Security Bulletin: NVIDIA DALI - June 2026

NVIDIA has released a software update for NVIDIA® DALI. To protect your system, clone or update this software to DALI v2.1 or later from NVIDIA/DALI on GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses a...

Fedora 43 : mingw-objfw (2026-de23fedf3e)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-de23fedf3e advisory. Update to 1.5.5, containing many bug fixes, some also security related. Tenable has extracted the preceding description block directly from the Fedora securi...

PT-2026-47146

Name of the Vulnerable Software and Affected Versions chromedriver versions prior to 149.0.7827.53-2.1 Description An issue in Google Chrome allows attackers to affect the system. Recommendations Update to version 149.0.7827.53-2.1...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses tornado-6.5.3-cp39-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to CVE-2026-31958

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses tornado-6.5.3-cp39-abi3-manylinux25x8664.manylinux1x8664.manylinux217x8664.manylinux2014x8664.whl which is vulnerable to CVE-2026-31958. This bulletin contains information addressing the vulnerability. Vulnerability...

Fedora 42 : docker-buildkit (2026-0adc4a8098)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0adc4a8098 advisory. - Update to release v0.30.0 - Resolves CVE-2026-39984: rhbz2458929 - Upstream new features and fixes Tenable has extracted the preceding description block...

Fedora 43 : GitPython (2026-ee7b1c75b6)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ee7b1c75b6 advisory. Update to 3.1.50; fixes CVE-2026-42215 / GHSA-mv93-w799-cj2w. Tenable has extracted the preceding description block directly from the Fedora security advisor...

Fedora 43 : python-dotenv (2026-20312e36a8)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-20312e36a8 advisory. Update to 1.2.2, security fix for CVE-2026-28684. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Microsoft Security Advisory CVE-2026-42899 – ASP.NET Core Denial of Service Vulnerability

Executive Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. Loop with unreachable exit...

PT-2026-42855

Name of the Vulnerable Software and Affected Versions Botan versions prior to 3.12.0 Description Certain patterns of indefinite length encodings in Basic Encoding Rules BER data can cause quadratic behavior in the parser, leading to a denial of service. These BER encodings were accepted even in...

CLSA-2026-1773654558 mysql: Fix of 7 CVEs

Update to MySQL 8.0.45 January 2026 CPU CVE-2026-21968 CVE-2026-21936 CVE-2026-21937 CVE-2026-21941 CVE-2026-21948 CVE-2026-21964 CVE-2025-9230...

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-27448 DESCRIPTION: pyOpenSSL is a Python wrappe...

PT-2026-37752

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

PT-2026-38195

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 148.0.7778.96 Description A use after free issue in the Audio component allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memo...

Fedora 44 : rust-sequoia-git (2026-0a72408e1b)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0a72408e1b advisory. Update to version 0.6.0. Addresses RUSTSEC-2026-0109. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora 43 : nodejs20 (2026-9dc3a61ad8)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9dc3a61ad8 advisory. Update to version 20.20.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

PT-2026-38205

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An inappropriate implementation in MHTML MIME HTML, a web page archive format allows a remote attacker who has already compromised the renderer process to inject arbitrary scripts or...

CVE-2026-6321 fast-uri vulnerable to path traversal via percent-encoded dot segments

fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data was treated like real slashes and parent-directory references, so distinct URIs could collapse onto the same normalized path. Applications...

KLA91056 DoS vulnerabilities in Wireshark

Denial of service vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in Wireshark dissector can be exploited remotely to cause denial of service. 2...

Fedora 44 : trivy (2026-6fc2f11089)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6fc2f11089 advisory. Update to 0.69.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Fedora 44 : dnsdist (2026-519446405a)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-519446405a advisory. Update to latest upstream Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...