Fedora 44 : dotnet9.0 (2026-9c63a012b9)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9c63a012b9 advisory. Update to .NET SDK 9.0.117 and Runtime 9.0.16 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Linux Distros Unpatched Vulnerability : CVE-2026-42627

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size...

Debian dsa-6294 : libgcrypt-bin - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6294 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6294-1 [email protected] https://www.debian.org/security/...

Fedora 42 : dotnet9.0 (2026-85758358ff)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-85758358ff advisory. Update to .NET SDK 9.0.117 and Runtime 9.0.16 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Fedora 42 : dotnet8.0 (2026-b1a2f623e7)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b1a2f623e7 advisory. Update to .NET SDK 8.0.127 and Runtime 8.0.27 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Fedora 44 : aw-server-rust / awatcher / nodejs-aw-webui (2026-f4ddcfa64b)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-f4ddcfa64b advisory. Rebuilt with openssl 0.10.79 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

Linux Distros Unpatched Vulnerability : CVE-2026-46597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs. CVE-2026-46597 Note that Nessu...

Linux Distros Unpatched Vulnerability : CVE-2026-35433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally. CVE-2026-35433 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2026-36189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in Uncrustify Project Affected v.Uncrustifyd-0.82.0-132-bcc41cbdc and Fixed in commit 68e67b9a1435a1bb173b106fedb4a4f510972bdc...

Linux Distros Unpatched Vulnerability : CVE-2026-43498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if t...

Linux Distros Unpatched Vulnerability : CVE-2026-9365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in Ettercap up to 0.8.3. The affected element is the function FUNCDECODER of the file src/dissectors/ecgg.c of the component GG...

Linux Distros Unpatched Vulnerability : CVE-2026-39827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server...

Fedora 43 : perl-Apache-Session-Browseable (2026-e8ef64b8d3)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e8ef64b8d3 advisory. This update has improvements to generate more secure session IDs CVE-2026-8503. Tenable has extracted the preceding description block directly from the Fedor...

Linux Distros Unpatched Vulnerability : CVE-2026-42508

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for...

Fedora 43 : dotnet9.0 (2026-6013769170)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6013769170 advisory. Update to .NET SDK 9.0.117 and Runtime 9.0.16 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Linux Distros Unpatched Vulnerability : CVE-2026-41148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1...

Fedora 44 : dotnet8.0 (2026-223f4839fc)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-223f4839fc advisory. Update to .NET SDK 8.0.127 and Runtime 8.0.27 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Linux Distros Unpatched Vulnerability : CVE-2026-39835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a...

Fedora 44 : chromium (2026-c758d44a9a)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c758d44a9a advisory. Update to 148.0.7778.178 CVE-2026-9111: Use after free in WebRTC CVE-2026-9110: Inappropriate implementation in UI CVE-2026-9112: Use after free in...

Fedora 45 : perl-Crypt-PasswdMD5 (2026-5f1dfcb5c8)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5f1dfcb5c8 advisory. Automatic update for perl-Crypt-PasswdMD5-1.4.3-1.fc45. Changelog Sat May 23 2026 Paul Howarth - 1.4.3-1 - Update to 1.43 - Replace use of the...

Linux Distros Unpatched Vulnerability : CVE-2026-9277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - shell-quote's quote function did not validate object-token inputs against the operator model used by parse. The .op field was backslash-escaped character by...

Fedora 43 : aw-server-rust / awatcher / nodejs-aw-webui (2026-c9d4e8b9a4)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-c9d4e8b9a4 advisory. Rebuilt with openssl 0.10.79 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

Alibaba Cloud Linux 3 : 0119: dovecot (ALINUX3-SA-2026:0119)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0119 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-59032: ManageSieve AUTHENTICATE...

Linux Distros Unpatched Vulnerability : CVE-2026-39830

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine coul...

Linux Distros Unpatched Vulnerability : CVE-2026-40864

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection updated in 4.1.0...

Linux Distros Unpatched Vulnerability : CVE-2026-44572

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, an external client could send a x-nextjs-data...

