Updated Nessus Plugins from Tenable https://www.tenable.com/plugins/feeds?sort=updated&type=nessus Get the latest plugin updates from Tenable Tue, 17 Mar 2026 09:39:17 GMT https://validator.w3.org/feed/docs/rss2.html Tenable Plugins Updated Nessus Plugins from Tenable https://www.tenable.com/themes/custom/tenable/img/favicons/apple-touch-icon.png https://www.tenable.com/plugins/feeds?sort=updated&type=nessus Copyright 2026 Tenable, Inc. All rights reserved. <![CDATA[Unity Linux 20.1070a Security Update: binutils (UTSA-2026-006200)]]> https://www.tenable.com/plugins/nessus/302362 https://www.tenable.com/plugins/nessus/302362 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302362 with Medium Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006200 advisory.

 A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected binutils package.

Read more at https://www.tenable.com/plugins/nessus/302362

]]> <![CDATA[Unity Linux 20.1070a Security Update: binutils (UTSA-2026-006196)]]> https://www.tenable.com/plugins/nessus/302356 https://www.tenable.com/plugins/nessus/302356 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302356 with Medium Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006196 advisory.

 A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected binutils package.

Read more at https://www.tenable.com/plugins/nessus/302356

]]> <![CDATA[Fedora 42 : wireshark (2026-a92f2096cd)]]> https://www.tenable.com/plugins/nessus/302349 https://www.tenable.com/plugins/nessus/302349 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302349 with High Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a92f2096cd advisory.

 New version 4.6.4


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected 1:wireshark package.

Read more at https://www.tenable.com/plugins/nessus/302349

]]> <![CDATA[Fedora 43 : wireshark (2026-f7473d3da8)]]> https://www.tenable.com/plugins/nessus/302346 https://www.tenable.com/plugins/nessus/302346 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302346 with High Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f7473d3da8 advisory.

 New version 4.6.4


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected 1:wireshark package.

Read more at https://www.tenable.com/plugins/nessus/302346

]]> <![CDATA[Fedora 43 : pcs (2026-88c901f6a2)]]> https://www.tenable.com/plugins/nessus/302338 https://www.tenable.com/plugins/nessus/302338 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302338 with High Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-88c901f6a2 advisory.

 - Rebased pcs to the newest major version (see CHANGELOG.md)
 - Updated standalone web UI and HA Cluster Management Cockpit application to pcs-web-ui 0.1.24.2 (see CHANGELOG_WUI.md)
 - Fixed FTBFS with Python 3.15
 - Fixed issues with installing pcs on Fedora 43+, upgrade and uninstall



Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected pcs package.

Read more at https://www.tenable.com/plugins/nessus/302338

]]> <![CDATA[Fedora 43 : insight (2026-0106837085)]]> https://www.tenable.com/plugins/nessus/302337 https://www.tenable.com/plugins/nessus/302337 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302337 with Medium Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0106837085 advisory.

 New upstream snapshot.
 Fixes CVEs 2025-11494, 2025-11495, 2026-2341, 2026-3441, 2026-3442.
 Fixes CVEs 2025-69644, 2025-69645, 2025-69646.
 Fixes FTBFS.
 Relax BR of itcl/itk/iwidgets.
 Patch libtool_tag to force C++ language tagging in libtool.

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected insight package.

Read more at https://www.tenable.com/plugins/nessus/302337

]]> <![CDATA[Fedora 42 : pcs (2026-c8dc2c0de3)]]> https://www.tenable.com/plugins/nessus/302336 https://www.tenable.com/plugins/nessus/302336 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302336 with High Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c8dc2c0de3 advisory.

 - Rebased pcs to the newest major version (see CHANGELOG.md)
 - Updated standalone web UI and HA Cluster Management Cockpit application to pcs-web-ui 0.1.24.2 (see CHANGELOG_WUI.md)
 - Fixed FTBFS with Python 3.15
 - Fixed issues with installing pcs on Fedora 43+, upgrade and uninstall

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected pcs package.

Read more at https://www.tenable.com/plugins/nessus/302336

]]> <![CDATA[Fedora 42 : insight (2026-8af0e7ea3e)]]> https://www.tenable.com/plugins/nessus/302335 https://www.tenable.com/plugins/nessus/302335 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302335 with Medium Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8af0e7ea3e advisory.

 New upstream snapshot.
 Fixes CVEs 2025-11494, 2025-11495, 2026-2341, 2026-3441, 2026-3442.
 Fixes CVEs 2025-69644, 2025-69645, 2025-69646.
 Fixes FTBFS.
 Relax BR of itcl/itk/iwidgets.
 Patch libtool_tag to force C++ language tagging in libtool.

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected insight package.

Read more at https://www.tenable.com/plugins/nessus/302335

]]> <![CDATA[Fedora 43 : systemd (2026-0e8eeb6a8a)]]> https://www.tenable.com/plugins/nessus/302334 https://www.tenable.com/plugins/nessus/302334 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302334 with Medium Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0e8eeb6a8a advisory.

 - A bunch of bugfixes
 - More sanitization for invalid values received from hardware and firmware


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected systemd package.

Read more at https://www.tenable.com/plugins/nessus/302334

]]> <![CDATA[Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006192)]]> https://www.tenable.com/plugins/nessus/302325 https://www.tenable.com/plugins/nessus/302325 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302325 with Medium Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006192 advisory.

 A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3.
 Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected assimp package.

Read more at https://www.tenable.com/plugins/nessus/302325

]]> <![CDATA[Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006180)]]> https://www.tenable.com/plugins/nessus/302317 https://www.tenable.com/plugins/nessus/302317 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302317 with Medium Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006180 advisory.

 A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic.
 Affected by this issue is the function MDLImporter::ImportUVCoordinate_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument iIndex leads to out-of-bounds read. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected assimp package.

Read more at https://www.tenable.com/plugins/nessus/302317

]]> <![CDATA[Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006193)]]> https://www.tenable.com/plugins/nessus/302303 https://www.tenable.com/plugins/nessus/302303 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302303 with Medium Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006193 advisory.

 A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected assimp package.

Read more at https://www.tenable.com/plugins/nessus/302303

]]> <![CDATA[Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006186)]]> https://www.tenable.com/plugins/nessus/302298 https://www.tenable.com/plugins/nessus/302298 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302298 with Medium Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006186 advisory.

 A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected assimp package.

Read more at https://www.tenable.com/plugins/nessus/302298

]]> <![CDATA[Unity Linux 20.1070e Security Update: autogen (UTSA-2026-006166)]]> https://www.tenable.com/plugins/nessus/302285 https://www.tenable.com/plugins/nessus/302285 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302285 with Medium Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006166 advisory.

