RockyLinux 9 : freeipmi (RLSA-2026:14819)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:14819 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the RockyLinux...

Fedora 44 : dotnet10.0 (2026-32952baba5)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-32952baba5 advisory. Update to .NET SDK 10.0.107 and Runtime 10.0.7 Fixes: CVE-2026-40372 Release Notes: - SDK:...

MiracleLinux 8 : kernel-4.18.0-553.121.1.el8_10 (AXSA:2026-577:31)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-577:31 advisory. kernel: crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 Tenable has extracted the preceding description block directly from the MiracleLin...

Fedora 44 : nextcloud (2026-cb5661d883)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cb5661d883 advisory. 33.0.3 Release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora 42 : openssl (2026-7af660d639)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7af660d639 advisory. Validate RSApublicencrypt result in RSASVE Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Important: kernel-livepatch-5.10.248-247.988

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Advisory ROSA-SA-2026-3267

software: kernel-5.15 5.15.193 WASP: ROSA-CHROME unaffected versions = kernel-5.15-5.15.193-5 affected versions kernel-5.15-5.15.193-5 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: NO DATA CVE-DESC.: A vulnerability in the Linux kernel xfrm subsystem ESP allows data decryption over non-packet skb...

Advisory ROSA-SA-2026-3258

software: kernel-6.1 6.1.152 OS: ROSA-CHROME unaffected versions = kernel-6.1-6.1.1.152-3 affected versions kernel-6.1-6.1.152-3 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perform AEAD "in-place"...

Advisory ROSA-SA-2026-3257

software: kernel-6.12 6.12.74 WASP: ROSA-CHROME unaffected versions = kernel-6.12-6.12.74-5 affected versions kernel-6.12-6.12.74-5 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perform AEAD "in-plac...

Fedora 42 : rust-sequoia-git (2026-6f64d2e143)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6f64d2e143 advisory. Update to version 0.6.0. Addresses RUSTSEC-2026-0109. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Oracle Linux 7 : python3 (ELSA-2026-9745)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9745 advisory. 3.6.8-21.0.11 - Security update CVE-2026-4519 Orabug: 39246828 Tenable has extracted the preceding description block directly from the Oracle Linux security...

PT-2026-38199

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient policy enforcement in DevTools allows an attacker to perform UI spoofing via a crafted Chrome Extension, provided they can convince a user to install the malicious extensio...

Fedora 43 : insight (2026-e0f5e87dd6)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e0f5e87dd6 advisory. Fix CVE-2026-6846. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 44 : insight (2026-f72d44d09e)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f72d44d09e advisory. Fix CVE-2026-6846. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Linux Distros Unpatched Vulnerability : CVE-2026-6321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data wa...

PT-2026-38152

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An inappropriate implementation in Navigation allows a remote attacker who has compromised the renderer process to bypass site isolation using a crafted HTML page. Site isolation is a...

PT-2026-38153

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A race condition in the Speech component allows a remote attacker who has already compromised the renderer process to obtain potentially sensitive information from process memory by usi...

CVE-2026-7768 @fastify/accepts-serializer vulnerable to Denial of Service via Unbounded Accept Header Cache Growth

@fastify/accepts-serializer cached serializer-selection results keyed by the request Accept header without a size limit or eviction policy. A remote unauthenticated client could send many distinct but matching Accept header variants to make the cache grow unbounded, eventually exhausting the...

RHCOS 4 : OpenShift Container Platform 4.17.16 (RHSA-2025:1122)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:1122 advisory. - cri-o: CRI-O Path Traversal in Log Handling Functions Allows Arbitrary Unmounting CVE-2025-0750 Note that Nessus has not tested for this...

RHCOS 6 : haproxy (RHSA-2013:0729)

The remote Red Hat Enterprise Linux CoreOS 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2013:0729 advisory. - haproxy: rewrite rules flaw can lead to arbitrary code execution CVE-2013-1912 Note that Nessus has not tested for this issue but has inste...