Alibaba Cloud Linux 3 : 0134: git-lfs (ALINUX3-SA-2026:0134)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0134 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-25679: url.Parse insufficiently...

Fedora 44 : dotnet10.0 (2026-0d598afbf9)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0d598afbf9 advisory. Update to .NET SDK 10.0.108 and Runtime 10.0.8 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Fedora 42 : dotnet9.0 (2026-85758358ff)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-85758358ff advisory. Update to .NET SDK 9.0.117 and Runtime 9.0.16 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Alibaba Cloud Linux 3 : 0129: libtiff (ALINUX3-SA-2026:0129)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0129 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4775: A flaw was found in the libtiff...

Fedora 44 : dotnet9.0 (2026-9c63a012b9)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9c63a012b9 advisory. Update to .NET SDK 9.0.117 and Runtime 9.0.16 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Debian dla-4598 : libnode-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4598 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4598-1 [email protected]...

RockyLinux 8 : firefox (RLSA-2026:19588)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19588 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure du...

Debian dla-4597 : atril - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4597 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4597-1 [email protected] https://www.debian.org/lts/security/...

Fedora 43 : dotnet10.0 (2026-8923ef586f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8923ef586f advisory. Update to .NET SDK 10.0.108 and Runtime 10.0.8 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Alibaba Cloud Linux 3 : 0122: java-17-openjdk (ALINUX3-SA-2026:0122)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0122 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-22007: No description is availabl...

Linux Distros Unpatched Vulnerability : CVE-2026-8631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of...

Alibaba Cloud Linux 3 : 0126: libcap (ALINUX3-SA-2026:0126)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0126 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4878: A flaw was found in libcap. A local...

MiracleLinux 8 : gimp:2.8 (AXSA:2026-712:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-712:01 advisory. gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image CVE-2026-4887 gimp: GIMP: Remote Code Execution via XPM File Parsi...

Fedora 42 : firefox / nss (2026-7f6ee801e2)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-7f6ee801e2 advisory. Update NSS to 3.123.1 Update to Firefox 151.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Oracle Linux 8 : firefox (ELSA-2026-19588)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-19588 advisory. 140.10.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.10.1 -...

Fedora 43 : python3.15 (2026-e2ada1fa1e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e2ada1fa1e advisory. New prerelease of Python 3.15, containing fixes to a few CVEs. Tenable has extracted the preceding description block directly from the Fedora securi...

Alibaba Cloud Linux 3 : 0123: webkit2gtk3 (ALINUX3-SA-2026:0123)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0123 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-43213: The issue was addressed wi...

Linux Distros Unpatched Vulnerability : CVE-2026-9277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - shell-quote's quote function did not validate object-token inputs against the operator model used by parse. The .op field was backslash-escaped character by...

Fedora 43 : dotnet8.0 (2026-3e509b1444)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3e509b1444 advisory. Update to .NET SDK 8.0.127 and Runtime 8.0.27 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Linux Distros Unpatched Vulnerability : CVE-2026-39835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Evince vulnerability (USN-8295-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8295-1 advisory. It was discovered that Evince did not properly sanitize command-line arguments in PDF /GoToR actions. If a user opened a specially...

Linux Distros Unpatched Vulnerability : CVE-2026-35433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally. CVE-2026-35433 Note that Nessus relies on the presence of the...

Alibaba Cloud Linux 3 : 0135: resource-agents (ALINUX3-SA-2026:0135)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0135 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-30922: pyasn1 is a generic ASN.1 library f...

Linux Distros Unpatched Vulnerability : CVE-2026-42899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network. CVE-2026-42899 Note that...

Fedora 42 : evince (2026-49dc95b509)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-49dc95b509 advisory. Fix command injection CVE-2026-46529 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

Fedora 42 : dotnet8.0 (2026-b1a2f623e7)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b1a2f623e7 advisory. Update to .NET SDK 8.0.127 and Runtime 8.0.27 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

RockyLinux 8 : python3 (RLSA-2026:11077)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:11077 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...

Debian dla-4596 : evince - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4596 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4596-1 [email protected] https://www.debian.org/lts/security/...

Debian dla-4595 : gnutls-bin - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4595 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4595-1 [email protected]...

Fedora 42 : kernel (2026-b9f338a467)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b9f338a467 advisory. The 6.19.14-108 stable kernel update contains a couple if important security fixes. Tenable has extracted the preceding description block directly from the...

Linux Distros Unpatched Vulnerability : CVE-2026-39829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could...

Alibaba Cloud Linux 3 : 0116: freerdp (ALINUX3-SA-2026:0116)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0116 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-25952: FreeRDP is a free...

Fedora 44 : aw-server-rust / awatcher / nodejs-aw-webui (2026-f4ddcfa64b)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-f4ddcfa64b advisory. Rebuilt with openssl 0.10.79 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

Linux Distros Unpatched Vulnerability : CVE-2026-42627

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size...

Linux Distros Unpatched Vulnerability : CVE-2026-44933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If...

Linux Distros Unpatched Vulnerability : CVE-2023-47268

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is...

Linux Distros Unpatched Vulnerability : CVE-2026-32175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could writ...

Linux Distros Unpatched Vulnerability : CVE-2026-48831

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handli...

Fedora 44 : composer (2026-bd05cb6c4d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bd05cb6c4d advisory. Version 2.9.8 - 2026-05-13 Security: Fixed GitHub token validation and disclosure GHSA-f9f8-rm49-7jv2 Tenable has extracted the preceding description block...

Fedora 43 : docker-buildx (2026-6d1dd77956)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d1dd77956 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...

Linux Distros Unpatched Vulnerability : CVE-2026-46597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs. CVE-2026-46597 Note that Nessu...

Alibaba Cloud Linux 3 : 0118: krb5 (ALINUX3-SA-2026:0118)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0118 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-40355: A flaw was found in MIT...

Alibaba Cloud Linux 3 : 0130: corosync (ALINUX3-SA-2026:0130)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0130 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-35091: A flaw was found in...

Photon OS 5.0: Linux PHSA-2026-5.0-0854

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0854. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-42508

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for...

Fedora 45 : perl-Crypt-PasswdMD5 (2026-5f1dfcb5c8)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5f1dfcb5c8 advisory. Automatic update for perl-Crypt-PasswdMD5-1.4.3-1.fc45. Changelog Sat May 23 2026 Paul Howarth - 1.4.3-1 - Update to 1.43 - Replace use of the...

Fedora 42 : docker-buildx (2026-95f37c21d5)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-95f37c21d5 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...

Alibaba Cloud Linux 3 : 0124: libsoup (ALINUX3-SA-2026:0124)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0124 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-5119: A flaw was found in libsoup. When...

Linux Distros Unpatched Vulnerability : CVE-2026-43498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if t...

Linux Distros Unpatched Vulnerability : CVE-2026-41148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1...