Fedora 44 : ocserv (2026-28036f36d5)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-28036f36d5 advisory. fix pam-guard-page test Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Linux Distros Unpatched Vulnerability : CVE-2026-22551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Theia versions prior to 1.71.0, the AI chat rendered Markdown image tags from AI responses, triggering HTTP requests to arbitrary external URLs witho...

Linux Distros Unpatched Vulnerability : CVE-2026-46974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.8. Difficult to exploi...

RockyLinux 10 : yggdrasil-worker-package-manager (RLSA-2026:25999)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:25999 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 Tenable has extracted the preceding description block directly from...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : libheif vulnerabilities (USN-8454-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8454-1 advisory. Elhanan Haenel discovered that libheif incorrectly handled certain malformed HEIF sequence files...

RHEL 9 : xorg-x11-server (RHSA-2026:26610)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26610 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical us...

Linux Distros Unpatched Vulnerability : CVE-2026-46977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily...

Photon OS 5.0: Dotnet PHSA-2026-5.0-0884

An update of the dotnet package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-48779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to...

SUSE SLES12 Security Update : qemu (SUSE-SU-2026:2406-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2406-1 advisory. - CVE-2023-1544: pvrdma: out-of-bounds read in pvrdmaringnextelemread bsc1209554. - CVE-2025-11234: qemu-kvm: use-after-free in websocket...

Debian dsa-6353 : gstreamer1.0-libav - security update

The remote Debian 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6353 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6353-1 [email protected] https://www.debian.org/security/ Moritz...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Vim vulnerabilities (USN-8451-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8451-1 advisory. Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled...

Linux Distros Unpatched Vulnerability : CVE-2026-43915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.11.0 contain a stored cross-site scripting XSS vulnerability in the...

MiracleLinux 8 : hplip-3.18.4-13.el8_10.ML.1 (AXSA:2026-798:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-798:01 advisory. HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection CVE-2026-8632 HPLIP: HPLIP: Arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2026-48979

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP Standard Library PSL is set of APIs covering async, collections, networking, I/O, cryptography, terminal UI, etc. In versions 6.1.0, 6.1.1 and 6.2.0, the...

Linux Distros Unpatched Vulnerability : CVE-2026-46877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily...

Photon OS 5.0: Util PHSA-2026-5.0-0885

An update of the util package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0885. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

FreeBSD : nginx -- multiple vulnerabilities (46b654f8-6b28-11f1-b8e5-3497f65b111b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 46b654f8-6b28-11f1-b8e5-3497f65b111b advisory. The nginx developers report: A heap memory buffer overflow vulnerability when using the...

Linux Distros Unpatched Vulnerability : CVE-2026-48822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a stored Cross-Site Scripting XSS vulnerability in the Markdown-to-HTML conversion...

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:2417-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2417-1 advisory. This update for 389-ds fixes the following issue Update to 2.2.10git229.1fa7ffdb4: - CVE-2026-9064: unbounded LDAP controls count in...