SUSE SLES12 Security Update : containerd (SUSE-SU-2026:2640-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2640-1 advisory. This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation...

SUSE SLES15 Security Update : google-osconfig-agent (SUSE-SU-2026:2611-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2611-1 advisory. This update for google-osconfig-agent fixes the following issue - CVE-2026-33186: Update google.golang.org/grpc dependency...

SUSE SLES15 Security Update : google-guest-agent (SUSE-SU-2026:2612-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2612-1 advisory. This update for google-guest-agent fixes the following issues Security issues: - CVE-2026-39821: Update golang.org/x/net/idna...

SUSE SLES16: libppsdocument4_0-5 / libppsview4_0-4 / nautilus-extension-papers / etc (SUSE-SU-2026:22182-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:22182-1 advisory. This update for papers fixes the following issues Security issue: - CVE-2026-46529: command injection bsc1265880. Changes for papers: -...

SUSE SLES16 Security Update : python-PyJWT (SUSE-SU-2026:22170-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22170-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments directly to...

SUSE SLED15 / SLES15 Security Update : python-PyJWT (SUSE-SU-2026:2626-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2626-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments...

PT-2026-52958

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The wbt init enable default function uses WARN ON ONCE to check for failures from wbt alloc and wbt init. However, these are expected failure paths: wbt alloc may return NULL during memo...

PT-2026-52843

Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with can create storage volumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expires at snapshot field...

ROS-20260626-73-0023

The vulnerability of the kdc/dotgsreq.c component of the Kerberos authentication protocol is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

PT-2026-52963

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mana network driver regarding the naming of debugfs directories. The driver previously used a hardcoded "0" for Physical Functions PFs and the pci slot name functi...

PT-2026-52883

Name of the Vulnerable Software and Affected Versions Envoy versions 1.34.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description Envoy crashes when an ext proc server sends a single gRPC message containing...

PT-2026-52882

Name of the Vulnerable Software and Affected Versions Envoy versions 1.26.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description The envoy.filters.http.grpc stats filter is subject to a null pointer dereference,...

PT-2026-53011

Summary The record-output parameter of the /instances/$name/exec endpoint stores the output of the command in the exec-output directory of the instance. If exec-output is a symlink, file named exec UUID.stdout and exec UUID.stderr can be written to an arbitrary location where the .stdout file wil...

PT-2026-52884

Name of the Vulnerable Software and Affected Versions Envoy versions 1.18.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description The router filter contains a null pointer dereference—a condition where the softwa...

Oracle Linux 9 : kernel (ELSA-2026-27789)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27789 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

Oracle Linux 9 : libtasn1 (ELSA-2026-28253)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-28253 advisory. 4.16.0-10 - Backport the fix for CVE-2025-13151 RHEL-139568 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE SLES16 Security Update : libyang (SUSE-SU-2026:22208-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22208-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing craft...

SUSE SLES16: freerdp / freerdp-devel / freerdp-proxy / freerdp-proxy-plugins / etc (SUSE-SU-2026:22194-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22194-1 advisory. This update for freerdp fixes the following issues Update to version 3.26.0: - CVE-2026-33982: heap-buffer-overflow READ...

Oracle Linux 9 : xorg-x11-server (ELSA-2026-19343)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19343 advisory. - CVE fix for: CVE-2026-50256, CVE-2026-50257, CVE-2026-50258, CVE-2026-50259, CVE-2026-50260, CVE-2026-50261, CVE-2026-50262, CVE-2026-50263,...

Fedora 44 : docker-buildkit (2026-1e00728616)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1e00728616 advisory. - Update to release v0.31.0 - Resolve CVE-2026-39829: rhbz2489939, rhbz2490056 - Upstream new features and fixes Tenable has extracted the preceding...