SUSE SLES16 Security Update : python-aiohttp (SUSE-SU-2026:22173-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22173-1 advisory. This update for python-aiohttp fixes the following issues - CVE-2026-22815: insufficient header/trailer handling can cause a denia...

SUSE SLES16 Security Update : perl-HTML-Parser (SUSE-SU-2026:22189-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:22189-1 advisory. This update for perl-HTML-Parser fixes the following issue - CVE-2026-8829: HTML:Entities versions before 3.84 for Perl read freed heap...

SUSE SLES15 Security Update : libinput (SUSE-SU-2026:2529-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2529-1 advisory. This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local...

PT-2026-52958

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The wbt init enable default function uses WARN ON ONCE to check for failures from wbt alloc and wbt init. However, these are expected failure paths: wbt alloc may return NULL during memo...

PT-2026-52843

Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with can create storage volumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expires at snapshot field...

ROS-20260626-73-0023

The vulnerability of the kdc/dotgsreq.c component of the Kerberos authentication protocol is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

PT-2026-52963

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mana network driver regarding the naming of debugfs directories. The driver previously used a hardcoded "0" for Physical Functions PFs and the pci slot name functi...

PT-2026-52883

Name of the Vulnerable Software and Affected Versions Envoy versions 1.34.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description Envoy crashes when an ext proc server sends a single gRPC message containing...

PT-2026-52882

Name of the Vulnerable Software and Affected Versions Envoy versions 1.26.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description The envoy.filters.http.grpc stats filter is subject to a null pointer dereference,...

PT-2026-53011

Summary The record-output parameter of the /instances/$name/exec endpoint stores the output of the command in the exec-output directory of the instance. If exec-output is a symlink, file named exec UUID.stdout and exec UUID.stderr can be written to an arbitrary location where the .stdout file wil...

PT-2026-52884

Name of the Vulnerable Software and Affected Versions Envoy versions 1.18.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description The router filter contains a null pointer dereference—a condition where the softwa...

Oracle Linux 9 : kernel (ELSA-2026-27789)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27789 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

Oracle Linux 9 : libtasn1 (ELSA-2026-28253)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-28253 advisory. 4.16.0-10 - Backport the fix for CVE-2025-13151 RHEL-139568 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Debian dsa-6366 : sogo - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6366 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6366-1 [email protected] https://www.debian.org/securit...

SUSE SLES16 Security Update : libyang (SUSE-SU-2026:22208-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22208-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing craft...

SUSE SLES16: freerdp / freerdp-devel / freerdp-proxy / freerdp-proxy-plugins / etc (SUSE-SU-2026:22194-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22194-1 advisory. This update for freerdp fixes the following issues Update to version 3.26.0: - CVE-2026-33982: heap-buffer-overflow READ...

Oracle Linux 9 : xorg-x11-server (ELSA-2026-19343)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19343 advisory. - CVE fix for: CVE-2026-50256, CVE-2026-50257, CVE-2026-50258, CVE-2026-50259, CVE-2026-50260, CVE-2026-50261, CVE-2026-50262, CVE-2026-50263,...

Fedora 44 : docker-buildkit (2026-1e00728616)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1e00728616 advisory. - Update to release v0.31.0 - Resolve CVE-2026-39829: rhbz2489939, rhbz2490056 - Upstream new features and fixes Tenable has extracted the preceding...

Oracle Linux 9 : .NET / 10.0 (ELSA-2026-21297)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-21297 advisory. 10.0.109-1.0.1 - Add support for Oracle Linux 10.0.109-1 - Update to .NET SDK 10.0.109 and Runtime 10.0.9 - Resolves: RHEL-181558 10.0.108-1 - Update to .NET S...

RockyLinux 10 : golang (RLSA-2026:29980)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:29980 advisory. net/textproto: golang: Golang net/textproto: Misleading error messages via input injection CVE-2026-42507 Bug Fixes and Enhancements: Update Go to version...