TencentOS Server 2: glib2 (TSSA-2026:0420)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0420 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 3: sudo (TSSA-2026:0349)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0349 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: tigervnc (TSSA-2025:1016)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:1016 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

PT-2026-43209

Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers can paste a buffer of repeated characters into the password input field to trigger an application...

Alibaba Cloud Linux 3 : 0130: corosync (ALINUX3-SA-2026:0130)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0130 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-35091: A flaw was found in...

CVE-2026-9082

creationtimestamp| type| source ---|---|--- 2026-05-20 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/drupal-remote-code-execution-vulnerability20260521 2026-05-20 18:43:04+00:00| seen|...

CLEANSTART-2026-PK19530 Security fixes for CVE-2022-29526, CVE-2025-47907, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-4f99-4q7p-p3gh applied in versions: 0.10-r0, 0.11-r0, 0.11-r2, 0.11-r3, 0.11-r4, 0.11-r5, 0.11-r6

Multiple security vulnerabilities affect the druid-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Alibaba Cloud Linux 3 : 0113: python3 (ALINUX3-SA-2026:0113)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0113 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4786: Mitgation ofCVE-2026-4519 w...

Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities

Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to execute arbitrary code on or conduct server-side request forgery SSRF attacks through an affected device. For more information about these vulnerabilities, see the Details "details" section of this advisory. Cisco...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-24842

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-24842, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24842 DESCRIPTION: node-tar,a Tar for Node.js,...

Slackware Linux 15.0 / current openssl Multiple Vulnerabilities (SSA:2026-101-01)

The version of openssl installed on the remote host is prior to 1.1.1zg / 3.5.6. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-101-01 advisory. New openssl packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted t...

Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2026-083-01)

The version of mozilla-firefox installed on the remote host is prior to 140.9.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-083-01 advisory. New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Tenable has...

TencentOS Server 2: python3 (TSSA-2026:0176)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0176 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Slackware Linux 15.0 / current libxml2 Multiple Vulnerabilities (SSA:2026-070-02)

The version of libxml2 installed on the remote host is prior to 2.11.9 / 2.15.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-070-02 advisory. New libxml2 packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted t...

Vulnerability fixed in Microsoft Authenticator app

Microsoft has fixed a vulnerability in the Authenticator app for Android and iOS. A malicious party could exploit the vulnerability to gain access to sensitive data. Successful abuse requires the malicious party to trick the victim into installing a rogue app. This app can then be misused to...

Vulnerabilities fixed in Microsoft SQL Server

Microsoft has fixed vulnerabilities in SQL Server. A malicious party could exploit the vulnerabilities to grant themselves elevated privileges and potentially execute SQL Statements with Sysadmin privileges. For successful abuse, the malicious party must have prior authorizations as a user. Of th...

CVE-2026-20003

creationtimestamp| type| source ---|---|--- 2026-03-05 11:03:43+00:00| seen| https://www.cert.at/de/warnungen/2026/3/kritische-sicherheitslucken-in-cisco-secure-firewall-produkten-updates-verfugbar 2026-03-05 14:15:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mgcyc5zbe22b...

CVE-2026-20106

creationtimestamp| type| source ---|---|--- 2026-03-05 11:03:43+00:00| seen| https://www.cert.at/de/warnungen/2026/3/kritische-sicherheitslucken-in-cisco-secure-firewall-produkten-updates-verfugbar 2026-03-05 14:15:09+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mgcyc5zbe22b...

CVE-2026-20001

creationtimestamp| type| source ---|---|--- 2026-03-05 11:03:43+00:00| seen| https://www.cert.at/de/warnungen/2026/3/kritische-sicherheitslucken-in-cisco-secure-firewall-produkten-updates-verfugbar 2026-03-05 14:15:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mgcyc5zbe22b...