AlmaLinux 8 : kernel-rt (ALSA-2026:16196)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:16196 advisory. kernel: Dirty Frag is a new universal Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-43284 Tenable has extracted the preceding...

Oracle Linux 10 : jq (ELSA-2026-16692)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16692 advisory. - Fix CVE-2026-40164 - Denial of Service via crafted JSON object causing hash collisions Tenable has extracted the preceding description block direct...

MiracleLinux 8 : resource-agents-4.9.0-54.el8_10.33 (AXSA:2026-602:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-602:05 advisory. pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion CVE-2026-30922 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : systemd-252-55.el9_7.9.ML.1 (AXSA:2026-609:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-609:06 advisory. systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data CVE-2026-29111 Tenable has extracted the preceding description...

MiracleLinux 9 : fence-agents-4.10.0-98.el9_7.13 (AXSA:2026-575:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-575:08 advisory. pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion CVE-2026-30922 Tenable has extracted the preceding description block directly from the...

Oracle Linux 10 : osbuild-composer (ELSA-2026-13643)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13643 advisory. - Ensure build on latest golang: CVE-2024-34156 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

AlmaLinux 10 : systemd (ALSA-2026:13651)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:13651 advisory. systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data CVE-2026-29111 Tenable has extracted the preceding description blo...

AlmaLinux 10 : freeipmi (ALSA-2026:13515)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:13515 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the AlmaLinux...

MiracleLinux 9 : PackageKit-1.2.6-2.el9_7 (AXSA:2026-537:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-537:02 advisory. PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 Tenable has extracted the preceding description block...

RockyLinux 10 : vim (RLSA-2026:11389)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:11389 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the RockyLinux...

AlmaLinux 9 : ALSA-2026:A002kernel (ALSA-2026:A002)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:A002 advisory. kernel: crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : PackageKit (ALSA-2026:11504)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:11504 advisory. PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 Tenable has extracted the preceding description block...

Low: python-pip

Issue Overview: When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical...

MiracleLinux 8 : vim-8.0.1763-22.el8_10.3.ML.1 (AXSA:2026-517:10)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-517:10 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the MiracleLin...

Medium: python-tornado

Issue Overview: In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.setcookie were not checked for crafted characters. CVE-2026-35536 Affected Packages: python-tornado Issue Correction: Run dnf update python-tornado...

MiracleLinux 9 : vim-8.2.2637-23.el9_7.3.ML.1 (AXSA:2026-514:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-514:09 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the MiracleLin...

AlmaLinux 8 : OpenEXR (ALSA-2026:8863)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:8863 advisory. openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing CVE-2026-27622 Tenable has extracted the preceding description block directl...

Oracle Linux 9 : PackageKit (ELSA-2026-11504)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11504 advisory. - Backport fix for CVE-2026-41651. Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

MiracleLinux 9 : pcs-0.11.10-1.el9_7.3.ML.1 (AXSA:2026-515:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-515:05 advisory. lodash: lodash: Arbitrary code execution via untrusted input in template imports CVE-2026-4800 Tenable has extracted the preceding description block directly...

RockyLinux 8 : libxml2 (RLSA-2026:11349)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:11349 advisory. libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 Tenable has extracted the preceding description block...