RHEL 9 : ruby:4.0 (RHSA-2026:20596)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20596 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

Amazon Linux 2023 : php8.4, php8.4-bcmath, php8.4-cli (ALAS2023-2026-1726)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1726 advisory. Global buffer over-read in mbconvertencoding with attacker-supplied encoding CVE-2026-6104 In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, th...

Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2026-1720)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1720 advisory. An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to...

TencentOS Server 3: gdk-pixbuf2 (TSSA-2026:0366)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0366 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: libcap (TSSA-2026:0353)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0353 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: webkit2gtk3 (TSSA-2026:0393)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0393 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

RHEL 10 : python-markdown (RHSA-2026:20677)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:20677 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...

TencentOS Server 3: java-21-openjdk (TSSA-2026:0396)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0396 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

RHEL 8 : dnsmasq (RHSA-2026:20589)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20589 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

RHEL 9 : xorg-x11-server-Xwayland (RHSA-2026:20547)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:20547 advisory. Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer...

TencentOS Server 3: grafana (TSSA-2026:0374)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0374 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

RHEL 9 : containernetworking-plugins (RHSA-2026:20608)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:20608 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network...

SUSE SLES15 Security Update : helm (SUSE-SU-2026:2049-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2049-1 advisory. This update for helm fixes the following issues Security issues: - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2...

RHEL 9 : firefox (RHSA-2026:20574)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20574 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

SUSE SLES12 Security Update : openssh (SUSE-SU-2026:2025-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2025-1 advisory. This update for openssh fixes the following issues Tenable has extracted the preceding description block directly from the SUSE security...

Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1713)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1713 advisory. OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to...

RHEL 8 : thunderbird (RHSA-2026:20586)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:20586 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ES...

Linux Distros Unpatched Vulnerability : CVE-2026-4480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the print command...

Debian dsa-6297 : ctdb - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6297 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6297-1 [email protected]...

RHEL 8 : gimp:2.8 (RHSA-2026:20553)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20553 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

RHEL 8 : squid:4 (RHSA-2026:20564)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20564 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Deni...

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2026-1757)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1757 advisory. GnuTLS didn't check that DTLS fragments claimed a consistent messagelength value. Additionally, a crucial array size check was missing, enabling an attacker to cause a heap overwrite...

RockyLinux 8 : ruby:3.3 (RLSA-2026:20614)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:20614 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the RockyLinux...

SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2026:2054-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2054-1 advisory. This update for busybox fixes the following issue - CVE-2026-29004: Heap buffer overflow vulnerability in the DHCPv6...

RHEL 8 : ruby:3.3 (RHSA-2026:20614)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20614 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

RHEL 9 : gimp (RHSA-2026:20691)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20691 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

TencentOS Server 3: python3.11 (TSSA-2026:0375)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0375 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: .NET 8.0 (TSSA-2026:0355)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0355 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

RHEL 9 : rsync (RHSA-2026:20604)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20604 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because...

RHEL 8 : glibc (RHSA-2026:20587)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20587 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cach...

Atlassian Confluence 8.9.0 < 9.2.20 / 9.3.1 < 10.2.11 (CONFSERVER-103707)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-103707 advisory. - This HTTP Request/Response Smuggling vulnerability allows an unauthenticated attacker to manipulate HTTP requests in a way that causes the server...

TencentOS Server 3: freerdp (TSSA-2026:0388)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0388 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

RHEL 7 : freerdp (RHSA-2026:20546)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20546 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

Fedora 44 : aw-server-rust / awatcher / nodejs-aw-webui (2026-f4ddcfa64b)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-f4ddcfa64b advisory. Rebuilt with openssl 0.10.79 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

Linux Distros Unpatched Vulnerability : CVE-2026-42627

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size...

Linux Distros Unpatched Vulnerability : CVE-2026-44933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If...

Linux Distros Unpatched Vulnerability : CVE-2023-47268

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is...

Linux Distros Unpatched Vulnerability : CVE-2026-32175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could writ...

Linux Distros Unpatched Vulnerability : CVE-2026-48831

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handli...

Fedora 44 : composer (2026-bd05cb6c4d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bd05cb6c4d advisory. Version 2.9.8 - 2026-05-13 Security: Fixed GitHub token validation and disclosure GHSA-f9f8-rm49-7jv2 Tenable has extracted the preceding description block...

Fedora 43 : docker-buildx (2026-6d1dd77956)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d1dd77956 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...

Linux Distros Unpatched Vulnerability : CVE-2026-46597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs. CVE-2026-46597 Note that Nessu...

Alibaba Cloud Linux 3 : 0118: krb5 (ALINUX3-SA-2026:0118)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0118 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-40355: A flaw was found in MIT...

Alibaba Cloud Linux 3 : 0130: corosync (ALINUX3-SA-2026:0130)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0130 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-35091: A flaw was found in...

Photon OS 5.0: Linux PHSA-2026-5.0-0854

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0854. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-42508

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for...

Fedora 45 : perl-Crypt-PasswdMD5 (2026-5f1dfcb5c8)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5f1dfcb5c8 advisory. Automatic update for perl-Crypt-PasswdMD5-1.4.3-1.fc45. Changelog Sat May 23 2026 Paul Howarth - 1.4.3-1 - Update to 1.43 - Replace use of the...

Fedora 42 : docker-buildx (2026-95f37c21d5)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-95f37c21d5 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...

Alibaba Cloud Linux 3 : 0124: libsoup (ALINUX3-SA-2026:0124)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0124 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-5119: A flaw was found in libsoup. When...

Linux Distros Unpatched Vulnerability : CVE-2026-43498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if t...