Debian dla-4638 : libgd-perl - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dla-4638 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4638-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2026-49346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit...

Fedora 43 : perl-Crypt-PBKDF2 (2026-e8231b773d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e8231b773d advisory. This update addresses a number of security issues: Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations t...

Fedora 44 : strongswan (2026-284c049f7f)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-284c049f7f advisory. Addresses CVE-2026-47895 which is a theoretical RCE Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Fedora 44 : alertmanager (2026-87b103f151)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-87b103f151 advisory. Update to 0.33.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

MiracleLinux 8 : [security - medium] mysql:8.0, rapidjson-1.1.0-6.module+el8+1989+b2d38253 (AXSA:2026-809:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-809:01 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026 CVE-2026-22001...

MiracleLinux 8 : [security - medium] mysql:8.4, rapidjson-1.1.0-3.module+el8+1990+5ba0b90f (AXSA:2026-810:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-810:01 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026 CVE-2026-22001...

Oracle Linux 8 : redis:6 (ELSA-2026-26008)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26008 advisory. 6.2.22-1.0.1 - Build with 64k pages to support redis on both UEK6 and UEK7 on aarch64 6.2.22-1 - rebase to 6.2.22 for CVE-2026-25243 Tenable has extracted the...

Linux Distros Unpatched Vulnerability : CVE-2026-56408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in copyString. CVE-2026-56408 Note that Nessus relies on the presence of the package as reported by the vendor...

Fedora 43 : kubernetes1.35 (2026-0544eff1d8)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0544eff1d8 advisory. - Update to release v1.35.6 - Resolves: rhbz2467606 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-49271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offse...

Linux Distros Unpatched Vulnerability : CVE-2026-9265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribu...

Fedora 44 : erlang-cowboy / erlang-cowlib / erlang-gun (2026-c17ea7a74d)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-c17ea7a74d advisory. Gun ver. 2.4.1 and its dependencies ---- New erlang-gun Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-56411

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. CVE-2026-56411 Note that Nessus relies on the presence of th...

MongoDB-backed Spring Batch jobs and more in Spring Boot 4.1

Spring Batch was introduced many years before MongoDB existed, and its design assumed the presence of a SQL database in which to store the state of Spring Batch jobs. But that was decades ago, and a common question for anyone new to Spring Batch was, "Why does this thing need to talk to a SQL...

Fedora 43 : kubernetes1.34 (2026-88ab77d111)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-88ab77d111 advisory. - Update to release v1.34.9 - Resolves: rhbz2467605 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-49337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes...

Linux Distros Unpatched Vulnerability : CVE-2026-56410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId. CVE-2026-56410 Note that Nessus relies on the presence of the package as reported by...

Debian dsa-6360 : squid - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6360 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6360-1 [email protected] https://www.debian.org/securit...

Fedora 43 : openssl (2026-840334a045)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-840334a045 advisory. Rebase to OpenSSL 3.5.7 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...