Fedora 44 : 389-ds-base (2026-6d00814a85)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d00814a85 advisory. Resolves: CVE-2026-9064 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora 44 : kubernetes1.34 (2026-eee09dc43b)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-eee09dc43b advisory. - Update to release v1.34.9 - Resolves: rhbz2467605 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-56409

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used. CVE-2026-56409 Note that Nessus relies on the presence...

Debian dsa-6359 : gstreamer1.0-gtk3 - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6359 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6359-1 [email protected] https://www.debian.org/securit...

Debian dsa-6357 : python-pil-doc - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6357 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6357-1 [email protected] https://www.debian.org/securit...

Photon OS 4.0: Linux PHSA-2026-4.0-1037

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1037. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-39199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file. CVE-2026-39199 Note that Nessus relies on the presence of the package a...

Linux Distros Unpatched Vulnerability : CVE-2026-9375

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to...

Linux Distros Unpatched Vulnerability : CVE-2025-70102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parseoption src/if-options.c:1886, t...

Oracle Linux 8 : postgresql:15 (ELSA-2026-26181)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26181 advisory. - Fix CVE-2026-6478 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Fedora 44 : xdg-desktop-portal (2026-d8f8abf763)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d8f8abf763 advisory. Update to 1.22.1 It fixes CVE-2026-55888 and CVE-2026-55889. Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-56405

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in getAttributeId. CVE-2026-56405 Note that Nessus relies on the presence of the package as reported by the vendor...

Fedora 44 : chromium (2026-650bd96540)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-650bd96540 advisory. Update to 149.0.7827.155 CVE-2026-12437: Use after free in WebShare CVE-2026-12438: Inappropriate implementation in WebView CVE-2026-12439: Use afte...

Linux Distros Unpatched Vulnerability : CVE-2026-56406

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse. CVE-2026-56406 Note that Nessus relies o...

Linux Distros Unpatched Vulnerability : CVE-2026-56408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in copyString. CVE-2026-56408 Note that Nessus relies on the presence of the package as reported by the vendor...

Fedora 43 : openssl (2026-840334a045)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-840334a045 advisory. Rebase to OpenSSL 3.5.7 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora 44 : erlang-cowboy / erlang-cowlib / erlang-gun (2026-c17ea7a74d)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-c17ea7a74d advisory. Gun ver. 2.4.1 and its dependencies ---- New erlang-gun Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-56403

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in storeAtts. CVE-2026-56403 Note that Nessus relies on the presence of the package as reported by the vendor...

Fedora 44 : perl-Crypt-PBKDF2 (2026-5b12cc327e)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5b12cc327e advisory. This update addresses a number of security issues: Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations t...

Photon OS 5.0: Sqlite PHSA-2026-5.0-0889

An update of the sqlite package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0889. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...