Fedora 43 : perl-GD (2026-63831abaee)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-63831abaee advisory. This update fixes a command injection issue resulting from the use of the 2-argument form of open CVE-2026-11526. Tenable has extracted the preceding...

Linux Distros Unpatched Vulnerability : CVE-2026-50190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - shaarli - None Ubuntu Linux - Unknown description CVE-2026-50190 Note that Nessus relies on the presence of the package as reported by the vendor...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-8441-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8441-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

Linux Distros Unpatched Vulnerability : CVE-2026-48823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a stored Cross-Site Scripting XSS vulnerability in the tag filtering functionality ...

Linux Distros Unpatched Vulnerability : CVE-2026-55766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-guzzlehttp-psr7 - None CVE-2026-55766 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Fedora 44 : ocserv (2026-28036f36d5)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-28036f36d5 advisory. fix pam-guard-page test Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

RockyLinux 10 : rsync (RLSA-2026:26332)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26332 advisory. rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding CVE-2026-43618 rsync: TOCTOU symlink race condition allowing...

Linux Distros Unpatched Vulnerability : CVE-2026-22551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Theia versions prior to 1.71.0, the AI chat rendered Markdown image tags from AI responses, triggering HTTP requests to arbitrary external URLs witho...

Linux Distros Unpatched Vulnerability : CVE-2026-46974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.8. Difficult to exploi...

RockyLinux 10 : yggdrasil-worker-package-manager (RLSA-2026:25999)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:25999 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 Tenable has extracted the preceding description block directly from...

Oracle Linux 8 : kernel (ELSA-2026-26427)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26427 advisory. - wifi: mac80211: remove station if connection prep fails Jose Ignacio Tornos Martinez RHEL-180120 CVE-2026-46125 - wifi: mac80211: drop stray 'static...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : libheif vulnerabilities (USN-8454-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8454-1 advisory. Elhanan Haenel discovered that libheif incorrectly handled certain malformed HEIF sequence files...

RHEL 9 : xorg-x11-server (RHSA-2026:26610)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26610 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical us...

Linux Distros Unpatched Vulnerability : CVE-2026-46977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily...

Photon OS 5.0: Dotnet PHSA-2026-5.0-0884

An update of the dotnet package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-48779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to...

SUSE SLES12 Security Update : qemu (SUSE-SU-2026:2406-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2406-1 advisory. - CVE-2023-1544: pvrdma: out-of-bounds read in pvrdmaringnextelemread bsc1209554. - CVE-2025-11234: qemu-kvm: use-after-free in websocket...

Debian dsa-6353 : gstreamer1.0-libav - security update

The remote Debian 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6353 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6353-1 [email protected] https://www.debian.org/security/ Moritz...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Vim vulnerabilities (USN-8451-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8451-1 advisory. Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled...

RHEL 8 : kernel (RHSA-2026:26535)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26535 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: geneve: Fix use-after-free in...