Linux Distros Unpatched Vulnerability : CVE-2026-48700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file's path is passed as a URI in an...

Linux Distros Unpatched Vulnerability : CVE-2026-40295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Devise is an authentication solution for Rails based on Warden. In versions 5.0.3 and below, when the Timeoutable module is enabled in Devise, the...

Linux Distros Unpatched Vulnerability : CVE-2026-48832

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability. CVE-2026-48832 Note that Nessus relies on the presence of the...

Fedora 43 : python-pulp-glue / python-requests (2026-8ad863685a)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-8ad863685a advisory. 2.33.1 2026-03-30 ------------------- Bugfixes - Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. - Fixed...

Fedora 42 : kernel (2026-b9f338a467)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b9f338a467 advisory. The 6.19.14-108 stable kernel update contains a couple if important security fixes. Tenable has extracted the preceding description block directly from the...

Alibaba Cloud Linux 3 : 0123: webkit2gtk3 (ALINUX3-SA-2026:0123)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0123 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-43213: The issue was addressed wi...

Alibaba Cloud Linux 3 : 0129: libtiff (ALINUX3-SA-2026:0129)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0129 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4775: A flaw was found in the libtiff...

Linux Distros Unpatched Vulnerability : CVE-2026-39828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially droppin...

MiracleLinux 8 : gimp:2.8 (AXSA:2026-712:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-712:01 advisory. gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image CVE-2026-4887 gimp: GIMP: Remote Code Execution via XPM File Parsi...

Debian dla-4599 : jq - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4599 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4599-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2026-48829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This...

Linux Distros Unpatched Vulnerability : CVE-2026-48710

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct...

Fedora 44 : perl-Apache-Session-Browseable (2026-19d80281b7)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-19d80281b7 advisory. This update has improvements to generate more secure session IDs CVE-2026-8503. Tenable has extracted the preceding description block directly from the Fedor...

Alibaba Cloud Linux 3 : 0128: grafana-pcp (ALINUX3-SA-2026:0128)

The remote Alibaba Cloud Linux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0128 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-32280: A flaw was found in the Go...

Fedora 43 : pie (2026-b7427db462)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b7427db462 advisory. Version 1.4.4 Dependencies - Update Composer to 2.9.8 ---- Version 1.4.3 - add output check for dnf permission denied thanks to @asgrim and @hackel - don't...

Alibaba Cloud Linux 3 : 0131: rsync (ALINUX3-SA-2026:0131)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0131 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-41035: In rsync 3.0.1 through 3.4.1,...

Fedora 42 : dotnet10.0 (2026-ef4291bd79)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ef4291bd79 advisory. Update to .NET SDK 10.0.108 and Runtime 10.0.8 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Alibaba Cloud Linux 3 : 0121: grafana (ALINUX3-SA-2026:0121)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0121 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-32280: A flaw was found in the Go...

Linux Distros Unpatched Vulnerability : CVE-2026-39831

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Verify method for FIDO/U2F security key types [email protected], sk-ssh- [email protected] did not check the User Presence flag. Signatur...

Alibaba Cloud Linux 3 : 0125: LibRaw (ALINUX3-SA-2026:0125)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0125 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-21413: A flaw was found in LibRaw...

Alibaba Cloud Linux 3 : 0117: freeipmi (ALINUX3-SA-2026:0117)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0117 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-33554: ipmi-oem in FreeIPMI before 1.16.17...

Fedora 44 : python3.15 (2026-2ee2d7abd5)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2ee2d7abd5 advisory. New prerelease of Python 3.15 with several CVE fixes Tenable has extracted the preceding description block directly from the Fedora security advisor...

Fedora 42 : python3.15 (2026-e7dc1a8950)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e7dc1a8950 advisory. A new prerelease of Python 3.15 with fixes to several CVEs. Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 42 : firefox / nss (2026-7f6ee801e2)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-7f6ee801e2 advisory. Update NSS to 3.123.1 Update to Firefox 151.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...