RHEL 8 : kernel (RHSA-2026:26563)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26563 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: geneve: Fix use-after-free in...

RockyLinux 9 : valkey (RLSA-2026:25925)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25925 advisory. redis: use-after-free in unblock client flow may allow remote code execution CVE-2026-23479 redis: Remote code execution via use-after-free in Lua...

Linux Distros Unpatched Vulnerability : CVE-2026-12292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird...

Linux Distros Unpatched Vulnerability : CVE-2026-12308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12308...

Linux Distros Unpatched Vulnerability : CVE-2026-12311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbi...

Linux Distros Unpatched Vulnerability : CVE-2026-12296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird...

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 (7276600)

The version of IBM WebSphere Application Server running on the remote host is affected by a vulnerability as referenced in the 7276600 advisory. - IBM WebSphere Application Server is vulnerable to server-side request forgery SSRF with the Ajax Proxy configured. This may allow an attacker to send...

Linux Distros Unpatched Vulnerability : CVE-2026-12307

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12307...

MinIO RELEASE.2022-07-24T01-54-52Z < RELEASE.2026-04-14T21-32-45Z Path Traversal (CVE-2026-42600)

The version of MinIO installed on the remote host is RELEASE.2022-07-24T01-54-52Z or later but prior to RELEASE.2026-04-14T21-32-45Z. It is, therefore, affected by a path traversal vulnerability: - A path traversal vulnerability in MinIO's ReadMultiple internode storage-REST endpoint allows a...

Fortra GoAnywhere Managed File Transfer (MFT) < 7.10.0 Multiple Vulnerabilities

According to its self-reported version, the instance of Fortra GoAnywhere Managed File Transfer MFT running on the remote host is prior to 7.10.0. It is, therefore, affected by multiple vulnerabilities, including: - The login limit is not enforced on the SFTP service if the Web User is configured...

RockyLinux 8 : openssl (RLSA-2026:26275)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26275 advisory. openssl: Use After Free with SSLfreebuffers CVE-2024-4741 openssl: Heap Use-After-Free in OpenSSL PKCS7verify CVE-2026-45447 Tenable has extracted the...

ImageMagick < 6.9.13-48 / 7.x < 7.1.2-24 Multiple Vulnerabilities

The remote host has a version of ImageMagick installed that is prior to 6.9.13-48 or 7.x prior to 7.1.2-24. It is, therefore, affected by multiple vulnerabilities: - A missing check in the DCM decoder could result in an image with invalid dimensions that may trigger crashes during subsequent...

RockyLinux 8 : libpng12 (RLSA-2026:26348)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26348 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 Tenable has extracted the preceding description block directly from t...

Linux Distros Unpatched Vulnerability : CVE-2026-6009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote Code Execution RCE, potentially allowing code execution on the affected system...

Linux Distros Unpatched Vulnerability : CVE-2026-12447

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...

Linux Distros Unpatched Vulnerability : CVE-2026-53615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Integer Overflow or Wraparound in libblkid/src/partitions/dos.c CVE-2026-53615 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2026-12291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and...

Linux Distros Unpatched Vulnerability : CVE-2026-12458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in Passwords. CVE-2026-12458 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Fedora 44 : firefox / nss (2026-5eeadd9b1b)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-5eeadd9b1b advisory. Update NSS to 3.124.0 Update Firefox to 152.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Linux Distros Unpatched Vulnerability : CVE-2026-12312

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...