Fedora 44 : weasyprint (2026-6525541bb8)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6525541bb8 advisory. New upstream version which also includes a security update CVE-2026-49452. Tenable has extracted the preceding description block directly from the Fedora...

Debian dla-4629 : apache2 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4629 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4629-1 [email protected]...

Fedora 44 : httpd (2026-d4136fe979)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d4136fe979 advisory. - new version 2.4.68 - fixes various security issues Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Important: libvncserver

Issue Overview: LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A...

Fedora 44 : python-starlette (2026-3bce8d3f11)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3bce8d3f11 advisory. Backport fix for CVE-2026-48710 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 43 : python-starlette (2026-e0f378428e)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e0f378428e advisory. Backport fix for CVE-2026-48710 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 43 : perl-HTTP-Tiny (2026-3bfb774625)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3bfb774625 advisory. 0.094 - fix to prevent invalid characters in all headers, and prevent header smuggling CVE-2026-7010 Tenable has extracted the preceding description block...

Fedora 44 : rubygem-yard (2026-acefc1fe48)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-acefc1fe48 advisory. Backport 0.9.41 / 0.9.44 fixes for possible path traversal issues Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 43 : xrdp (2026-8aeca78af9)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8aeca78af9 advisory. Close TCP socket in default configuration, because we want just Unix domain socket connections to Xvnc. Tenable has extracted the preceding description block...

Fedora 43 : mingw-qt6-qtsvg (2026-b63645cad6)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b63645cad6 advisory. Backport fix for CVE-2026-6210. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 44 : haveged (2026-12643837bd)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-12643837bd advisory. Backport fix for CVE-2026-41054: privilege escalation via command socket Tenable has extracted the preceding description block directly from the Fedora...

Important: kernel-livepatch-5.10.253-251.1014

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-5.10.253-251.1014 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Fedora 42 : python3.15 (2026-e7dc1a8950)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e7dc1a8950 advisory. A new prerelease of Python 3.15 with fixes to several CVEs. Tenable has extracted the preceding description block directly from the Fedora security...

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016768)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016768 advisory. An issue was discovered in SoX 14.4.2. lsxmakelpf in effectidsp.c allows a NULL pointer dereference. Tenable has extracted the preceding description block directly...

Fedora 43 : erlang-cowlib (2026-ce0a56ca97)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ce0a56ca97 advisory. Cowlib 2.16.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora 43 : python-click (2026-599dafe4ae)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-599dafe4ae advisory. Security fix for CVE-2026-7246 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

java-21-openj9-21.0.11.0-1.1 on GA media (moderate)

java-21-openj9-21.0.11.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10727-1 Rating: moderate Cross-References: CVE-2026-22007 CVE-2026-22016 CVE-2026-22021 CVE-2026-34268 CVSS scores: CVE-2026-22007 SUSE : 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-22007 SUSE : 2.1...

Important: kernel-livepatch-6.18.15-14.217

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Important: kernel-livepatch-5.10.251-248.983

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Malicious Package

Overview @w3m-frame/sessionupdate is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...