Debian dla-4636 : thunderbird - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4636 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4636-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2026-48931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in Node.js HTTP Agent can cause a client to accept as valid a response that is send before the client has sent the request. This vulnerability affects al...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : Go Cryptography vulnerabilities (USN-8447-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8447-1 advisory. It was discovered that Go Cryptography did not properly handle SSH global request responses. ...

Linux Distros Unpatched Vulnerability : CVE-2026-48934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.j...

RockyLinux 9 : xorg-x11-server-Xwayland (RLSA-2026:26590)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26590 advisory. xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch...

Linux Distros Unpatched Vulnerability : CVE-2026-48618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver an...

SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2026:2403-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2403-1 advisory. - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in Password-Based CMS...

Linux Distros Unpatched Vulnerability : CVE-2026-54388

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content- Length headers with differing values, forwarding all...

RHEL 9 : xorg-x11-server (RHSA-2026:26610)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26610 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical us...

RockyLinux 8 : xorg-x11-server-Xwayland (RLSA-2026:26562)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26562 advisory. xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch...

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:2397-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2397-1 advisory. This update for openssl-3 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String...

Linux Distros Unpatched Vulnerability : CVE-2026-6733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an...

Oracle Linux 8 : xorg-x11-server (ELSA-2026-26709)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26709 advisory. 1.20.11-28.2 - Other security related fixes Resolves: https://redhat.atlassian.net/browse/RHEL-184289 1.20.11-28.1 - CVE fix for: CVE-2026-50256,...

SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2026:2409-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2409-1 advisory. This update for openssl-11-livepatches fixes the following issues - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Tenable has...

Fedora 45 : docker-buildkit (2026-c6481c190e)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c6481c190e advisory. Automatic update for docker-buildkit-0.31.0-1.fc45. Changelog Wed Jun 17 2026 Bradley G Smith - 0.31.0-1 - Update to release v0.31.0 - Resolve...

Linux Distros Unpatched Vulnerability : CVE-2026-48928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release line...

MiracleLinux 8 : libpng12-1.2.57-7.el8_10 (AXSA:2026-793:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-793:02 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 Tenable has extracted the preceding description block directly fro...

Fedora 43 : chromium (2026-40cf884ac9)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-40cf884ac9 advisory. Update to 149.0.7827.114 CVE-2026-12007: Use after free Core CVE-2026-12008: Use after free DigitalCredentials CVE-2026-12009: Insufficient validati...

SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:2392-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2392-1 advisory. This update for openssl-11 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1...

PT-2026-51143

Name of the Vulnerable Software and Affected Versions Nuxt versions prior to 4.4.7 Nuxt versions prior to 3.21.7 Description A cross-site scripting issue exists in the NoScript component, which writes slot content to innerHTML without proper escaping. This allows attackers to inject malicious...