Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1865)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1865 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 In the Linux kernel, the following vulnerability has...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-123 (ALASKERNEL-5.10-2026-123)

The version of kernel installed on the remote host is prior to 5.10.258-257.1041. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-123 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race...

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1826)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1826 advisory. When writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. as per:...

RHEL 9 : kernel (RHSA-2026:27789)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27789 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix tx.buf...

RHEL 10 : firefox (RHSA-2026:27733)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:27733 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 8 : firefox (RHSA-2026:27717)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:27717 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 9 : osbuild-composer (RHSA-2026:27712)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27712 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...

RHEL 9 : Red Hat OpenStack Platform 17.1 (golang-uber-multierr) (RHSA-2026:28046)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28046 advisory. Security Fixes: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 For more details about the security issues,...

RHEL 10 : osbuild-composer (RHSA-2026:27711)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27711 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...

SUSE SLES15 Security Update : kubernetes-old (SUSE-SU-2026:2460-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2460-1 advisory. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265747. -...

RHEL 10 : osbuild-composer (RHSA-2026:27856)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27856 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building...

SUSE SLES15 Security Update : azure-storage-azcopy (SUSE-SU-2026:2466-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2466-1 advisory. This update for azure-storage-azcopy fixes the following issues Update to 10.32.4: - CVE-2025-47907: database/sql: incorrect result...

RHEL 10 : yggdrasil-worker-package-manager (RHSA-2026:27732)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:27732 advisory. yggdrasil-worker-package-manager is a simple package manager yggd worker. It knows how to install and remove packages, add, remove, enable and...

Fedora 43 : openssl (2026-840334a045)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-840334a045 advisory. Rebase to OpenSSL 3.5.7 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora 43 : mingw-SDL2_image (2026-bc38ebdf4c)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bc38ebdf4c advisory. Update to SDL2image 2.8.12, fixes CVE-2026-35444. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Fedora 43 : python3.13 (2026-2deb979d80)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2deb979d80 advisory. New Python release including bugfixes and security fixes. Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-56410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId. CVE-2026-56410 Note that Nessus relies on the presence of the package as reported by...

Fedora 44 : python3.13 (2026-dfc9182263)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dfc9182263 advisory. New Python version including bugfixes and security fixes. Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-56406

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse. CVE-2026-56406 Note that Nessus relies o...

Linux Distros Unpatched Vulnerability : CVE-2026-52911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the...

Linux Distros Unpatched Vulnerability : CVE-2026-56407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen. CVE-2026-56407 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2026-56403

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in storeAtts. CVE-2026-56403 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2026-55767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - guzzle - None CVE-2026-55767 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc...

Fedora 44 : mingw-SDL2_image (2026-6f328b5020)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6f328b5020 advisory. Update to SDL2image 2.8.12, fixes CVE-2026-35444. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Fedora 44 : yt-dlp (2026-bb702c613b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-bb702c613b advisory. - Update to 2026.06.09. Fixes rhbz2487407. - Mitigates CVE-2026-50019, CVE-2026-50023, CVE-2026-50574 Tenable has extracted the preceding descriptio...

Fedora 44 : ansible-core (2026-7f70f809f0)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7f70f809f0 advisory. - Mitigates CVE-2026-11332 rhbz2485397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Linux Distros Unpatched Vulnerability : CVE-2026-56405

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in getAttributeId. CVE-2026-56405 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2026-56409

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used. CVE-2026-56409 Note that Nessus relies on the presence...

Linux Distros Unpatched Vulnerability : CVE-2026-56404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in addBinding. CVE-2026-56404 Note that Nessus relies on the presence of the package as reported by the vendor...

Debian dsa-6356 : imagemagick - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6356 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6356-1 [email protected] https://www.debian.org/securit...

Linux Distros Unpatched Vulnerability : CVE-2026-56408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in copyString. CVE-2026-56408 Note that Nessus relies on the presence of the package as reported by the vendor...

Fedora 44 : alertmanager (2026-87b103f151)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-87b103f151 advisory. Update to 0.33.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 43 : alertmanager (2026-1ad4561f49)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1ad4561f49 advisory. Update to 0.33.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Photon OS 4.0: Coredns PHSA-2026-4.0-1038

An update of the coredns package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RHEL 8 : kernel (RHSA-2026:27355)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27355 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: actpedit: extend the writab...

Photon OS 5.0: Sqlite PHSA-2026-5.0-0889

An update of the sqlite package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0889. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Oracle Linux 8 : redis:6 (ELSA-2026-26008)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26008 advisory. 6.2.22-1.0.1 - Build with 64k pages to support redis on both UEK6 and UEK7 on aarch64 6.2.22-1 - rebase to 6.2.22 for CVE-2026-25243 Tenable has extracted the...

Fedora 44 : perl-Crypt-PBKDF2 (2026-5b12cc327e)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5b12cc327e advisory. This update addresses a number of security issues: Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations t...

Fedora 44 : perl-Config-IniFiles (2026-1c2676703e)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1c2676703e advisory. Update to 3.001000, fixes CVE-2026-11527 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Linux Distros Unpatched Vulnerability : CVE-2026-46862

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Router product of Oracle MySQL component: Router: General. Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easi...

Linux Distros Unpatched Vulnerability : CVE-2026-9265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribu...

Photon OS 5.0: Frr PHSA-2026-5.0-0884

An update of the frr package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid32183...

Debian dla-4638 : libgd-perl - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dla-4638 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4638-1 [email protected]...

Fedora 44 : erlang-cowboy / erlang-cowlib / erlang-gun (2026-c17ea7a74d)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-c17ea7a74d advisory. Gun ver. 2.4.1 and its dependencies ---- New erlang-gun Tenable has extracted the preceding description block directly from the Fedora security...

MiracleLinux 8 : [security - medium] mysql:8.0, rapidjson-1.1.0-6.module+el8+1989+b2d38253 (AXSA:2026-809:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-809:01 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026 CVE-2026-22001...

Linux Distros Unpatched Vulnerability : CVE-2026-49337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes...

Fedora 44 : chromium (2026-650bd96540)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-650bd96540 advisory. Update to 149.0.7827.155 CVE-2026-12437: Use after free in WebShare CVE-2026-12438: Inappropriate implementation in WebView CVE-2026-12439: Use afte...

Oracle Linux 8 : postgresql:15 (ELSA-2026-26181)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26181 advisory. - Fix CVE-2026-6478 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Fedora 45 : moby-engine (2026-d8b527c6c7)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d8b527c6c7 advisory. Automatic update for moby-engine-29.6.0-1.fc45. Changelog Fri Jun 19 2026 Bradley G Smith - 29.6.0-1 - Update to release v29.6.0 - Resolves:...

Fedora 44 : buildah / podman (2026-ceb2f5c5bb)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-ceb2f5c5bb advisory. Update to buildah 1.43.2 and podman 5.8.3 Security fix for CVE-2026-44517 Tenable has extracted the preceding description block directly from the Fedora...