 A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this bug appears to be in libopts which is an external library. This vulnerability only affects products that are no longer supported by the maintainer.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected autogen package.

Read more at https://www.tenable.com/plugins/nessus/302285

]]> <![CDATA[Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006188)]]> https://www.tenable.com/plugins/nessus/302281 https://www.tenable.com/plugins/nessus/302281 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302281 with Medium Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006188 advisory.

 A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The manipulation of the argument pcSurface2 leads to out-of-bounds read. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
 The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected assimp package.

Read more at https://www.tenable.com/plugins/nessus/302281

]]> <![CDATA[Unity Linux 20.1070e Security Update: vim (UTSA-2026-006175)]]> https://www.tenable.com/plugins/nessus/302278 https://www.tenable.com/plugins/nessus/302278 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302278 with Low Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006175 advisory.

 A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected vim package.

Read more at https://www.tenable.com/plugins/nessus/302278

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3082]]> https://www.tenable.com/plugins/nessus/302271 https://www.tenable.com/plugins/nessus/302271 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302271 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of Huffman tables. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28840. (CVE-2026-3082)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302271

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-31899]]> https://www.tenable.com/plugins/nessus/302268 https://www.tenable.com/plugins/nessus/302268 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302268 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via recursive element amplification in cairosvg/defs.py. This causes CPU exhaustion from a small input. (CVE-2026-31899)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302268

]]> <![CDATA[SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup (SUSE-SU-2026:0894-1)]]> https://www.tenable.com/plugins/nessus/302258 https://www.tenable.com/plugins/nessus/302258 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302258 with Medium Severity

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0894-1 advisory.

 This update for libsoup fixes the following issue:

 - CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/302258

]]> <![CDATA[Google Chrome < 146.0.7680.80 Vulnerability]]> https://www.tenable.com/plugins/nessus/302242 https://www.tenable.com/plugins/nessus/302242 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302242 with High Severity

Synopsis

A web browser installed on the remote macOS host is affected by a vulnerability.

Description

The version of Google Chrome installed on the remote macOS host is prior to 146.0.7680.80. It is, therefore, affected by a vulnerability as referenced in the 2026_03_stable-channel-update-for-desktop_13 advisory.

 - Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3909)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 146.0.7680.80 or later.

Read more at https://www.tenable.com/plugins/nessus/302242

]]> <![CDATA[Google Chrome < 146.0.7680.80 Vulnerability]]> https://www.tenable.com/plugins/nessus/302241 https://www.tenable.com/plugins/nessus/302241 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302241 with High Severity

Synopsis

A web browser installed on the remote Windows host is affected by a vulnerability.

Description

The version of Google Chrome installed on the remote Windows host is prior to 146.0.7680.80. It is, therefore, affected by a vulnerability as referenced in the 2026_03_stable-channel-update-for-desktop_13 advisory.

 - Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3909)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 146.0.7680.80 or later.

Read more at https://www.tenable.com/plugins/nessus/302241

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3979]]> https://www.tenable.com/plugins/nessus/302202 https://www.tenable.com/plugins/nessus/302202 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302202 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function js_iterator_concat_return of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name:
 daab4ad4bae4ef071ed0294618d6244e92def4cd. Applying a patch is the recommended action to fix this issue.
 (CVE-2026-3979)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302202

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3884]]> https://www.tenable.com/plugins/nessus/302200 https://www.tenable.com/plugins/nessus/302200 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302200 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the spin() function that allows a creation of more than 1 alert for each 'target' element. An attacker would need to set an arbitrary key-value pair on Object.prototype through a crafted URL achieving a prototype pollution first, before being able to execute arbitrary JavaScript in the context of the user's browser.
 (CVE-2026-3884)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302200

]]> <![CDATA[Cisco Secure Endpoint ClamAV CSS Parsing DoS (cisco-sa-clamav-css-Fn4QSZ)]]> https://www.tenable.com/plugins/nessus/302191 https://www.tenable.com/plugins/nessus/302191 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302191 with Medium Severity

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

According to its self-reported version, Cisco Secure Endpoint is affected by a denial of service (DoS) vulnerability.

 - A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit this vulnerability by submitting a crafted HTML file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the scanning process. (CVE-2026-20031)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwr70252, CSCwr70255, CSCwr70268.

Read more at https://www.tenable.com/plugins/nessus/302191

]]> <![CDATA[Cisco IOS XR Software CLI Privilege Escalation (cisco-sa-iosxr-privesc-bF8D5U4W)]]> https://www.tenable.com/plugins/nessus/302176 https://www.tenable.com/plugins/nessus/302176 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302176 with High Severity

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS XR is affected by a vulnerability.

 - A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands. (CVE-2026-20040)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwp27221, CSCwp30135, CSCwp30142, CSCwp30146, CSCwp30149, CSCwp32614, CSCwp32629, CSCwp33021, CSCwp33030, CSCwp33034, CSCwp35627, CSCwp84685, CSCws24696, CSCws24717, CSCws24740

Read more at https://www.tenable.com/plugins/nessus/302176

]]> <![CDATA[Cisco IOS XR Software CLI Privilege Escalation (cisco-sa-iosxr-privesc-bF8D5U4W) (CVE-2026-20046)]]> https://www.tenable.com/plugins/nessus/302175 https://www.tenable.com/plugins/nessus/302175 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302175 with High Severity

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS XR is affected by a vulnerability.

 - A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker with a low-privileged account could exploit this vulnerability by using the CLI command to bypass the task group-based checks. A successful exploit could allow the attacker to elevate privileges and perform actions on an affected device without authorization checks. (CVE-2026-20046)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwp87543

Read more at https://www.tenable.com/plugins/nessus/302175

]]> <![CDATA[Cisco Secure Firewall Management Center Software Authentication Bypass (cisco-sa-onprem-fmc-authbypass-5JPp45V2)]]> https://www.tenable.com/plugins/nessus/302174 https://www.tenable.com/plugins/nessus/302174 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302174 with Critical Severity

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwr96008.

