Fedora 44 : python-pydantic-settings (2026-6b7571be30)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6b7571be30 advisory. Update to 2.14.2; fixes GHSA-4xgf-cpjx-pc3j. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...

Linux Distros Unpatched Vulnerability : CVE-2026-13026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Digital Credentials in Google Chrome on Mac prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a...

Fedora 43 : python3-docs / python3.14 (2026-b17b2a984a)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-b17b2a984a advisory. New Python release including bugfixes and security fixes. Tenable has extracted the preceding description block directly from the Fedora security...

Linux Distros Unpatched Vulnerability : CVE-2026-53159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA...

Linux Distros Unpatched Vulnerability : CVE-2026-13030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to obtain potentially sensitive information from process...

Linux Distros Unpatched Vulnerability : CVE-2026-13283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures ...

Fedora 43 : python-mistune (2026-c52d83db89)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c52d83db89 advisory. Security fix for CVE-2026-44898 by updating to 3.2.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Linux Distros Unpatched Vulnerability : CVE-2026-55621

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - incus - None lxd - None CVE-2026-55621 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Linux Distros Unpatched Vulnerability : CVE-2026-13031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-53173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit comma...

Linux Distros Unpatched Vulnerability : CVE-2026-55520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - python-protego - None Ubuntu Linux - Unknown description CVE-2026-55520 Note that Nessus relies on the presence of the package as reported by the...

Linux Distros Unpatched Vulnerability : CVE-2026-53230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist...

Linux Distros Unpatched Vulnerability : CVE-2026-46602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause...

Linux Distros Unpatched Vulnerability : CVE-2026-52949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/ttm: Fix ttmboshrink infinite LRU walk on backup failure Apply the same fix as b2ed01e7ad drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure to...

Linux Distros Unpatched Vulnerability : CVE-2026-52979

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: psp: check for device unregister when creating assoc pspassocdevicegetlocked obtains a pspdev reference via pspdevgetforsock which uses pspdevtryget under...

Fedora 44 : krita (2026-3bb1c72ffd)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3bb1c72ffd advisory. - Update to 6.0.2.1 - Fix CVE-2026-42144 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Linux Distros Unpatched Vulnerability : CVE-2026-56770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential...

Linux Distros Unpatched Vulnerability : CVE-2026-53259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after- free in ipv6chkacastaddr, which walks the global...

Linux Distros Unpatched Vulnerability : CVE-2025-60464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Servi...

Linux Distros Unpatched Vulnerability : CVE-2026-46604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TIFF decoder can panic when decoding an invalid image with an out-of-bounds strip offset. CVE-2026-46604 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2026-13311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - shell-quote prior to 1.8.5 finalizes parsed tokens in parse using Array.prototype.concat as a reduce accumulator, which reallocates and copies the entire growin...

Fedora 43 : pgadmin4 (2026-5938be3b09)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5938be3b09 advisory. Update to pgadmin-9.16. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Linux Distros Unpatched Vulnerability : CVE-2025-60471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidreconfiguretaskdiscard function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a...

Linux Distros Unpatched Vulnerability : CVE-2025-60474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS...

Fedora 44 : moby-engine (2026-d8e03bae55)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d8e03bae55 advisory. - Update to release v29.6.0 - Resolves: rhbz2490590 - Resolves CVE-2026-39828: rhbz2489945 - Resolves CVE-2026-39829: rhbz2490099 - Resolves...

Linux Distros Unpatched Vulnerability : CVE-2026-56130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Remember me cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie and reuse it indefinitely, even after the...

Linux Distros Unpatched Vulnerability : CVE-2026-56091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This...

Linux Distros Unpatched Vulnerability : CVE-2026-13033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read and write in BlinkInterestGroups in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted...

Linux Distros Unpatched Vulnerability : CVE-2026-53014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: actmirred: fix wrong device for macheaderxmit check in tcfblockcastredir In tcfblockcastredir, when iterating block ports to redirect packets to...

Linux Distros Unpatched Vulnerability : CVE-2026-53008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: fix race condition in TX timestamp ring cleanup Fix a race condition between icefreetxtstampring and icetxmap that can cause a NULL pointer dereference...

Linux Distros Unpatched Vulnerability : CVE-2026-13025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in DevTools in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox...

Fedora 44 : pgadmin4 (2026-c248414214)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c248414214 advisory. Update to pgadmin-9.16. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Linux Distros Unpatched Vulnerability : CVE-2026-48751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - incus - None lxd - None CVE-2026-48751 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Linux Distros Unpatched Vulnerability : CVE-2026-48749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - incus - None lxd - None CVE-2026-48749 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Linux Distros Unpatched Vulnerability : CVE-2026-13038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Autofill in Google Chrome on Windows prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-13029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Web Authentication in Google Chrome prior to 149.0.7827.197 allowed an attacker who convinced a user to install a malicious extension to...

Linux Distros Unpatched Vulnerability : CVE-2026-23879

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an a...

Fedora 43 : dotnet10.0 (2026-a424c1061e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a424c1061e advisory. Update to .NET SDK 10.0.109 and Runtime 10.0.9 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...

Linux Distros Unpatched Vulnerability : CVE-2026-54679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive...

Linux Distros Unpatched Vulnerability : CVE-2025-60473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denia...

Linux Distros Unpatched Vulnerability : CVE-2026-13028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...

Fedora 43 : krita (2026-45b342f7c1)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-45b342f7c1 advisory. Fix CVE-2026-42144: integer overflow Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

Fedora 43 : dotnet9.0 (2026-2954cd11bd)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2954cd11bd advisory. Update to .NET SDK 9.0.118 and Runtime 9.0.17 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...

Linux Distros Unpatched Vulnerability : CVE-2026-48755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - incus - None lxd - None CVE-2026-48755 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Linux Distros Unpatched Vulnerability : CVE-2026-13036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-55622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - incus - None lxd - None CVE-2026-55622 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Linux Distros Unpatched Vulnerability : CVE-2026-13032

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...

Linux Distros Unpatched Vulnerability : CVE-2026-48769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - incus - None lxd - None CVE-2026-48769 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Fedora 44 : dotnet10.0 (2026-dec081126f)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dec081126f advisory. Update to .NET SDK 10.0.109 and Runtime 10.0.9 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...

Linux Distros Unpatched Vulnerability : CVE-2026-53098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: mt7915: fix use-after-free bugs in mt7915macdumpwork When the mt7915 pci chip is detaching, the mt7915crashdata is released in...