Linux Distros Unpatched Vulnerability : CVE-2026-12294

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and...

Linux Distros Unpatched Vulnerability : CVE-2026-12304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbir...

RHEL 9 : 389-ds-base (RHSA-2026:26465)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26465 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server a...

Linux Distros Unpatched Vulnerability : CVE-2026-12325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial-of-service in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and...

RHEL 9 : kernel-rt (RHSA-2026:26462)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26462 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

Linux Distros Unpatched Vulnerability : CVE-2026-12324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and...

PT-2026-50206

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in Extensions allows an attacker to bypass the Same Origin Policy SOP—a security mechanism that restricts how a document or script loaded from one origi...

Linux Distros Unpatched Vulnerability : CVE-2026-12441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HT...

Fedora 44 : ldns (2026-1c6479b257)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1c6479b257 advisory. Update to 1.9.2 for CVE-2026-10846 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Linux Distros Unpatched Vulnerability : CVE-2026-12447

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...

RockyLinux 9 : webkit2gtk3 (RLSA-2026:25927)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25927 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2026-28946 webkitgtk: Processing maliciously crafted we...

Linux Distros Unpatched Vulnerability : CVE-2026-12463

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Views. CVE-2026-12463 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

RHEL 10 : valkey (RHSA-2026:26540)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26540 advisory. Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists,...

Linux Distros Unpatched Vulnerability : CVE-2026-53613

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - upstream upgrade with security fixes: - CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount - CVE-2026-53613 - libmount: SUID bypa...

RHEL 8 : postgresql:15 (RHSA-2026:26561)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26561 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system accou...

Linux Distros Unpatched Vulnerability : CVE-2026-12465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Metrics. CVE-2026-12465 Note that Nessus relies on the presence of the package as reported by the vendor...

RHEL 9 : postgresql:16 (RHSA-2026:26524)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26524 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system accou...

Python Library OpenEXR 3.4.x < 3.4.12 Multiple Vulnerabilities

The version of the OpenEXR Python package installed on the remote host is 3.4.x prior to 3.4.12. It is, therefore, affected by multiple vulnerabilities: - An integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer-overflow when decoding a crafted HTJ2K-compress...

RHEL 8 : kernel (RHSA-2026:26563)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26563 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: geneve: Fix use-after-free in...

Linux Distros Unpatched Vulnerability : CVE-2026-12453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Input. CVE-2026-12453 Note that Nessus relies on the presence of the package as reported by the vendor...