Read more at https://www.tenable.com/plugins/nessus/302174

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-70873]]> https://www.tenable.com/plugins/nessus/302173 https://www.tenable.com/plugins/nessus/302173 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302173 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file. (CVE-2025-70873)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302173

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3910]]> https://www.tenable.com/plugins/nessus/302169 https://www.tenable.com/plugins/nessus/302169 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302169 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3910)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302169

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3909]]> https://www.tenable.com/plugins/nessus/302167 https://www.tenable.com/plugins/nessus/302167 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302167 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3909)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302167

]]> <![CDATA[Security Updates for Microsoft System Center Operations Manager (March 2026)]]> https://www.tenable.com/plugins/nessus/302166 https://www.tenable.com/plugins/nessus/302166 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302166 with High Severity

Synopsis

A web application hosted on the remote Windows system is affected by an elevation of privilege vulnerability.

Description

The version of Microsoft System Center Operations Manager installed on the remote Windows host is affected by an elevation of privilege vulnerability. A remote, authenticated attacker can exploit this vulnerability by sending a specially crafted request to an affected SCOM instance.

Solution

Microsoft has released a set of patches for System Center Operations Manager 2019, 2022, and 2025.

Read more at https://www.tenable.com/plugins/nessus/302166

]]> <![CDATA[SAP NetWeaver AS ABAP Missing Authorization Check (3703856)]]> https://www.tenable.com/plugins/nessus/302165 https://www.tenable.com/plugins/nessus/302165 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302165 with Medium Severity

Synopsis

The remote SAP NetWeaver ABAP server is affected by a missing authorization check vulnerability.

Description

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026:

 - Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced system performance or interruptions. The vulnerability has low impact on the application's integrity and availability, with no effect on confidentiality. (CVE-2026-24309)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply the appropriate patch according to the vendor advisory.

Read more at https://www.tenable.com/plugins/nessus/302165

]]> <![CDATA[SAP NetWeaver AS ABAP SSRF (3689080)]]> https://www.tenable.com/plugins/nessus/302164 https://www.tenable.com/plugins/nessus/302164 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302164 with Medium Severity

Synopsis

The remote SAP NetWeaver ABAP server is affected by a server-side request forgery (SSRF) vulnerability.

Description

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a server-side request forgery (SSRF) vulnerability as referenced in the SAP Security Patch Day March 2026:

 - SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnerable to Server-Side Request Forgery (SSRF). Successful exploitation could lead to interaction with potentially sensitive internal endpoints, resulting in a low impact on data confidentiality and integrity. There is no impact on availability of the application. (CVE-2026-24316)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply the appropriate patch according to the vendor advisory.

Read more at https://www.tenable.com/plugins/nessus/302164

]]> <![CDATA[SAP NetWeaver AS ABAP Missing Authorization Check (3704740)]]> https://www.tenable.com/plugins/nessus/302163 https://www.tenable.com/plugins/nessus/302163 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302163 with Medium Severity

Synopsis

The remote SAP NetWeaver ABAP server is affected by a missing authorization check vulnerability.

Description

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026:

 - Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially escalate their privileges and read the sensitive data, resulting in a limited impact on the confidentiality of the information stored. However, the integrity and availability of the system are not affected. (CVE-2026-27688)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply the appropriate patch according to the vendor advisory.

Read more at https://www.tenable.com/plugins/nessus/302163

]]> <![CDATA[SAP NetWeaver AS ABAP Missing Authorization Check (3694383)]]> https://www.tenable.com/plugins/nessus/302162 https://www.tenable.com/plugins/nessus/302162 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302162 with Low Severity

Synopsis

The remote SAP NetWeaver ABAP server is affected by a missing authorization check vulnerability.

Description

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026:

 - Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module and read the sensitive information from database catalog of the ABAP system. This vulnerability has low impact on the application's confidentiality with no effect on the integrity and availability. (CVE-2026-24310)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply the appropriate patch according to the vendor advisory.

Read more at https://www.tenable.com/plugins/nessus/302162

]]> <![CDATA[Cisco Unified Intelligence Center XSS (cisco-sa-cc-xss-MrNAH5Jh)]]> https://www.tenable.com/plugins/nessus/302161 https://www.tenable.com/plugins/nessus/302161 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302161 with Medium Severity

Synopsis

The remote host is missing a vendor-supplied security patch.

Description

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwq50557.

Read more at https://www.tenable.com/plugins/nessus/302161

]]> <![CDATA[Cisco Finesse XSS (cisco-sa-cc-xss-MrNAH5Jh)]]> https://www.tenable.com/plugins/nessus/302160 https://www.tenable.com/plugins/nessus/302160 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302160 with Medium Severity

Synopsis

The remote host is missing a vendor-supplied security patch.

Description

According to its self-reported version, Cisco Finesse is affected by a cross-site scripting vulnerability in the web-based management interface due to insufficient validation of user-supplied input. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCws01830.

Read more at https://www.tenable.com/plugins/nessus/302160

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-4111]]> https://www.tenable.com/plugins/nessus/302158 https://www.tenable.com/plugins/nessus/302158 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302158 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives. (CVE-2026-4111)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302158

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-4105]]> https://www.tenable.com/plugins/nessus/302156 https://www.tenable.com/plugins/nessus/302156 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302156 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system. (CVE-2026-4105)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302156

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-4016]]> https://www.tenable.com/plugins/nessus/302155 https://www.tenable.com/plugins/nessus/302155 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302155 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svgin_process of the file src/filters/load_svg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The identifier of the patch is 7618d7206cdeb3c28961dc97ab0ecabaff0c8af2. It is suggested to install a patch to address this issue.
 (CVE-2026-4016)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302155

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-4015]]> https://www.tenable.com/plugins/nessus/302154 https://www.tenable.com/plugins/nessus/302154 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302154 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of the file src/filters/load_text.c of the component TeXML File Parser. Executing a manipulation can lead to stack- based buffer overflow. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be used for attacks. This patch is called d29f6f1ada5cc284cdfa783b6f532c7d8bd049a5. Applying a patch is advised to resolve this issue.
 (CVE-2026-4015)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302154

]]> <![CDATA[ImageMagick < 6.9.13-41 / 7.x < 7.1.2-16 Multiple Vulnerabilities]]> https://www.tenable.com/plugins/nessus/302153 https://www.tenable.com/plugins/nessus/302153 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302153 with High Severity

Synopsis

The remote Windows host has an application installed that is affected by multiple vulnerabilities.

Description

The remote Windows host has a version of ImageMagick installed that is prior to 6.9.13-41 and 7.x prior to 7.1.2-16. It is, therefore, affected by multiple vulnerabilities.

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain='path' authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write. (CVE-2026-28689)

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. (CVE-2026-28692)

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. (CVE-2026-30883)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to ImageMagick version 6.9.13-41 / 7.1.2-16 or later.

Read more at https://www.tenable.com/plugins/nessus/302153

]]> <![CDATA[Microsoft Windows Admin Center Local Privilege Escalation (February 2026)]]> https://www.tenable.com/plugins/nessus/302151 https://www.tenable.com/plugins/nessus/302151 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302151 with High Severity

Synopsis

The remote Windows host contains an application that is affected by a local privilege escalation vulnerability.

Description

The remote Windows host is running a version of Microsoft Windows Admin Center that is missing a security update. It is, therefore, affected by a local privilege escalation vulnerability. Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network. (CVE-2026-26119)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply the appropriate update referenced in the Microsoft advisory.

Read more at https://www.tenable.com/plugins/nessus/302151

]]> <![CDATA[Ivanti Desktop and Server Management (DSM) < 2026.1.1 Privilege Escalation (CVE-2026-3483)]]> https://www.tenable.com/plugins/nessus/302138 https://www.tenable.com/plugins/nessus/302138 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302138 with High Severity

Synopsis

The remote host is missing a security update.

Description

The version of Ivanti Desktop and Server Management (DSM) installed on the remote host is prior to 2026.1.1. It is, therefore, affected by a Privilege Escalation Vulnerability.

 - An exposed dangerous method in Ivanti DSM before version 2026.1.1 allows a local authenticated attacker to escalate their privileges. (CVE-2026-3483)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Ivanti DSM version 2026.1.1 or later.

Read more at https://www.tenable.com/plugins/nessus/302138

]]> <![CDATA[Adobe Experience Manager 6.5.x < 6.5.24 / 6.5 LTS SP1 Multiple Vulnerabilities (APSB26-24)]]> https://www.tenable.com/plugins/nessus/302135 https://www.tenable.com/plugins/nessus/302135 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302135 with Medium Severity

Synopsis

The Adobe Experience Manager instance installed on the remote host is affected by multiple vulnerabilities.

Description

The version of Adobe Experience Manager installed on the remote host is prior to 6.5.24. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-24 advisory.

 - Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

See vendor advisory.

Read more at https://www.tenable.com/plugins/nessus/302135

]]> <![CDATA[Unity Linux 20.1060e / 20.1070e Security Update: erlang (UTSA-2026-006131)]]> https://www.tenable.com/plugins/nessus/302133 https://www.tenable.com/plugins/nessus/302133 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302133 with Critical Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006131 advisory.

 Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected erlang package.

Read more at https://www.tenable.com/plugins/nessus/302133

]]> <![CDATA[Security Update for Microsoft .NET Core (March 2026)]]> https://www.tenable.com/plugins/nessus/302122 https://www.tenable.com/plugins/nessus/302122 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302122 with High Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The version of tested product installed on the remote host is 8.x prior to 8.0.25, 9.x prior to 9.0.14, or 10.x prior to 10.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory:

 - Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. (CVE-2026-26127)

 - Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. (CVE-2026-26130)

 - Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
 (CVE-2026-26131)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update .NET Core, remove vulnerable packages and refer to vendor advisory.

Read more at https://www.tenable.com/plugins/nessus/302122

]]> <![CDATA[Security Update for Microsoft .NET Core SDK (March 2026)]]> https://www.tenable.com/plugins/nessus/302121 https://www.tenable.com/plugins/nessus/302121 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302121 with High Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The version of .NET Core SDK installed on the remote host is 8.x prior to 8.0.125, 8.0.4xx prior to 8.0.419, 9.x prior to 9.0.115, 9.0.3xx prior to 9.312, or 10.x prior to 10.0.104. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory:

 - Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. (CVE-2026-26127)

 - Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. (CVE-2026-26130)

 - Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
 (CVE-2026-26131)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version nuber.

Solution

Update .NET Core SDK, remove vulnerable packages and refer to the vendor advisory.

Read more at https://www.tenable.com/plugins/nessus/302121

]]> <![CDATA[Zoom Rooms < 6.6.5 Improper Input Validation (ZSB-26003)]]> https://www.tenable.com/plugins/nessus/302114 https://www.tenable.com/plugins/nessus/302114 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302114 with High Severity

Synopsis

The remote host has an application installed that is affected by a vulnerability.

Description

The version of Zoom Rooms installed on the remote host is prior to 6.6.5. It is, therefore, affected by a vulnerability as referenced in the ZSB-26003 advisory.

 - Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access. (CVE-2026-30901)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Zoom Rooms 6.6.5 or later.

Read more at https://www.tenable.com/plugins/nessus/302114

]]> <![CDATA[SAP NetWeaver AS Java Multiple Vulnerabilities (3700960)]]> https://www.tenable.com/plugins/nessus/302113 https://www.tenable.com/plugins/nessus/302113 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302113 with High Severity

Synopsis

The remote SAP NetWeaver AS Java server is affected by a multiple vulnerabilities.

Description

The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a affected by a multiple vulnerabilities as disclosed in the SAP Security Patch Day March 2026:

 - An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. (CVE-2025-9230)

 - An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'no_proxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. An out-of-bounds read can trigger a crash which leads to Denial of Service for an application. The OpenSSL HTTP client API functions can be used directly by applications but they are also used by the OCSP client functions and CMP (Certificate Management Protocol) client implementation in OpenSSL. However the URLs used by these implementations are unlikely to be controlled by an attacker. In this vulnerable code the out of bounds read can only trigger a crash. Furthermore the vulnerability requires an attacker-controlled URL to be passed from an application to the OpenSSL function and the user has to have a 'no_proxy' environment variable set. (CVE-2025-9232)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply the appropriate patch according to the vendor advisory.

Read more at https://www.tenable.com/plugins/nessus/302113

]]> <![CDATA[SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup2 (SUSE-SU-2026:0886-1)]]> https://www.tenable.com/plugins/nessus/302107 https://www.tenable.com/plugins/nessus/302107 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302107 with Medium Severity

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0886-1 advisory.

 This update for libsoup2 fixes the following issue:

 - CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/302107

]]> <![CDATA[TencentOS Server 3: nodejs:20 (TSSA-2026:0171)]]> https://www.tenable.com/plugins/nessus/302074 https://www.tenable.com/plugins/nessus/302074 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302074 with Medium Severity

Synopsis

The remote TencentOS Server 3 host is missing one or more security updates.

Description

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0171 advisory.

 Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:

 CVE-2025-55130:
 A flaw in Node.jss Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files. This breaks the expected isolation guarantees and enables arbitrary file read/write, leading to potential system compromise.
 This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25.

