Fedora 44 : perl-Config-IniFiles (2026-1c2676703e)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1c2676703e advisory. Update to 3.001000, fixes CVE-2026-11527 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Fedora 44 : perl-Crypt-PBKDF2 (2026-5b12cc327e)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5b12cc327e advisory. This update addresses a number of security issues: Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations t...

Linux Distros Unpatched Vulnerability : CVE-2026-56403

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in storeAtts. CVE-2026-56403 Note that Nessus relies on the presence of the package as reported by the vendor...

Photon OS 5.0: Sqlite PHSA-2026-5.0-0889

An update of the sqlite package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0889. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 43 : mingw-SDL2_image (2026-bc38ebdf4c)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bc38ebdf4c advisory. Update to SDL2image 2.8.12, fixes CVE-2026-35444. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Photon OS 5.0: Frr PHSA-2026-5.0-0884

An update of the frr package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid32183...

Fedora 44 : kubernetes1.35 (2026-b56d6f4b79)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b56d6f4b79 advisory. - Update to release v1.35.6 - Resolves: rhbz2467606 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-52911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the...

Fedora 44 : ansible-core (2026-7f70f809f0)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7f70f809f0 advisory. - Mitigates CVE-2026-11332 rhbz2485397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Photon OS 4.0: Python3 PHSA-2026-4.0-1038

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Debian dla-4638 : libgd-perl - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dla-4638 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4638-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2026-49346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit...

Fedora 43 : perl-Crypt-PBKDF2 (2026-e8231b773d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e8231b773d advisory. This update addresses a number of security issues: Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations t...

Fedora 44 : strongswan (2026-284c049f7f)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-284c049f7f advisory. Addresses CVE-2026-47895 which is a theoretical RCE Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Fedora 44 : alertmanager (2026-87b103f151)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-87b103f151 advisory. Update to 0.33.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

MiracleLinux 8 : [security - medium] mysql:8.0, rapidjson-1.1.0-6.module+el8+1989+b2d38253 (AXSA:2026-809:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-809:01 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026 CVE-2026-22001...

MiracleLinux 8 : [security - medium] mysql:8.4, rapidjson-1.1.0-3.module+el8+1990+5ba0b90f (AXSA:2026-810:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-810:01 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026 CVE-2026-22001...

Linux Distros Unpatched Vulnerability : CVE-2026-56408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in copyString. CVE-2026-56408 Note that Nessus relies on the presence of the package as reported by the vendor...

Fedora 43 : kubernetes1.35 (2026-0544eff1d8)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0544eff1d8 advisory. - Update to release v1.35.6 - Resolves: rhbz2467606 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-49271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offse...

Linux Distros Unpatched Vulnerability : CVE-2026-9265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribu...

Fedora 44 : erlang-cowboy / erlang-cowlib / erlang-gun (2026-c17ea7a74d)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-c17ea7a74d advisory. Gun ver. 2.4.1 and its dependencies ---- New erlang-gun Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-56411

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. CVE-2026-56411 Note that Nessus relies on the presence of th...

Fedora 43 : kubernetes1.34 (2026-88ab77d111)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-88ab77d111 advisory. - Update to release v1.34.9 - Resolves: rhbz2467605 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-56378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-15 and 6.x before 6.9.13-40 contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a...

Fedora 43 : ansible-core (2026-f027f57724)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f027f57724 advisory. - Mitigates CVE-2026-11332 rhbz2485397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Fedora 44 : freerdp (2026-9c6082d92d)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9c6082d92d advisory. Update to 3.27.1 It fixes CVE-2026-55191, CVE-2026-55192, CVE-2026-55193, CVE-2026-55194, CVE-2026-55648 and CVE-2026-55827. Tenable has extracted t...

Debian dla-4637 : libconfig-inifiles-perl - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dla-4637 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4637-1 [email protected]...

Fedora 44 : buildah / podman (2026-ceb2f5c5bb)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-ceb2f5c5bb advisory. Update to buildah 1.43.2 and podman 5.8.3 Security fix for CVE-2026-44517 Tenable has extracted the preceding description block directly from the Fedora...

Linux Distros Unpatched Vulnerability : CVE-2026-49295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds array write in...

Linux Distros Unpatched Vulnerability : CVE-2026-56412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in...

Fedora 44 : kubernetes1.33 (2026-da02662d41)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-da02662d41 advisory. - Update to release 1.33.13 - Resolves: rhbz2467604 - Upstream fix Tenable has extracted the preceding description block directly from the Fedora security...

Oracle Linux 8 : dracut (ELSA-2026-26534)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26534 advisory. 049-244.git20260529.0.1 - Refactor getucodefile Orabug: 36989953 - Revert the fixes for bugs 33676753 and 33888951 due to regressions Orabug: 35656614 - Fix ty...

Photon OS 4.0: Coredns PHSA-2026-4.0-1038

An update of the coredns package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-55568

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - guzzle - None CVE-2026-55568 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc...

Linux Distros Unpatched Vulnerability : CVE-2026-39199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file. CVE-2026-39199 Note that Nessus relies on the presence of the package a...

Photon OS 4.0: Linux PHSA-2026-4.0-1037

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1037. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Debian dsa-6358 : libhttp-daemon-perl - security update

The remote Debian 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6358 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6358-1 [email protected] https://www.debian.org/security/...

Fedora 43 : kubernetes1.33 (2026-c2a89ccca5)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c2a89ccca5 advisory. - Update to release 1.33.13 - Resolves: rhbz2467604 - Upstream fix Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-12706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a...

Debian dsa-6359 : gstreamer1.0-gtk3 - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6359 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6359-1 [email protected] https://www.debian.org/securit...

Photon OS 4.0: Wireshark PHSA-2026-4.0-1036

An update of the wireshark package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1036. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-54604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - openslide - None CVE-2026-54604 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable,...

Linux Distros Unpatched Vulnerability : CVE-2026-56409

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used. CVE-2026-56409 Note that Nessus relies on the presence...

Debian dsa-6357 : python-pil-doc - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6357 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6357-1 [email protected] https://www.debian.org/securit...

Fedora 44 : ongres-scram / ongres-stringprep / postgresql-jdbc (2026-3f51edec7b)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-3f51edec7b advisory. Ongres Scram update and security fix. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Linux Distros Unpatched Vulnerability : CVE-2026-56407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen. CVE-2026-56407 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2026-56404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in addBinding. CVE-2026-56404 Note that Nessus relies on the presence of the package as reported by the vendor...

Fedora 44 : 389-ds-base (2026-6d00814a85)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d00814a85 advisory. Resolves: CVE-2026-9064 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

RHEL 10 : kernel (RHSA-2026:27288)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27288 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix tx.buf...