KB5087537: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2026)

The remote Windows host is missing security update 5087537. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

ArcadeDB vulnerable to cross-database authorization bypass and unsecured newly-created databases

Impact Authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an uninitialized fileAccessMap, which...

Improper Restriction of Rendered UI Layers or Frames

Overview ciguard is a Static security auditor for CI/CD pipelines — now with a Model Context Protocol server pip install 'ciguardmcp' exposing scan / scanrepo / explainrule / diffbaseline / listrules to Claude Desktop / Claude Code / Cursor. Plus .ciguardignore rationale-required suppression,...

Tenable Security Center Multiple Vulnerabilities (TNS-2026-10)

According to its self-reported version, the Tenable Security Center running on the remote host is 6.5.0 through 6.8.0 and missing security patch SC-202604.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2026-10 advisory. - Missing validation of multibyte charact...

Juniper Junos OS Vulnerability (JSA107863)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107863 advisory. - A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to...

Microsoft Windows Admin Center Local Privilege Escalation (February 2026)

The remote Windows host is running a version of Microsoft Windows Admin Center that is missing a security update. It is, therefore, affected by a local privilege escalation vulnerability. Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a...

cipher-xbow-benchmark

Cipher XBOW Benchmark Results Black-box assessment results fr...

CVE-2026-1696 Missing security HTTP headers

Some HTTP security headers are not properly set by the web server when sending responses to the client application...

openSUSE Security Advisory (SUSE-SU-2026:0433-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Updates for Microsoft SharePoint Server 2019 (February 2026)

The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

Security Updates for Microsoft Exchange Server (February 2026)

The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by a vulnerability as referenced in the February, 2026 security bulletin. - User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an...

IBM Cloud Pak System 安全漏洞

IBM Cloud Pak System is a fully configurable and pre-integrated software-based full-stack, integrated infrastructure provided by IBM. This product supports deployment across hybrid cloud environments, as well as management and mobile application scenarios. There is a security vulnerability in IBM...

CVE-2025-70849

Arbitrary File Upload in podinfo thru 6.9.0 allows unauthenticated attackers to upload arbitrary files via crafted POST request to the /store endpoint. The application renders uploaded content without a restrictive Content-Security-Policy CSP or adequate Content-Type validation, leading to Stored...

EUVD-2025-206493

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

CVE-2025-55249

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

MiracleLinux 7 : kernel-3.10.0-1160.42.2.el7 (AXSA:2021-2411:20)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2411:20 advisory. kernel: use-after-free in route4change in net/sched/clsroute.c CVE-2021-3715 Tenable has extracted the preceding description block directly from the...

CVE-2025-55249

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

CVE-2025-55249

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

CVE-2025-55249 HCL AION is affected by a Missing Security Response Headers vulnerability.

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

CVE-2025-55249

Technical details (affected product/versions, root cause, exploitability, mitigations) are not publicly available in the provided documents. Monitor for updates from vendor advisories and CVE feeds.