Photon OS 5.0: Dotnet PHSA-2026-5.0-0884

An update of the dotnet package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Libsolv PHSA-2026-5.0-0886

An update of the libsolv package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0886. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE SLES16 Security Update : opensc (SUSE-SU-2026:22126-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22126-1 advisory. - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input...

Linux Distros Unpatched Vulnerability : CVE-2026-44942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal in handling the path component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by...

Linux Distros Unpatched Vulnerability : CVE-2026-56208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode...

Ubuntu 26.04 LTS : Tomcat vulnerabilities (USN-8450-1)

The remote Ubuntu 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8450-1 advisory. It was discovered that Tomcat did not properly limit the size of WebDAV LOCK and PROPFIND request bodies. A remote attacker could possibly use this issue...

Debian dsa-6351 : chromium - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6351 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6351-1 [email protected]...

Fedora 44 : perl-HTTP-Daemon (2026-8982379b5c)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8982379b5c advisory. Changes: 6.17 2026-05-19 23:11:06Z - Fix CVE-2026-8450 affects 6.15 and earlier: 2-arg open in sendfile enabled RCE / arbitrary file write / response-body...

SUSE SLES12 Security Update : frr (SUSE-SU-2026:2455-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2455-1 advisory. This update for frr fixes the following issues - CVE-2026-5107: Fixed an improper access controls in EVPN Type-2 Route Handler bsc1261013. -...

Fedora 43 : singularity-ce (2026-5358fb95a0)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5358fb95a0 advisory. Upgrade to 4.4.2 upstream version. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Linux Distros Unpatched Vulnerability : CVE-2026-48928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release line...

Debian dsa-6354 : libconfig-inifiles-perl - security update

The remote Debian 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6354 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6354-1 [email protected] https://www.debian.org/security/...

RockyLinux 9 : xorg-x11-server-Xwayland (RLSA-2026:26590)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26590 advisory. xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch...

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:2419-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2419-1 advisory. This update for 389-ds fixes the following issue Update to 2.7.0git193.9ab79d496: - CVE-2026-9064: unbounded LDAP controls count in...

Fedora 45 : docker-buildkit (2026-c6481c190e)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c6481c190e advisory. Automatic update for docker-buildkit-0.31.0-1.fc45. Changelog Wed Jun 17 2026 Bradley G Smith - 0.31.0-1 - Update to release v0.31.0 - Resolve...

SUSE SLES15 Security Update : openssl-3-livepatches (SUSE-SU-2026:2411-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2411-1 advisory. - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. - CVE-2025-15467: Stack buffer overflow in CM...

SUSE SLES12 Security Update : qemu (SUSE-SU-2026:2406-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2406-1 advisory. - CVE-2023-1544: pvrdma: out-of-bounds read in pvrdmaringnextelemread bsc1209554. - CVE-2025-11234: qemu-kvm: use-after-free in websocket...

Linux Distros Unpatched Vulnerability : CVE-2026-46977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily...

Fedora 43 : perl-Archive-Tar (2026-6988e8f652)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6988e8f652 advisory. Fixed CVE-2026-42496 - Path traversal via crafted symlinks allows arbitrary file access Backported from 3.08 Tenable has extracted the preceding description...

RHEL 10 : dracut (RHSA-2026:26532)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26532 advisory. The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtua...