Security Bulletin: NVIDIA NeMo - June 2026

NVIDIA has released a software update for NVIDIA® NeMo Framework. To protect your system, clone or update this software to version 2.7.3 or later from the NVIDIA-NeMo/NeMo GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this...

Linux Distros Unpatched Vulnerability : CVE-2026-46331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using...

ROOT-OS-UBUNTU-2204-CVE-2026-31420 CVE-2026-31420 in rootio-linux - Patched by Root

Root has patched CVE-2026-31420 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2024-40900 CVE-2024-40900 in rootio-linux - Patched by Root

Root has patched CVE-2024-40900 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2018-1121 CVE-2018-1121 in rootio-linux - Patched by Root

Root has patched CVE-2018-1121 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2024-54458 CVE-2024-54458 in rootio-linux - Patched by Root

Root has patched CVE-2024-54458 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2026-45865 CVE-2026-45865 in rootio-linux - Patched by Root

Root has patched CVE-2026-45865 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2025-22063 CVE-2025-22063 in rootio-linux - Patched by Root

Root has patched CVE-2025-22063 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2025-38712 CVE-2025-38712 in rootio-linux - Patched by Root

Root has patched CVE-2025-38712 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

Linux Distros Unpatched Vulnerability : CVE-2026-52722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer...

Linux Distros Unpatched Vulnerability : CVE-2026-12205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce...

Linux Distros Unpatched Vulnerability : CVE-2025-71330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a...

Linux Distros Unpatched Vulnerability : CVE-2026-6040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against...

Linux Distros Unpatched Vulnerability : CVE-2026-54421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Ironic through 35.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensiti...

Linux Distros Unpatched Vulnerability : CVE-2025-55650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free in the gfnodegettag function scenegraph/basescenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplyi...

Linux Distros Unpatched Vulnerability : CVE-2026-42850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special...

Linux Distros Unpatched Vulnerability : CVE-2026-43966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in ninenines cowlib allows HTTP response splitting via...

Linux Distros Unpatched Vulnerability : CVE-2026-42306

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version...

Linux Distros Unpatched Vulnerability : CVE-2025-55641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in the gfisomcopysampleinfo function isomedia/isomwrite.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via...

Linux Distros Unpatched Vulnerability : CVE-2026-41579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - runc - None CVE-2026-41579 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc...