PT-2026-2792

Name of the Vulnerable Software and Affected Versions Enclave versions prior to 2.7.0 Description Enclave is a secure JavaScript sandbox used for safe AI agent code execution. A critical sandbox escape issue exists in enclave-vm, allowing untrusted JavaScript code to execute arbitrary code in the...

Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation, USA.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation, USA. Mozilla Firefox and Mozilla Firefox ESR suffer from a buffer overflow vulnerability caused by incorrect bounda...

MiracleLinux 9 : fence-agents-4.10.0-76.el9_5.4.ML.1 (AXSA:2025-9553:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9553:01 advisory. fence-agents: Jinja has a sandbox breakout through indirect reference to format method rhel-9.5.z CVE-2024-56326 fence-agents: Jinja has a sandbox...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2025-11632:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11632:01 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

MiracleLinux 9 : thunderbird-140.6.0-1.el9_7.ML.1 (AXSA:2025-11620:28)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11620:28 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-fr...

MiracleLinux 9 : runc-1.2.5-3.el9_6 (AXSA:2025-11079:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11079:02 advisory. runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to...

MiracleLinux 9 : thunderbird-128.14.0-3.el9_6.ML.1 (AXSA:2025-10805:20)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10805:20 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escap...

MiracleLinux 9 : runc-1.3.0-4.el9_7 (AXSA:2025-11119:03)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11119:03 advisory. runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to...

MiracleLinux 8 : thunderbird-128.14.0-3.el8_10.ML.1 (AXSA:2025-10810:21)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10810:21 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escap...

MiracleLinux 7 : httpd-2.4.6-99.1.0.10.el7.AXS7 (AXSA:2025-10901:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10901:08 advisory. CVE-2024-47252: escape user-supplied data in modssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files...

Linux Distros Unpatched Vulnerability : CVE-2026-0880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape due to integer overflow in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbir...

MiracleLinux 9 : podman-5.6.0-7.el9_7 (AXSA:2025-11510:12)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11510:12 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

MiracleLinux 9 : php:8.3 (AXSA:2025-11640:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11640:01 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML...

MiracleLinux 9 : buildah-1.41.6-1.el9_7 (AXSA:2025-11528:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11528:07 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 golang: archive/tar: Unbounde...

MiracleLinux 9 : thunderbird-140.3.0-1.el9_6.ML.1 (AXSA:2025-10909:23)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10909:23 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect...

MiracleLinux 9 : firefox-128.14.0-2.el9_6.ML.1 (AXSA:2025-10784:29)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10784:29 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escap...

Linux Distros Unpatched Vulnerability : CVE-2026-0879

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140....

GO-2026-4278 HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration in github.com/hashicorp/nomad

HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration in github.com/hashicorp/nomad...

SUSE-SU-2026:20031-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Changes in MozillaFirefox: Firefox Extended Support Release 140.6.0 ESR was released: Fixed: Various security fixes. MFSA 2025-94 bsc1254551: CVE-2025-14321: Use-after-free in the WebRTC: Signaling component CVE-2025-14322: Sandbox escape...

OPENSUSE-SU-2026:20018-1 Security update for glib2

This update for glib2 fixes the following issues: Update to version 2.84.4. Security issues fixed: - CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. -...