerabilities affect the kapp-controller package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-TL04302 Security fixes for CVE-2025-61727, CVE-2025-61729, ghsa-cgrx-mc8f-2prm, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-vvgc-356p-c3xw applied in versions: 1.10.2-r0, 1.10.2-r1, 1.5.0-r0, 1.9.1-r0

Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-OS08278 Security fixes for CVE-2025-61727, CVE-2025-61729, ghsa-cgrx-mc8f-2prm, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-vvgc-356p-c3xw applied in versions: 1.10.2-r0, 1.10.2-r1, 1.5.0-r0, 1.9.1-r0

Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-QO30809 Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, ghsa-4v7x-pqxf-cx7m, ghsa-6v2p-p543-phr9, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw applied in versions: 0.9.0-r1, 0.9.0-r3

Multiple security vulnerabilities affect the wave-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-AQ65185 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32285, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-34986, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39882, CVE-2026-42499, CVE-2026-42501, CVE-2026-44740, CVE-2026-45022, CVE-2026-4660, ghsa-389r-gv7p-r3rp, ghsa-3xc5-wrhm-f963, ghsa-6g7g-w4f8-9c9x, ghsa-78h2-9frx-2jm8, ghsa-92mm-2pjq-r785, ghsa-9h8m-3fm2-qjrq, ghsa-fw7p-63qq-7hpr, ghsa-q9hv-hpm4-hj6x, ghsa-w8rr-5gcm-pp58, ghsa-xmrv-pmrh-hhx2 applied in versions: 0.93.13-r1, 0.96.1-r0, 0.96.1-r1, 0.96.1-r2, 0.96.1-r3, 0.96.1-r4, 0.96.1-r5, 0.96.1-r6

Multiple security vulnerabilities affect the terragrunt-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Important: Red Hat Security Advisory: gvisor-tap-vsock security update

An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

cf-cli-8.18.3+git.0.83ce51d9c-1.1 on GA media (moderate)

cf-cli-8.18.3+git.0.83ce51d9c-1.1 on GA media Announcement ID: openSUSE-SU-2026:10688-1 Rating: moderate Cross-References: CVE-2025-61729 CVSS scores: CVE-2025-61729 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-61729 SUSE : 8.7...

RHCOS 4 : OpenShift Container Platform 4.17.52 (RHSA-2026:5866)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5866 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - crypto/x509: golang: Denial of Service due ...

RHEL 9 : skopeo (RHSA-2026:12029)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:12029 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.19.15 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.19.15 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.19.15 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-6345: RHODF 4.19.15 DFBUGS-5942: Backport to odf-4.19.z External Mode: noobaa-default-backing-store is in...