 CVE-2025-55131:
 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover data from previous operations, allowing in-process secrets like tokens or passwords to leak or causing data corruption. While exploitation typically requires precise timing or in-process code execution, it can become remotely exploitable when untrusted input influences workload and timeouts, leading to potential confidentiality and integrity impact.

 CVE-2025-55132:
 A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via futimes() even when the process has only read permissions. Unlike utimes(), futimes() does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25.

 CVE-2025-59465:
 A malformed HTTP/2 HEADERS frame with oversized, invalid HPACK data can cause Node.js to crash by triggering an unhandled TLSSocket error ECONNRESET. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example:

 server.on('secureConnection', socket => { socket.on('error', err => { console.log(err) }) })


 CVE-2025-59466:
 We have identified a bug in Node.js error handling where Maximum call stack size exceeded errors become uncatchable when async_hooks.createHook() is enabled. Instead of reaching process.on('uncaughtException'), the process terminates, making the crash unrecoverable. Applications that rely on AsyncLocalStorage (v22, v20) or async_hooks.createHook() (v24, v22, v20) become vulnerable to denial-of-service crashes triggered by deep recursion under specific conditions.

 CVE-2026-21637:
 A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue. This vulnerability affects TLS servers using PSK or ALPN callbacks across Node.js versions where these callbacks throw without being safely wrapped.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/302074

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3950]]> https://www.tenable.com/plugins/nessus/302001 https://www.tenable.com/plugins/nessus/302001 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302001 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and might be used.
 Applying a patch is the recommended action to fix this issue. The patch available is inofficial and not approved yet. (CVE-2026-3950)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302001

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3949]]> https://www.tenable.com/plugins/nessus/302000 https://www.tenable.com/plugins/nessus/302000 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 302000 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdec_push_data2 of the file libheif/plugins/decoder_vvdec.cc of the component HEIF File Parser. Executing a manipulation of the argument size can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. This patch is called b97c8b5f198b27f375127cd597a35f2113544d03. It is advisable to implement a patch to correct this issue.
 (CVE-2026-3949)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302000

]]> <![CDATA[Security Updates for Microsoft SQL Server (March 2026)]]> https://www.tenable.com/plugins/nessus/301981 https://www.tenable.com/plugins/nessus/301981 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301981 with High Severity

Synopsis

The Microsoft SQL Server installation on the remote host is missing a security update.

Description

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerabilities:

 - A privilege escalation vulnerability (CVE-2026-21262, CVE-2026-26115, CVE-2026-26116)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Microsoft has released security updates for Microsoft SQL Server.

Read more at https://www.tenable.com/plugins/nessus/301981

]]> <![CDATA[Security Updates for Microsoft SQL Server (March 2026) (Remote)]]> https://www.tenable.com/plugins/nessus/301980 https://www.tenable.com/plugins/nessus/301980 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301980 with High Severity

Synopsis

The Microsoft SQL Server installation on the remote host is missing a security update.

Description

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerabilities:

 - A privilege escalation vulnerability (CVE-2026-21262, CVE-2026-26115, CVE-2026-26116)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Microsoft has released security updates for Microsoft SQL Server.

Read more at https://www.tenable.com/plugins/nessus/301980

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3994]]> https://www.tenable.com/plugins/nessus/301960 https://www.tenable.com/plugins/nessus/301960 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301960 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X86_64::initialize_sections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet. (CVE-2026-3994)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301960

]]> <![CDATA[Slackware Linux 15.0 / current libxml2 Multiple Vulnerabilities (SSA:2026-070-02)]]> https://www.tenable.com/plugins/nessus/301909 https://www.tenable.com/plugins/nessus/301909 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301909 with Medium Severity

Synopsis

The remote Slackware Linux host is missing a security update to libxml2.

Description

The version of libxml2 installed on the remote host is prior to 2.11.9 / 2.15.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-070-02 advisory.

 New libxml2 packages are available for Slackware 15.0 and -current to fix security issues.

Tenable has extracted the preceding description block directly from the libxml2 security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the affected libxml2 package.

Read more at https://www.tenable.com/plugins/nessus/301909

]]> <![CDATA[FreeBSD : Gitlab -- vulnerabilities (0236eab0-1d62-11f1-88f8-2cf05da270f3)]]> https://www.tenable.com/plugins/nessus/301881 https://www.tenable.com/plugins/nessus/301881 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301881 with Medium Severity

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0236eab0-1d62-11f1-88f8-2cf05da270f3 advisory.

 Gitlab reports:
 Cross-site Scripting issue in Markdown placeholder processing impacts GitLab CE/EE Denial of Service issue in GraphQL API impacts GitLab CE/EE Denial of Service issue in repository archive endpoint impacts GitLab CE/EE Denial of Service issue in protected branches API impacts GitLab CE/EE Denial of Service issue in webhook custom headers impacts GitLab CE/EE Denial of Service issue in webhook endpoint impacts GitLab CE/EE Improper Neutralization of CRLF Sequences issue impacts GitLab CE/EE Improper Access Control issue in runners API impacts GitLab CE/EE Improper Access Control issue in snippet rendering impacts GitLab CE/EE Information Disclosure issue in inaccessible issues impacts GitLab CE/EE Missing Authorization issue in Group Import impacts GitLab CE/EE Incorrect Reference issue in repository download impacts GitLab CE/EE Incorrect Authorization issue in Virtual Registry impacts GitLab EE Improper Escaping of Output issue in Datadog integration impacts GitLab CE/EE

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301881

]]> <![CDATA[GitLab 10.6 < 18.7.6 / 18.8 < 18.8.6 / 18.9 < 18.9.2 (CVE-2026-1090)]]> https://www.tenable.com/plugins/nessus/301878 https://www.tenable.com/plugins/nessus/301878 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301878 with Medium Severity

Synopsis

The version of GitLab installed on the remote host is affected by a vulnerability.

Description

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user, when the `markdown_placeholders` feature flag was enabled, to inject JavaScript in a browser due to improper sanitization of placeholder content in markdown processing. (CVE-2026-1090)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to GitLab version 18.7.6, 18.8.6, 18.9.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301878

]]> <![CDATA[Splunk Enterprise 9.3.0 < 9.3.10, 9.4.0 < 9.4.9, 10.0.0 < 10.0.3 (SVD-2026-0303)]]> https://www.tenable.com/plugins/nessus/301873 https://www.tenable.com/plugins/nessus/301873 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301873 with Medium Severity

Synopsis

An application running on a remote web server host is affected by a vulnerability

Description

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0303 advisory.

