AlmaLinux 10 : podman (ALSA-2026:24470)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24470 advisory. crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation CVE-2026-32281 crypto/tls: golang: Go crypto/tls:...

AlmaLinux 9 : unbound (ALSA-2026:24369)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24369 advisory. unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via...

AlmaLinux 10 : .NET 8.0 (ALSA-2026:25111)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25111 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...

AlmaLinux 10 : .NET 10.0 (ALSA-2026:25115)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25115 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...

AlmaLinux 10 : delve (ALSA-2026:23102)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:23102 advisory. crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation CVE-2026-32281 crypto/tls: golang: Go crypto/tls:...

AlmaLinux 8 : expat (ALSA-2026:22721)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22721 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the AlmaLinux security...

Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

ALSA-2026:18421 Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

ALSA-2026:18326 Moderate: libvirt security update

Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...

AlmaLinux 9 : libpng (ALSA-2026:18028)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18028 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 Tenable has extracted the preceding description block directly from th...

AlmaLinux 8 : ALSA-2026:A008kernel (ALSA-2026:A008)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:A008 advisory. kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-46300 kernel: ptrace: require CAPSYSPTRACE when task has no mm...

AlmaLinux 9 : ALSA-2026:A009kernel (ALSA-2026:A009)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:A009 advisory. kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-46300 kernel: ptrace: require CAPSYSPTRACE when task has no mm...

AlmaLinux 9 : gimp (ALSA-2026:16484)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16484 advisory. gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image CVE-2026-4887 gimp: GIMP: Remote Code Execution via XPM File Parsing...

AlmaLinux 10 : libpng (ALSA-2026:14790)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:14790 advisory. libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion CVE-2026-33636 Tenable has extracted the...

AlmaLinux 10 : glib2 (ALSA-2026:15969)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:15969 advisory. glib: GLib: Buffer underflow in GVariant parser leads to heap corruption CVE-2025-14087 glib: Integer Overflow in GLib GIO Attribute Escaping Causes Hea...

AlmaLinux 9 : thunderbird (ALSA-2026:15892)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:15892 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScrip...

AlmaLinux 10 : image-builder (ALSA-2026:3840)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3840 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

AlmaLinux 10 : dovecot (ALSA-2026:13498)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13498 advisory. dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command CVE-2025-59032 dovecot: denial of service via crafted...

AlmaLinux 10 : fence-agents (ALSA-2026:13916)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13916 advisory. pyjwt: PyJWT accepts unknown crit header extensions RFC 7515 ?4.1.11 MUST violation CVE-2026-32597 pyasn1: pyasn1 Vulnerable to Denial of Service via...

AlmaLinux 8 : thunderbird (ALSA-2026:13537)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:13537 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScrip...