Oracle Linux 8 : libcap (ELSA-2026-13285)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13285 advisory. 2.48-6.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169304 Tenable has extracted the preceding description block directly from the...

Oracle Linux 9 : kernel (ELSA-2026-13565)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13565 advisory. - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Vladislav Dronov RHEL-172201 CVE-2026-31431 - crypto: authencesn -...

Oracle Linux 8 : dovecot (ELSA-2026-13830)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13830 advisory. - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161630 - fix CVE-2025-59032: ManageSieve: Denial of Service via...

Oracle Linux 10 : osbuild-composer (ELSA-2026-13643)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13643 advisory. - Ensure build on latest golang: CVE-2024-34156 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 10 : openssh (ELSA-2026-13380)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13380 advisory. - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164738 - CVE-2026-35388: Add...

Oracle Linux 9 : python-tornado (ELSA-2026-13670)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-13670 advisory. 6.5.5-1.1 - Update to 6.5.5 Resolves: RHEL-160941 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : systemd (ELSA-2026-13677)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13677 advisory. - coredump: use %d in kernel core pattern - CVE-2025-4598 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

Oracle Linux 8 : thunderbird (ELSA-2026-13537)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-13537 advisory. 140.10.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.10.0 - Add OpenELA debranding 140.10.0-1 - Update to 140.10.0 ESR...

kernel security update

6.12.0-124.55.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

Oracle Linux 10 : freeipmi (ELSA-2026-13515)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13515 advisory. 1.6.17-1 - Update to 1.6.17 1.6.14-6 - .fmf/version: Add fmf metadtata root 1.6.14-5 - gating: RHEL-10: Add OSCI testing Tenable has extracted the preceding...

Oracle Linux 8 : tigervnc (ELSA-2026-13414)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13414 advisory. - Fix CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003 xorg-x11-server: various XKB and XSYNC vulnerabilities Resolves:...

Oracle Linux 7 : python3 (ELSA-2026-9745)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9745 advisory. 3.6.8-21.0.11 - Security update CVE-2026-4519 Orabug: 39246828 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 7 : python (ELSA-2026-9614)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9614 advisory. 2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

osbuild-composer security update

149-6.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...

Oracle Linux 10 : dovecot (ELSA-2026-13498)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13498 advisory. - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161625 - fix CVE-2025-59032: ManageSieve: Denial of Service vi...

Oracle Linux 10 : yggdrasil-worker-package-manager (ELSA-2026-11412)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-11412 advisory. 0.2.3-5 - Bump release for rebuild Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

Oracle Linux 10 : yggdrasil (ELSA-2026-11413)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11413 advisory. 0.4.8-4 - Bump release for rebuild Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

Oracle Linux 9 : vim (ELSA-2026-11510)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11510 advisory. - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin - RHEL-155422 CVE-2026-28421 vim: Vim: Denial of...

Oracle Linux 10 : vim (ELSA-2026-11389)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11389 advisory. - RHEL-159615 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob function - RHEL-155409 CVE-2026-28421 vim: Vim: Denial of servic...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50254)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50254 advisory. - crypto: algifaead - Revert to operating out-of-place Herbert Xu Orabug: 39292190 CVE-2026-31431 Tenable has extracted the preceding description block...