SUSE SLES15 Security Update : kernel RT (Live Patch 11 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2503-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2503-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.37 fixes various security issues The following security issues were fixed: -...

Oracle Linux 9 : postgresql:16 (ELSA-2026-26203)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26203 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3635 pgrepack 1.5.1-1 - Update to v1.5.1...

UBUNTU-CVE-2026-53258

In the Linux kernel, the following vulnerability has been resolved: wifi: fix leak if split 6 GHz scanning fails rdev-intscanreq is leaked if cfg80211scan fails. Note that it's supposed to be released at cfg80211scandone but this doesn't happen as rdev-scanreq is NULL at that point, too, leading ...

UBUNTU-CVE-2025-60473

A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

UBUNTU-CVE-2026-53152

In the Linux kernel, the following vulnerability has been resolved: mmc: dwmmc-rockchip: Add missing private data for very old controllers The really old controllers rk2928, rk3066, rk3188 do not support UHS speeds at all, and thus never handled phase data. For that reason it never had a parsedt...

UBUNTU-CVE-2026-53248

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix use-after-free in metadata dst teardown airohametadatadstfree runs metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

AlmaLinux 9 : python3.14 (ALSA-2026:28247)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28247 advisory. python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open API CVE-2026-4786 python: Python: Cross-Site Scripting XSS...

Fedora 43 : httpd (2026-37947358ea)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-37947358ea advisory. - new version 2.4.68 - fixes various security issues Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Oracle Linux 9 : fence-agents (ELSA-2026-19355)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19355 advisory. - bundled PyJWT: upgrade to v2.13.0 to fix CVE-2026-48526 Resolves: RHEL-182313 - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-157202 - bundled...

Debian dsa-6369 : pdns-recursor - security update

The remote Debian 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6369 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6369-1 [email protected] https://www.debian.org/securit...

SUSE SLES12 Security Update : libzypp (SUSE-SU-2026:2628-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2628-1 advisory. This update for libzypp fixes the following issue - CVE-2026-25707: Handcrafted repo metadata may cause arbitrary local files to be overwritten...

Debian dla-4651 : python3-urllib3 - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dla-4651 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4651-1 [email protected]...

SUSE SLED15 / SLES15 Security Update : python-PyJWT (SUSE-SU-2026:2626-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2626-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments...

SUSE SLES12 Security Update : kernel (Live Patch 79 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:2592-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2592-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.299 fixes various security issues The following security issues were fixed: -...

Oracle Linux 9 : coreutils (ELSA-2026-28911)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-28911 advisory. 8.32-41.0.1 - clean up empty file if cp is failed Orabug 15973168 9.5-8 - CVE-2025-5278 - Fix Heap Buffer Under-Read in sort via Key Specification RHEL-180331...

SUSE SLES12 Security Update : kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:2549-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2549-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: -...

SUSE SLES12 Security Update : containerd (SUSE-SU-2026:2640-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2640-1 advisory. This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation...

SUSE SLES16 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:22187-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:22187-1 advisory. This update for perl-HTTP-Daemon fixes the following issue - CVE-2026-8450: HTTP: Daemon versions before 6.17 for Perl allow OS command...

SUSE SLES12: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2026:2623-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2623-1 advisory. This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: - CVE-2026-28847: processing maliciously crafted web content m...

📄 TypeBot Server-Side Request Forgery

TypeBot versions prior to 3.16.0 suffer from a server-side request forgery vulnerability. CVE-2026-34207 The SSRF filter checked hostname text, but the actual destination was decided later by DNS. That gap let attacker-controlled Webhook URLs reach loopback, metadata, and private network targets...