 - In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, 10.0.2503.11, and 9.3.2411.123, a low-privileged user that does not hold the admin or power Splunk roles could access the `/splunkd/__raw/servicesNS/-/-/configs/conf- passwords` REST API endpoint, which exposes the hashed or plaintext password values that are stored in the passwords.conf configuration file due to improper access control. This vulnerability could allow for the unauthorized disclosure of sensitive credentials. (CVE-2026-20164)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade Splunk Enterprise to versions 10.2.0, 10.0.3, 9.4.9, 9.3.10 or higher. Splunk is actively monitoring and patching Splunk Cloud Platform instances.

Read more at https://www.tenable.com/plugins/nessus/301873

]]> <![CDATA[Splunk Enterprise 9.3.0 < 9.3.10, 9.4.0 < 9.4.9, 10.0.0 < 10.0.4, 10.2.0 < 10.2.1 (SVD-2026-0304)]]> https://www.tenable.com/plugins/nessus/301872 https://www.tenable.com/plugins/nessus/301872 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301872 with Medium Severity

Synopsis

An application running on a remote web server host is affected by a vulnerability

Description

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0304 advisory.

 - In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the admin or power Splunk roles could retrieve sensitive information by inspecting the job's search log due to improper access control in the MongoClient logging channel. (CVE-2026-20165)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade Splunk Enterprise to versions 10.2.1, 10.0.4, 9.4.9, 9.3.10, or higher. Splunk is actively monitoring and patching Splunk Cloud Platform instances.

Read more at https://www.tenable.com/plugins/nessus/301872

]]> <![CDATA[Splunk Enterprise 10.0.0 < 10.0.4, 10.2.0 < 10.2.1 (SVD-2026-0305)]]> https://www.tenable.com/plugins/nessus/301871 https://www.tenable.com/plugins/nessus/301871 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301871 with Medium Severity

Synopsis

An application running on a remote web server host is affected by a vulnerability

Description

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0305 advisory.

 - In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.0.2503.12, a low-privileged user that does not hold the admin or power Splunk roles could retrieve the Observability Cloud API access token through the Discover Splunk Observability Cloud app due to improper access control. This vulnerability does not affect Splunk Enterprise versions below 9.4.9 and 9.3.10 because the Discover Splunk Observability Cloud app does not come with Splunk Enterprise. (CVE-2026-20166)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade Splunk Enterprise to versions 10.2.1, 10.0.4, or higher. Splunk is actively monitoring and patching Splunk Cloud Platform instances. To eliminate further risk and help ensure a high level of security in your environment, you must perform the following recommended actions after you upgrade Splunk Enterprise: Rotate the Observability API token (Create and manage organization access tokens using Splunk Observability Cloud).

Read more at https://www.tenable.com/plugins/nessus/301871

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-26131]]> https://www.tenable.com/plugins/nessus/301849 https://www.tenable.com/plugins/nessus/301849 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301849 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
 (CVE-2026-26131)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301849

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-30930]]> https://www.tenable.com/plugins/nessus/301848 https://www.tenable.com/plugins/nessus/301848 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301848 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, The TimescaleDB export module constructs SQL queries using string concatenation with unsanitized system monitoring data. The normalize() method wraps string values in single quotes but does not escape embedded single quotes, making SQL injection trivial via attacker-controlled data such as process names, filesystem mount points, network interface names, or container names. This vulnerability is fixed in 4.5.1. (CVE-2026-30930)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301848

]]> <![CDATA[openSUSE 15 Security Update : c3p0 and mchange-commons (SUSE-SU-2026:0855-1)]]> https://www.tenable.com/plugins/nessus/301811 https://www.tenable.com/plugins/nessus/301811 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301811 with High Severity

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0855-1 advisory.

 c3p0:

 - Security issues fixed:

 - CVE-2026-27830: Fixed unsafe object deserialization (bsc#1258942)

 - Fix the null pointer exception in the userOverridesAsString method (bsc#1259313).

 mchange-commons:

 - Security issues fixed:

 - CVE-2026-27727: Disabled remote ClassLoading when dereferencing javax.naming.Reference instances (bsc#1258913)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected c3p0, c3p0-javadoc, mchange-commons and / or mchange-commons-javadoc packages.

Read more at https://www.tenable.com/plugins/nessus/301811

]]> <![CDATA[Security Updates for Microsoft Office Products (March 2026) (macOS)]]> https://www.tenable.com/plugins/nessus/301784 https://www.tenable.com/plugins/nessus/301784 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301784 with High Severity

Synopsis

The Microsoft Office product installed on the remote host is affected by multiple vulnerabilities

Description

The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the march-10-2026 advisory.

 - Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
 (CVE-2026-26113)

 - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
 (CVE-2026-26107)

 - Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. (CVE-2026-26108)

 - Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
 (CVE-2026-26109)

 - Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. (CVE-2026-26112)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update to Office for Mac version 16.107 or later.

Read more at https://www.tenable.com/plugins/nessus/301784

]]> <![CDATA[KB5078740: Windows Server 2025 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301780 https://www.tenable.com/plugins/nessus/301780 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301780 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5078740 or hotpatch 5078736. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. (CVE-2026-24283)

 - Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
 (CVE-2026-24285)

 - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.
 (CVE-2026-26111)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5078740 or hotpatch 5078736

Read more at https://www.tenable.com/plugins/nessus/301780

]]> <![CDATA[Security Updates for Microsoft SharePoint Server 2016 (March 2026)]]> https://www.tenable.com/plugins/nessus/301779 https://www.tenable.com/plugins/nessus/301779 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301779 with Critical Severity

Synopsis

The Microsoft SharePoint Server 2016 installation on the remote host is affected by multiple vulnerabilities.

Description

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities:

 - Remote Code Execution vulnerabilities (CVE-2026-26106, CVE-2026-26113, CVE-2026-26114)
- Spoofing vulnerability in Microsoft SharePoint Server Subscription Edition (CVE-2026-26105)

Note that Nessus has not tested for these issues but instead relies on the application's self-reported version number.

Solution

Microsoft has released security updates to address this issue.

Read more at https://www.tenable.com/plugins/nessus/301779

]]> <![CDATA[Security Updates for Microsoft Excel Products C2R (March 2026)]]> https://www.tenable.com/plugins/nessus/301778 https://www.tenable.com/plugins/nessus/301778 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301778 with High Severity

Synopsis

The Microsoft Excel Products are missing a security update.

