Debian dla-4634 : libnginx-mod-http-auth-pam - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4634 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4634-1 [email protected] https://www.debian.org/lts/security/...

SUSE SLES16 Security Update : kernel (SUSE-SU-2026:22099-1)

The remote SUSE Linux SLES16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22099-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-23254:...

Oracle Linux 8 : kernel (ELSA-2026-26427)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26427 advisory. - wifi: mac80211: remove station if connection prep fails Jose Ignacio Tornos Martinez RHEL-180120 CVE-2026-46125 - wifi: mac80211: drop stray 'static...

Photon OS 5.0: Dotnet PHSA-2026-5.0-0884

An update of the dotnet package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 43 : perl-Archive-Tar (2026-6988e8f652)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6988e8f652 advisory. Fixed CVE-2026-42496 - Path traversal via crafted symlinks allows arbitrary file access Backported from 3.08 Tenable has extracted the preceding description...

SUSE SLES16 Security Update : kernel (SUSE-SU-2026:22127-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22127-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: -...

RockyLinux 8 : kernel (RLSA-2026:26427)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26427 advisory. kernel: mptcp: fix slab-use-after-free in inetlookupestablished CVE-2026-31669 kernel: xen/privcmd: fix double free via VMA splitting CVE-2026-31787...

MiracleLinux 8 : libxml2-2.9.7-21.el8_10.5 (AXSA:2026-795:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-795:03 advisory. libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c CVE-2024-34459 Tenable has extracted the preceding description block directly from the...

Linux Distros Unpatched Vulnerability : CVE-2026-12505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a...

MiracleLinux 8 : libxslt-1.1.32-6.4.el8_10 (AXSA:2026-796:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-796:02 advisory. libxslt: use-after-free with key data stored cross-RVT CVE-2025-10911 Tenable has extracted the preceding description block directly from the MiracleLinux...

FreeBSD : jenkins -- multiple vulnerabilities (35598415-56de-4562-959c-11fb1fd2d995)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 35598415-56de-4562-959c-11fb1fd2d995 advisory. Jenkins Security Advisory 2026-06-10: Tenable has extracted the preceding description block...

RockyLinux 10 : yggdrasil-worker-package-manager (RLSA-2026:25999)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:25999 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 Tenable has extracted the preceding description block directly from...

SUSE SLES16 Security Update : google-guest-agent (SUSE-SU-2026:22128-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22128-1 advisory. Changes in google-guest-agent: Update to version 20260430.00 Update OWNERS 609 Update THIRDPARTYLICENSES to be package specific...

RHCOS 4 : OpenShift Container Platform 4.16.64 (RHSA-2026:25043)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25043 advisory. - net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 Note that Nessus has not tested for this issue but has instead...

AlmaLinux 9 : podman (ALSA-2026:26447)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:26447 advisory. crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation CVE-2026-32281 crypto/tls: golang: Go crypto/tls:...

SUSE SLES12 Security Update : glibc (SUSE-SU-2026:2440-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2440-1 advisory. - CVE-2026-5928: libio: Fix ungetwc operating on byte stream bsc1262464, BZ 33998 - CVE-2026-5450: stdio-common: Fix buffer overflow in scanf %...

RHEL 8 / 9 : Satellite 6.16.9 Async Update (Important) (RHSA-2026:27076)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27076 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessi...

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2421-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2421-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: -...

RHEL 8 : kernel (RHSA-2026:26535)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26535 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: geneve: Fix use-after-free in...

GHSA-G2GW-Q38M-VJFC Lokka: Azure Resource Manager URL path validation issue

Lokka versions prior to 2.1.2 constructed Azure Resource Manager request URLs using direct string concatenation with user-controlled path input. Specially crafted path values could alter URL authority parsing and cause Azure Resource Manager bearer tokens to be sent to an unintended host. Version...