Linux Distros Unpatched Vulnerability : CVE-2026-8389

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3. CVE-2026-8389 Note that Nessus relies on the presen...

Linux Distros Unpatched Vulnerability : CVE-2026-8401

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

Linux Distros Unpatched Vulnerability : CVE-2026-45354

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - netatalk - None Ubuntu Linux - security update CVE-2026-45354 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2026-8529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video...

Linux Distros Unpatched Vulnerability : CVE-2026-44047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain unauthorized access to...

Linux Distros Unpatched Vulnerability : CVE-2026-8564

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HT...

Linux Distros Unpatched Vulnerability : CVE-2026-44070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unbounded memory reallocation in the charset conversion code in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to cause a minor denial o...

Linux Distros Unpatched Vulnerability : CVE-2026-8534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to...

Linux Distros Unpatched Vulnerability : CVE-2026-8545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origi...

Linux Distros Unpatched Vulnerability : CVE-2026-8202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with...

Linux Distros Unpatched Vulnerability : CVE-2026-44919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The...

Linux Distros Unpatched Vulnerability : CVE-2026-43457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb...

May 2026 Security Advisory Ivanti Virtual Traffic Manager (vTM) (CVE-2026-8051)

Summary Ivanti has released updates for Ivanti Virtual Traffic Manager which addresses one High severity vulnerability. Successful exploitation could lead to admin authenticated remote code execution. We are not aware of any customers being exploited by this vulnerability at the time of disclosur...

Security Advisory - Ivanti Xtraction (CVE-2026-8043)

Summary Ivanti has released an update for Ivanti Xtraction which addresses one Critical severity vulnerability. Successful exploitation could lead to sensitive information disclosure and client-side attacks. We are not aware of any customers being exploited by this vulnerability at the time of...

GHSA-3H63-FX68-X5FM omec-project amf crashes when processing malformed LocationReports

A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This patch is called...

omec-project amf crashes when processing malformed LocationReports

A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This patch is called...

CVE-2026-8349

A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This patch is called...

CVE-2026-8349

CVE-2026-8349 affects the omec-project amf up to 2.1.1, specifically the NGAP Message Handler. A remote manipulation can cause memory corruption. An exploit has been published; a patch is available (hash: 8a4c33cdda866094f1989bdeff6d8642fce8de8435f89defd66831c97715f5aa). Remediation: apply the pa...

GHSA-F633-865Q-2MHH MantisBT is Vulnerable to Stored XSS in Saved-Filter Owner Column

Incorrect escaping of a saved filter's owner allows an attacker to inject arbitrary HTML on systems where $gshowuserrealname = ON. Impact Cross-site scripting XSS. Note that By default, only users with Manager access level or above can save their filters publicly Patches -...