CVE-2026-4424 affecting package libarchive for versions less than 3.7.7-6

CVE-2026-4424 affecting package libarchive for versions less than 3.7.7-6. A patched version of the package is available...

CVE-2026-5121 affecting package libarchive for versions less than 3.7.7-6

CVE-2026-5121 affecting package libarchive for versions less than 3.7.7-6. A patched version of the package is available...

CVE-2026-4426 affecting package libarchive for versions less than 3.7.7-6

CVE-2026-4426 affecting package libarchive for versions less than 3.7.7-6. A patched version of the package is available...

ROOT-OS-DEBIAN-13-CVE-2026-41254 CVE-2026-41254 in rootio-lcms2 - Patched by Root

Root has patched CVE-2026-41254 in the rootio-lcms2 package for Root:Debian:13. Multiple fixed versions available...

Linux Distros Unpatched Vulnerability : CVE-2026-41163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user ca...

Linux Distros Unpatched Vulnerability : CVE-2026-33258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC3 caches. CVE-2026-33258 Note tha...

Linux Distros Unpatched Vulnerability : CVE-2026-5761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - qemu - None Ubuntu Linux - virtio-blk: zone report buffer out-of-memory CVE-2026-5761 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2026-41990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data. CVE-2026-41990 Note...

Linux Distros Unpatched Vulnerability : CVE-2026-5763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - qemu - None Ubuntu Linux - virtio-scsi request size mismatch CVE-2026-5763 Note that Nessus relies on the presence of the package as reported by...

Linux Distros Unpatched Vulnerability : CVE-2026-40215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via...

Don’t Wait for a Patch. Mitigate RedSun Zero-Day Risk in Microsoft Defender Today

Key Takeaways RedSun is a critical zero-day vulnerability in Microsoft Defender that allows low-privileged users to gain SYSTEM access No patch is currently available, leaving all Defender-enabled Windows systems potentially exposed Qualys VMDR detects affected assets instantly QID 92382 TruRisk...

CVE-2026-32604

Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions...

PT-2026-43126

Name of the Vulnerable Software and Affected Versions GNU LibreDWG versions prior to 0.15 Description The decompress R2004 section function within the src/decode.c file of the Dwgread Utility contains an uncontrolled reachable assertion. This issue allows a local attacker to cause a denial of...

Linux Distros Unpatched Vulnerability : CVE-2026-35334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - strongswan - None Ubuntu Linux - Possible NULL-Pointer Dereference in RSA Decryption CVE-2026-35334 Note that Nessus relies on the presence of th...

Linux Distros Unpatched Vulnerability : CVE-2026-31442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmaengine: idxd: Fix possible invalid memory access after FLR In the case that the first Function Level Reset FLR concludes correctly, but in the second FLR the...

CVE-2026-41320 Frappe HR has possibility of SQL Injection due to improper field sanitization

Frappe HR is an open-source human resources management solution HRMS. Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract information they wouldn't otherwise be able to. Versions 15.54.0 and...

Security Bulletin: A security vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2024-29371).

Summary A security vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2024-29371. IBM WebSphere Liberty has been updated within IBM CICS TX Advanced to address this vulnerability. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before...

Linux Distros Unpatched Vulnerability : CVE-2026-6769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Debugger component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

PT-2026-34214

Name of the Vulnerable Software and Affected Versions free5GC UDR versions prior to 1.4.3 Description A fail-open request handling flaw exists in the UDR service. The POST handler for the endpoint '/nudr-dr/v2/policy-data/subs-to-notify' continues to process requests even after encountering error...

Linux Distros Unpatched Vulnerability : CVE-2026-6761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...