Linux Distros Unpatched Vulnerability : CVE-2026-56367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB PSD v2 RLE decoding path ReadPSDChannelRLE in coders/psd.c that...

Fedora 44 : kubernetes1.35 (2026-b56d6f4b79)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b56d6f4b79 advisory. - Update to release v1.35.6 - Resolves: rhbz2467606 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-52911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the...

Fedora 43 : alertmanager (2026-1ad4561f49)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1ad4561f49 advisory. Update to 0.33.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 44 : ansible-core (2026-7f70f809f0)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7f70f809f0 advisory. - Mitigates CVE-2026-11332 rhbz2485397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Fedora 43 : mingw-SDL2_image (2026-bc38ebdf4c)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bc38ebdf4c advisory. Update to SDL2image 2.8.12, fixes CVE-2026-35444. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Linux Distros Unpatched Vulnerability : CVE-2026-56411

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. CVE-2026-56411 Note that Nessus relies on the presence of th...

Linux Distros Unpatched Vulnerability : CVE-2026-56412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in...

Linux Distros Unpatched Vulnerability : CVE-2026-49346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit...

Fedora 43 : perl-Config-IniFiles (2026-3cce371bdf)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3cce371bdf advisory. Update to 3.001000, fixes CVE-2026-11527 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Linux Distros Unpatched Vulnerability : CVE-2026-12706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a...

Fedora 44 : ongres-scram / ongres-stringprep / postgresql-jdbc (2026-3f51edec7b)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-3f51edec7b advisory. Ongres Scram update and security fix. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Linux Distros Unpatched Vulnerability : CVE-2026-49337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes...

Linux Distros Unpatched Vulnerability : CVE-2026-49342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - YARD is a documentation generation tool for the Ruby programming language. Prior to version 0.9.44, YARD's static cache lookup reads a request path before the...

Fedora 43 : erlang-cowboy / erlang-cowlib / erlang-gun (2026-2aa86d411f)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-2aa86d411f advisory. Gun ver. 2.4.1 and its dependencies ---- New erlang-gun Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-56407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen. CVE-2026-56407 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2026-56404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in addBinding. CVE-2026-56404 Note that Nessus relies on the presence of the package as reported by the vendor...

Fedora 43 : kubernetes1.33 (2026-c2a89ccca5)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c2a89ccca5 advisory. - Update to release 1.33.13 - Resolves: rhbz2467604 - Upstream fix Tenable has extracted the preceding description block directly from the Fedora security...

Debian dsa-6358 : libhttp-daemon-perl - security update

The remote Debian 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6358 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6358-1 [email protected] https://www.debian.org/security/...

Photon OS 5.0: Freetype2 PHSA-2026-5.0-0884

An update of the freetype2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...