Description

The Microsoft Excel Products are missing a security update. It is, therefore, affected by the following vulnerabilities:

 - Remote code execution vulnerabilities that an attacker can exploit to bypass authentication and execute unauthorized arbitrary commands. (CVE-2026-26107, CVE-2026-26108, CVE-2026-26109, CVE-2026-26112)

 - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2026-26144)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Microsoft has released patches to address these issues.

For Office 365, Office 2016 C2R, or Office 2019, ensure automatic updates are enabled or open any office app and manually perform an update.

Read more at https://www.tenable.com/plugins/nessus/301778

]]> <![CDATA[Security Updates for Microsoft Office Products (March 2026)]]> https://www.tenable.com/plugins/nessus/301777 https://www.tenable.com/plugins/nessus/301777 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301777 with High Severity

Synopsis

The Microsoft Office Products are affected by multiple remote code execution vulnerabilities.

Description

The Microsoft Office Products are missing security updates. They are, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. (CVE-2026-26108, CVE-2026-26110)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Microsoft has released the following updates to address these issues:
 - KB5002718
 - KB5002838

Read more at https://www.tenable.com/plugins/nessus/301777

]]> <![CDATA[KB5078883: Windows 11 version 23H2 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301776 https://www.tenable.com/plugins/nessus/301776 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301776 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5078883. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.
 (CVE-2026-23667)

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
 (CVE-2026-24285)
- An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.
 (CVE-2026-25177, CVE-2026-25188)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5078883

Read more at https://www.tenable.com/plugins/nessus/301776

]]> <![CDATA[Security Updates for Microsoft SharePoint Server Subscription Edition (March 2026)]]> https://www.tenable.com/plugins/nessus/301775 https://www.tenable.com/plugins/nessus/301775 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301775 with Critical Severity

Synopsis

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing a security update.

Description

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities:

 - Remote Code Execution vulnerabilities (CVE-2026-26106, CVE-2026-26113)

 - Spoofing vulnerability in Microsoft SharePoint Server Subscription Edition (CVE-2026-26105)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Microsoft has released security updates to address this issue.

Read more at https://www.tenable.com/plugins/nessus/301775

]]> <![CDATA[KB5078775: Windows Server 2012 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301774 https://www.tenable.com/plugins/nessus/301774 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301774 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5078775. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
 (CVE-2026-24285)

 - Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally. (CVE-2026-24291)
- A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.
 (CVE-2026-26111) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5078775

Read more at https://www.tenable.com/plugins/nessus/301774

]]> <![CDATA[KB5079466: Windows 11 Version 26H1 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301773 https://www.tenable.com/plugins/nessus/301773 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301773 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5079466. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.
 (CVE-2026-23667)

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. (CVE-2026-24283)
- An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.
 (CVE-2026-25177, CVE-2026-25188)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5079466

Read more at https://www.tenable.com/plugins/nessus/301773

]]> <![CDATA[KB5078885: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301772 https://www.tenable.com/plugins/nessus/301772 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301772 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5078885. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.
 (CVE-2026-23667)

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
 (CVE-2026-24285)
- An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.
 (CVE-2026-25177, CVE-2026-25188)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5078885

Read more at https://www.tenable.com/plugins/nessus/301772

]]> <![CDATA[KB5078752: Windows 10 version 1809 / Windows Server 2019 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301771 https://www.tenable.com/plugins/nessus/301771 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301771 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5078752. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.
 (CVE-2026-23667)

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
 (CVE-2026-24285)
- A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.
 (CVE-2026-26111)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5078752

Read more at https://www.tenable.com/plugins/nessus/301771

]]> <![CDATA[KB5078774: Windows Server 2012 R2 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301770 https://www.tenable.com/plugins/nessus/301770 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301770 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5078774. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
 (CVE-2026-24285)

 - Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally. (CVE-2026-24291)

 - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.
 (CVE-2026-26111) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5078774

Read more at https://www.tenable.com/plugins/nessus/301770

]]> <![CDATA[Security Updates for Microsoft Office Products C2R (March 2026)]]> https://www.tenable.com/plugins/nessus/301769 https://www.tenable.com/plugins/nessus/301769 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301769 with High Severity

Synopsis

The Microsoft Office Products are affected by multiple remote code execution vulnerabilities.

Description

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities:

 - Remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. (CVE-2026-26110, CVE-2026-26113)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Microsoft has released patches to address these issues.

For Office 365, Office 2016 C2R, or Office 2019, 2021 or 2024, ensure automatic updates are enabled or open any office app and manually perform an update.

Read more at https://www.tenable.com/plugins/nessus/301769

]]> <![CDATA[KB5079473: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301768 https://www.tenable.com/plugins/nessus/301768 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301768 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5079473 or hotpatch 5079420. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.
 (CVE-2026-23667)

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. (CVE-2026-24283)
- An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.
 (CVE-2026-25177, CVE-2026-25188)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5079473 or hotpatch 5079420

Read more at https://www.tenable.com/plugins/nessus/301768

]]> <![CDATA[KB5078734: Windows Server version 23H2 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301767 https://www.tenable.com/plugins/nessus/301767 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301767 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5078734. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. (CVE-2026-24283)

 - Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
 (CVE-2026-24285)
- A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.
 (CVE-2026-26111)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5078734

Read more at https://www.tenable.com/plugins/nessus/301767

]]> <![CDATA[Security Updates for Microsoft Excel Products (March 2026)]]> https://www.tenable.com/plugins/nessus/301766 https://www.tenable.com/plugins/nessus/301766 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301766 with High Severity

Synopsis

The Microsoft Excel Products are missing a security update.

Description

The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. (CVE-2026-26107, CVE-2026-26108, CVE-2026-26109, CVE-2026-26112)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Microsoft has released KB5002849 to address this issue.

Read more at https://www.tenable.com/plugins/nessus/301766

]]> <![CDATA[KB5078938: Windows 10 Version 1607 / Windows Server 2016 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301765 https://www.tenable.com/plugins/nessus/301765 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301765 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5078938. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
 (CVE-2026-24285)

 - Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally. (CVE-2026-24291)

 - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.
 (CVE-2026-26111)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5078938

Read more at https://www.tenable.com/plugins/nessus/301765

]]> <![CDATA[Security Updates for Office Online Server (March 2026)]]> https://www.tenable.com/plugins/nessus/301764 https://www.tenable.com/plugins/nessus/301764 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301764 with High Severity

Synopsis

The Office Online Server installation on the remote host is affected by multiple vulnerabilities.

Description

The Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerabilities:

 - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
 (CVE-2026-26107)

 - Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. (CVE-2026-26108)

 - Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
 (CVE-2026-26109)

 - Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. (CVE-2026-26112)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Microsoft has released 5002835 to address this issue.

