PT-2026-50511

Name of the Vulnerable Software and Affected Versions NVIDIA Spatial Intelligence Lab's SIL GEN3C affected versions not specified Description The inference API server contains an unauthenticated remote code execution flaw. The endpoints '/request-inference' and '/seed-model' deserialize raw HTTP...

PT-2026-50433

Name of the Vulnerable Software and Affected Versions Dell PowerFlex Manager affected versions not specified Description A missing authentication for critical function issue exists. An unauthenticated attacker with adjacent network access could exploit this to achieve code execution, denial of...

PT-2026-50440

Name of the Vulnerable Software and Affected Versions Python StateMachine versions 3.0.0 through 3.1.x Description An issue exists where the library evaluates expressions from SCXML documents unsafely. The SCXMLProcessor passes attacker-controlled expression strings from attributes through a call...

ROS-20260617-73-0023

The vulnerability in ImageMagick7 is related to buffer overflow in the stack. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

ROS-20260617-73-0024

The vulnerability in ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260617-73-0005

The vulnerability in ImageMagick is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260617-73-0006

The vulnerability in ImageMagick 7 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2026-50438

Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX Open Source versions prior to 1.31.2-1.1 Description An issue exists in the ngx http proxy v2 module and ngx http grpc module modules. The problem occurs when the proxy http version is set to 2 ...

Bosch Security Systems IP Cameras Remote Code Execution (CVE-2018-19036)

An issue was discovered in several Bosch IP cameras running firmware 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface. This plugin only works with Tenable.ot. Please visit...

CVE-2026-36418

The CVE concerns JimuReport versions ≤ 2.3.4, where remote code execution is possible via the /jmreport/executeSelectApi endpoint due to inadequate validation of user input passed to the Aviator expression engine. This is caused by improper handling of Aviator expressions, allowing arbitrary code...

RockyLinux 8 : hplip (RLSA-2026:26335)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26335 advisory. HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection CVE-2026-8632 HPLIP: HPLIP: Arbitrary code...

RHEL 10 : valkey (RHSA-2026:26540)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26540 advisory. Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists,...

RockyLinux 9 : hplip (RLSA-2026:26297)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26297 advisory. HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection CVE-2026-8632 HPLIP: HPLIP: Arbitrary code...

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.28 RCE (7276560)

The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7276560 advisory. - IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, when using Intelligent Management with the...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : FreeRDP vulnerabilities (USN-8432-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8432-1 advisory. It was discovered that FreeRDP incorrectly handled memory under certain circumstances, which could lead to...

Important: dracut security update

The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition...

Linux Distros Unpatched Vulnerability : CVE-2025-56814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code injection vulnerability in the wxExecute function of OpenCPN v5.12.0 allows attackers to execute arbitrary code via embedding shell metacharacters...

RockyLinux 8 : redis:6 (RLSA-2026:26008)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26008 advisory. redis: RESTORE invalid memory access may allow remote code execution CVE-2026-25243 Tenable has extracted the preceding description block directly from the...

Security Updates for Microsoft Office Products (June 2026) (macOS)

The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the june-16-2026 advisory. - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-44819, CVE-2026-44824,...

RockyLinux 9 : valkey (RLSA-2026:25925)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25925 advisory. redis: use-after-free in unblock client flow may allow remote code execution CVE-2026-23479 redis: Remote code execution via use-after-free in Lua...