Fedora 43 : nodejs20 (2026-9dc3a61ad8)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9dc3a61ad8 advisory. Update to version 20.20.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 44 : libexif (2026-fd361a6f7f)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fd361a6f7f advisory. Update to 0.6.26, fixing several CVEs https://github.com/libexif/libexif/releases/tag/v0.6.26 Tenable has extracted the preceding description block...

Fedora 42 : libmicrohttpd (2026-7a0641ca41)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7a0641ca41 advisory. Update to 1.0.3-1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

PT-2026-28457

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.11 Description The software contains an approval integrity issue where system.run approvals do not properly bind mutable file operands for specific script runners, including tsx and jiti. This allows attackers...

Fedora 43 : headscale (2026-c3c02ffe75)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c3c02ffe75 advisory. update to 0.28.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Security Bulletin: Security vulnerability in nginx affects IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in nginx affects IBM Robotic Process Automation for Cloud Pak. Nginx is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details...

Fedora 45 : containernetworking-plugins (2026-38d944f97d)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-38d944f97d advisory. Automatic update for containernetworking-plugins-1.9.1-1.fc45. Changelog Mon Mar 16 2026 Bradley G Smith - 1.9.1-1 - Update to release v1.9.1 -...

Fedora 42 : python-pyasn1 (2026-ddafe1357a)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ddafe1357a advisory. Update for python-pyasn1-0.6.2-1.fc42. Changelog Thu Feb 05 2026 Simon Pichugin - 0.6.2-1 - Update to 0.6.2 - Fixed continuation octet limits in...

CVE-2026-27482

Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST/PUT but does not cover DELETE, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable e.g., --dashboard-host=0.0.0.0, a web page via DNS rebinding o...

CVE-2021-41083

Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any...

PT-2026-2084

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 exhibit Undefined Behavior in the...

PT-2026-1434

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV, a set of libraries and tools for working with ICC color management profiles, contains a Type Confusion issue within its CIccSingleSampledeCurveXml class during XML Curve Serialization...

PT-2026-1071

Name of the Vulnerable Software and Affected Versions QNAP versions prior to 5.2.6.3195 build 20250715 QNAP QuTS hero versions prior to 5.2.6.3195 build 20250715 Description A flaw exists where resources can be allocated without limits or throttling. If an attacker obtains a user account, they ma...

PT-2025-53686

Name of the Vulnerable Software and Affected Versions SmarterTools SmarterMail versions prior to Build 9413 Description A critical vulnerability exists in SmarterTools SmarterMail that allows unauthenticated attackers to upload arbitrary files to any location on the mail server, potentially...

Fedora 42 : docker-buildkit (2025-9cf9edf688)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-9cf9edf688 advisory. - Update to release v0.26.3 - Resolves CVE-2024-25621: rhbz2419004, rhbz2419033, rhbz2419427 - Upstream fix Tenable has extracted the preceding...

Fedora 43 : uriparser (2025-5c12420f33)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5c12420f33 advisory. Update to uriparser-1.0.0, fixes CVE-2025-67899. Tenable has extracted the preceding description block directly from the Fedora security advisory...

Fedora 43 : containernetworking-plugins (2025-294d534170)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-294d534170 advisory. Update to release v1.9.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...

Fedora 42 : source-to-image (2025-96f340d7a0)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-96f340d7a0 advisory. Update to 1.5.1, migrate to Go Vendor Tools Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

PT-2025-46386

Name of the Vulnerable Software and Affected Versions IntelR CIP software versions prior to WIN DCA 2.4.0.11001 Description An improper access control issue exists in some IntelR CIP software. This may allow an information disclosure when running within Ring 3 User Applications. An unprivileged...

PT-2025-46389

Name of the Vulnerable Software and Affected Versions IntelR PROSet/Wireless WiFi Software for Windows versions prior to 23.160 Description A flaw exists in input validation within IntelR PROSet/Wireless WiFi Software for Windows. An authenticated attacker with high complexity access may be able ...