SUSE: Security Advisory (SUSE-SU-2026:1314-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: perl-XML-Parser

Issue Overview: XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption double free or corruption and crashes. A :utf8 PerlIO layer, parsestream in Expat.xs could overflow the XML input buffer because Perl's read returns decoded characters...

Slackware Linux 15.0 / current libexif Multiple Vulnerabilities (SSA:2026-104-01)

The version of libexif installed on the remote host is prior to 0.6.26. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-104-01 advisory. New libexif packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...

Oracle Linux 10 : squid (ELSA-2026-8119)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8119 advisory. - Resolves: RHEL-160667 - squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 Tenable has extracted the preceding description block...

Medium: oci-add-hooks

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

Mageia: Security Advisory (MGASA-2026-0093)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : vim (2026-c718defeb6)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c718defeb6 advisory. Security fix for CVE-2026-34714, CVE-2026-35177, CVE-2026-34982 Tenable has extracted the preceding description block directly from the Fedora...

SUSE: Security Advisory (SUSE-SU-2026:20986-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : mupdf (2026-7a9c0c8c04)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7a9c0c8c04 advisory. fix CVE-2026-3308 rhbz2454361 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

Fedora 43 : yarnpkg (2026-085abeea02)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-085abeea02 advisory. Refresh vendor bundle, fixes CVE-2026-4800. ---- Update vendor bundle. Tenable has extracted the preceding description block directly from the Fedor...

Fedora 43 : libmicrohttpd (2026-65a08d1312)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-65a08d1312 advisory. Update to 1.0.3-1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Photon OS 5.0: Python3 PHSA-2026-5.0-0816

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0816. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Debian: Security Advisory (DLA-4525-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-0192882589)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-29145

CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M7 through 10.1.52, from 9.0.83 through 9.0.115; Apache Tomcat...

RockyLinux 8 : libpng12 (RLSA-2026:6445)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6445 advisory. libpng: LIBPNG has a heap buffer overflow in pngsetquantize CVE-2026-25646 Tenable has extracted the preceding description block directly from the RockyLinux...

PT-2026-32093

Name of the Vulnerable Software and Affected Versions Acrobat DC versions prior to 26.001.21411 Acrobat Reader DC versions prior to 26.001.21411 Acrobat 2024 affected versions not specified Description An Improperly Controlled Modification of Object Prototype Attributes, also known as Prototype...

Mageia: Security Advisory (MGASA-2026-0090)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-66f19b11e0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA90971 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability, integer overflow vulnerability in the...