SUSE SLED15 / SLES15 Security Update : rustup (SUSE-SU-2026:2441-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2441-1 advisory. This update for rustup fixes the following issues - CVE-2026-25727: time: parsing of user-provided input by the RFC 282...

SUSE SLES15 Security Update : container-suseconnect (SUSE-SU-2026:2420-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2420-1 advisory. This update for container-suseconnect rebuilds it against the current go security release. Tenable has extracted the preceding description...

SUSE SLES15 Security Update : ffmpeg-4 (SUSE-SU-2026:2444-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2444-1 advisory. This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Config-IniFiles vulnerability (USN-8445-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8445-1 advisory. It was discovered that Config-IniFiles incorrectly handled the -file argument in certain situations. An attacker could possibly us...

Linux Distros Unpatched Vulnerability : CVE-2026-55204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl.c that fails to validat...

SUSE SLES12 Security Update : perl-XML-LibXML (SUSE-SU-2026:2402-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2402-1 advisory. This update for perl-XML-LibXML fixes the following issue - CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing...

FreeBSD : jenkins -- multiple vulnerabilities (35598415-56de-4562-959c-11fb1fd2d995)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 35598415-56de-4562-959c-11fb1fd2d995 advisory. Jenkins Security Advisory 2026-06-10: Tenable has extracted the preceding description block...

Linux Distros Unpatched Vulnerability : CVE-2026-56211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC...

RockyLinux 10 : 389-ds-base (RLSA-2026:26456)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26456 advisory. 389-ds-base: 389-ds-base: unbounded LDAP controls count in getldapmessagecontrolsext causes CPU and heap amplification remote DoS CVE-2026-9064 Bug Fixes and...

SUSE SLES12 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:2408-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2408-1 advisory. - CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Tenable has extracted the preceding description block directly from the SUSE...

Photon OS 5.0: Samba PHSA-2026-5.0-0886

An update of the samba package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0886. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-12505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a...

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:2393-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2393-1 advisory. This update for openssl-3 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String...

RockyLinux 9 : dracut (RLSA-2026:26533)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26533 advisory. dracut: dracut: Root code execution via DHCP options command injection CVE-2026-6893 Tenable has extracted the preceding description block directly from the...

SUSE SLED15 / SLES15 Security Update : xwayland (SUSE-SU-2026:2426-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2426-1 advisory. - CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 - Font Alias Stack-based Buffer Overflow...

Linux Distros Unpatched Vulnerability : CVE-2026-43994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t...

Linux Distros Unpatched Vulnerability : CVE-2026-48823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a stored Cross-Site Scripting XSS vulnerability in the tag filtering functionality ...

Oracle Linux 8 : xorg-x11-server-Xwayland (ELSA-2026-26562)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-26562 advisory. 21.1.3-20.2 - Other security related fixes Resolves: https://redhat.atlassian.net/browse/RHEL-184293 21.1.3-20.1 - CVE fix for: CVE-2026-50256,...

Linux Distros Unpatched Vulnerability : CVE-2026-48619

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This...

Linux Distros Unpatched Vulnerability : CVE-2026-48933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported...