CVE-2026-11526 GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle

GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open of filename arguments in makefilehandle. GD::Image::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd |" or begins with a...

Fedora 44 : perl-Crypt-DSA (2026-cdcb20089b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cdcb20089b advisory. This update fixes a couple of security issues: Replace two arg open CVE-2026-8704 Replace rand with a cryptographically-secure source of random data...

Linux Distros Unpatched Vulnerability : CVE-2025-40908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified CVE-2025-40908 Note that Nessus relies on the presence of the...