Fedora 45 : nasm (2026-c346e5cd24)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c346e5cd24 advisory. Automatic update for nasm-3.01-3.fc45. Changelog Wed Apr 22 2026 Dominik Mierzejewski - 3.01-3 - fix CVE-2026-6067 resolves rhbz2458087, rhbz2458089...

Fedora 45 : sentencepiece (2026-8755a17c6e)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8755a17c6e advisory. Automatic update for sentencepiece-0.2.1-1.fc45. Changelog Tue May 19 2026 Peter Robinson - 0.2.1-1 - Update to 0.2.1 - Fixes CVE-2026-1260 rhbz2432139...

Fedora 45 : dolphin-emu (2026-4a6b728056)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4a6b728056 advisory. Automatic update for dolphin-emu-2503a-16.fc45. Changelog Wed May 27 2026 Jeremy Newton - 2503a-16 - Fix RHBZ2454084 Tenable has extracted the preceding...

Malicious code in @beyondbday/vibe-terminal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9859c1af428f41ba7f7eb2a1db744705f5644ff2422629d94e3de1ecb59c9405 On every launch of the vibe CLI, dist/vibe.js queries the npm registry for the latest version of @beyondbday/vibe-terminal and, if newer than the...

PT-2026-40439

Name of the Vulnerable Software and Affected Versions DNS Cluster affected versions not specified Description SSL verification is disabled in the DNS Cluster system. This allows a malicious server to perform a man-in-the-middle attack, which is a technique where an attacker intercepts communicati...

Fedora 45 : pypy (2026-b58cd376d6)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b58cd376d6 advisory. Automatic update for pypy-7.3.22-2.fc45. Changelog Tue May 5 2026 Charalampos Stratakis - 7.3.22-2 - Security fix for CVE-2026-3219 in the bundled pip wheel ...

Fedora 45 : opencryptoki (2026-d63e3968e8)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d63e3968e8 advisory. Automatic update for opencryptoki-3.26.0-3.fc45. Changelog Tue May 5 2026 Than Ngo - 3.26.0-3 - Fix rhbz2432016: CVE-2026-23893, Privilege Escalation or Data...

Fedora 42 : pyp2spec (2026-91671b8061)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-91671b8061 advisory. Automatic update for pyp2spec-0.14.1-1.fc42. Changelog for pyp2spec Tue Apr 21 2026 Packit - 0.14.1-1 - Update to 0.14.1 upstream release - Resolves:...

Fedora 45 : subfinder (2026-3a2ff381f7)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3a2ff381f7 advisory. Automatic update for subfinder-2.14.0-1.fc45. Changelog Tue Apr 28 2026 Mikel Olasagasti Uranga - 2.14.0-1 - Update to 2.14.0 - Closes rhbz2463149...

Fedora 43 : cockpit (2026-42f1aaa820)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-42f1aaa820 advisory. Automatic update for cockpit-360-1.fc43. Changelog for cockpit Wed Apr 08 2026 Packit - 360-1 - ws: be more explicit when handling hostnames on cli...

Fedora 45 : moby-engine (2026-e520168745)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e520168745 advisory. Automatic update for moby-engine-29.4.0-1.fc45. Changelog Tue Apr 7 2026 Bradley G Smith - 29.4.0-1 - Update to release v29.4.0 - Resolves: rhbz2455894 -...

Fedora 45 : usd (2026-abd4c1829d)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-abd4c1829d advisory. Automatic update for usd-26.03-2.fc45. Changelog Mon Apr 6 2026 Benjamin A. Beasley - 26.03-2 - Backport fix for CVE-2026-34544 in OpenEXRCore - Fixes...

Fedora 43 : crun (2026-4747ff73a3)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4747ff73a3 advisory. Automatic update for crun-1.27-1.fc43. Changelog for crun Wed Mar 25 2026 Packit - 1.27-1 - Update to 1.27 upstream release Mon Dec 22 2025 Packit - 1.26-1 -...

Fedora 45 : python3.11 (2026-838bf0f5d5)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-838bf0f5d5 advisory. Automatic update for python3.11-3.11.15-2.fc45. Changelog Thu Mar 26 2026 Lumr Balhar - 3.11.15-2 - Security fix for CVE-2026-4519 rhbz2449727 Tenable has...

Fedora 45 : python3.9 (2026-1fb0e26534)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1fb0e26534 advisory. Automatic update for python3.9-3.9.25-7.fc45. Changelog Thu Mar 26 2026 Lumr Balhar - 3.9.25-7 - Security fix for CVE-2026-4519 rhbz2449735 Tenable has...

Fedora 45 : bpfman (2026-0523662d59)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0523662d59 advisory. Automatic update for bpfman-0.5.4-6.fc45. Changelog Wed Mar 11 2026 Daniel Mellado - 0.5.4-6 - Fix CVE-2026-31812: Bump quinn-proto to 0.11.14 - Closes...

CVE-2026-27180

MajorDoMo aka Major Domestic Module is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin method through the /objects/?module=saverestore endpoint without authentication because it uses gr'mode'...

Fedora 45 : selenium-manager (2026-a92ff0085d)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a92ff0085d advisory. Automatic update for selenium-manager-4.34.0-6.fc45. Changelog Tue Feb 10 2026 tjuhasz - 4.34.0-6 - Rebuild for CVE-2026-25727 rhbz2438154 Tenable has...

Vulnerability Found in InsightVM & Nexpose: CVE-2026-1814 (FIXED)

We are grateful to the research team at Atredis for sharing their findings around a vulnerability CVE-2026-1814 impacting our vulnerability management offerings InsightVM and Nexpose. We have identified a fix that addresses this vulnerability and will be delivered via a Security Console product...

GHSA-MHG7-666J-CQG4 Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions

Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude folder and paths outside the project scope. Exploiting this require...