AlmaLinux 8 : python-pyasn1 (ALSA-2026:4146)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:4146 advisory. pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID CVE-2026-23490 Tenable has extracted the preceding description block directl...

AlmaLinux 10 : opentelemetry-collector (ALSA-2026:4174)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:4174 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls...

AlmaLinux 8 : postgresql:16 (ALSA-2026:4063)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4063 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

AlmaLinux 9 : postgresql:16 (ALSA-2026:4110)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4110 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

AlmaLinux 10 : osbuild-composer (ALSA-2026:3752)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3752 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: archive/zip: Excessive CPU...

AlmaLinux 8 : libvpx (ALSA-2026:3967)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3967 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 8 : postgresql:12 (ALSA-2026:4064)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4064 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

AlmaLinux 10 : nfs-utils (ALSA-2026:3939)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3939 advisory. nfs-utils: rpc.mountd in the nfs-utils privilege escalation CVE-2025-12801 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : python3.12 (ALSA-2026:4165)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4165 advisory. cpython: IMAP command injection in user-controlled commands CVE-2025-15366 cpython: POP3 command injection in user-controlled commands CVE-2025-15367...

AlmaLinux 9 : kernel (ALSA-2026:3966)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3966 advisory. kernel: Linux kernel iouring: Local privilege escalation, information disclosure, or denial of service via use-after-free CVE-2025-38106 kernel: macvlan:...

AlmaLinux 10 : mysql8.4 (ALSA-2026:4162)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4162 advisory. mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21941 mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21948 mysql: Inno...

AlmaLinux 9 : gimp (ALSA-2026:4173)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4173 advisory. gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing CVE-2026-2047 gimp: GIMP: Remote Code Execution via uninitialized...

AlmaLinux 8 : nfs-utils (ALSA-2026:3938)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3938 advisory. nfs-utils: rpc.mountd in the nfs-utils privilege escalation CVE-2025-12801 Tenable has extracted the preceding description block directly from the AlmaLinux securi...

Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls CVE-2025-68121 For more details about the security issues,...

AlmaLinux 8 : thunderbird (ALSA-2026:3515)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3515 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...

AlmaLinux 10 : libpng (ALSA-2026:3551)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3551 advisory. libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of...

AlmaLinux 10 : go-rpm-macros (ALSA-2026:3669)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3669 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 Tenable has extracted the preceding description block directly from the...

AlmaLinux 10 : delve (ALSA-2026:3864)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3864 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

AlmaLinux 8 : kernel-rt (ALSA-2026:3463)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3463 advisory. kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration CVE-2026-23097 Tenable has extracted the preceding description block directly...

AlmaLinux 9 : git-lfs (ALSA-2026:3928)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3928 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...