Read more at https://www.tenable.com/plugins/nessus/301764

]]> <![CDATA[KB5078766: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (March 2026)]]> https://www.tenable.com/plugins/nessus/301763 https://www.tenable.com/plugins/nessus/301763 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301763 with Medium Severity

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 5078766 or hotpatch 5078737. It is, therefore, affected by multiple vulnerabilities

 - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. (CVE-2026-23669)

 - Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
 (CVE-2026-24285)

 - External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally. (CVE-2026-24287)
- A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.
 (CVE-2026-26111)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Apply Security Update 5078766 or hotpatch 5078737

Read more at https://www.tenable.com/plugins/nessus/301763

]]> <![CDATA[Security Updates for Microsoft SharePoint Server 2019 (March 2026)]]> https://www.tenable.com/plugins/nessus/301762 https://www.tenable.com/plugins/nessus/301762 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301762 with Critical Severity

Synopsis

The Microsoft SharePoint Server 2019 installation on the remote host is affected by multiple vulnerabilities.

Description

The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities:

 - Remote Code Execution vulnerabilities (CVE-2026-26106, CVE-2026-26113, CVE-2026-26114)
- Spoofing vulnerability in Microsoft SharePoint Server Subscription Edition (CVE-2026-26105)

Note that Nessus has not tested for these issues but instead relies on the application's self-reported version number.

Solution

Microsoft has released security updates to address this issue.

Read more at https://www.tenable.com/plugins/nessus/301762

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3081]]> https://www.tenable.com/plugins/nessus/301757 https://www.tenable.com/plugins/nessus/301757 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301757 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer.
 Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of decoding units. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28839. (CVE-2026-3081)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301757

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3083]]> https://www.tenable.com/plugins/nessus/301755 https://www.tenable.com/plugins/nessus/301755 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301755 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of X-QDM RTP payload elements. When parsing the packetid element, the process does not properly validate user-supplied data, which can result in a write past the end of an allocated array. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28850. (CVE-2026-3083)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301755

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3086]]> https://www.tenable.com/plugins/nessus/301754 https://www.tenable.com/plugins/nessus/301754 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301754 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of APS units. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
 Was ZDI-CAN-28911. (CVE-2026-3086)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301754

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-30929]]> https://www.tenable.com/plugins/nessus/301752 https://www.tenable.com/plugins/nessus/301752 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301752 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MagnifyImage uses a fixed-size stack buffer. When using a specific image it is possible to overflow this buffer and corrupt the stack. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. (CVE-2026-30929)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301752

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2922]]> https://www.tenable.com/plugins/nessus/301751 https://www.tenable.com/plugins/nessus/301751 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301751 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of video packets. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28845. (CVE-2026-2922)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301751

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3084]]> https://www.tenable.com/plugins/nessus/301750 https://www.tenable.com/plugins/nessus/301750 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301750 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of picture partitions. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28910. (CVE-2026-3084)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301750

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2921]]> https://www.tenable.com/plugins/nessus/301746 https://www.tenable.com/plugins/nessus/301746 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301746 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of palette data in AVI files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28854. (CVE-2026-2921)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301746

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-30931]]> https://www.tenable.com/plugins/nessus/301745 https://www.tenable.com/plugins/nessus/301745 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301745 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, a heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write. This vulnerability is fixed in 7.1.2-16. (CVE-2026-30931)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301745

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-30883]]> https://www.tenable.com/plugins/nessus/301744 https://www.tenable.com/plugins/nessus/301744 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301744 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. (CVE-2026-30883)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301744

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3085]]> https://www.tenable.com/plugins/nessus/301742 https://www.tenable.com/plugins/nessus/301742 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301742 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of X-QDM RTP payloads. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
 Was ZDI-CAN-28851. (CVE-2026-3085)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301742

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2920]]> https://www.tenable.com/plugins/nessus/301741 https://www.tenable.com/plugins/nessus/301741 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301741 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of stream headers within ASF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28843. (CVE-2026-2920)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301741

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2923]]> https://www.tenable.com/plugins/nessus/301740 https://www.tenable.com/plugins/nessus/301740 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301740 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of coordinates. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
 Was ZDI-CAN-28838. (CVE-2026-2923)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301740

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-31802]]> https://www.tenable.com/plugins/nessus/301684 https://www.tenable.com/plugins/nessus/301684 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301684 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction.
 This vulnerability is fixed in 7.5.11. (CVE-2026-31802)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301684

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-69647]]> https://www.tenable.com/plugins/nessus/301568 https://www.tenable.com/plugins/nessus/301568 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301568 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an unbounded output loop that never terminates unless externally interrupted. A local attacker can trigger this behavior by supplying a malicious input file, causing excessive CPU and I/O usage and preventing readelf from completing its analysis. (CVE-2025-69647)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301568

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-69648]]> https://www.tenable.com/plugins/nessus/301566 https://www.tenable.com/plugins/nessus/301566 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301566 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a non-terminating output loop that requires manual interruption. No evidence of memory corruption or code execution was observed. (CVE-2025-69648)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301566

]]> <![CDATA[Vim < 9.2.0077 Heap-based Buffer Overflow (GHSA-r2gw-2x48-jj5p)]]> https://www.tenable.com/plugins/nessus/301510 https://www.tenable.com/plugins/nessus/301510 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301510 with High Severity

Synopsis

The remote host is missing a security update.

Description

The version of Vim installed on the remote host is prior to 9.2.0077. It is, therefore, affected by a vulnerability as referenced in the GHSA-r2gw-2x48-jj5p advisory.

 - Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue. (CVE-2026-28421)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Vim version 9.2.0077 or later.

Read more at https://www.tenable.com/plugins/nessus/301510

]]> <![CDATA[Vim < 9.2.0076 Heap-based Buffer Overflow and OOB Read (GHSA-rvj2-jrf9-2phg)]]> https://www.tenable.com/plugins/nessus/301509 https://www.tenable.com/plugins/nessus/301509 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301509 with Medium Severity

Synopsis

The remote host is missing a security update.

Description

The version of Vim installed on the remote host is prior to 9.2.0076. It is, therefore, affected by a vulnerability as referenced in the GHSA-rvj2-jrf9-2phg advisory.

 - Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue. (CVE-2026-28420)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Vim version 9.2.0076 or later.

Read more at https://www.tenable.com/plugins/nessus/301509

]]> <![CDATA[GLSA-202603-01 : Exiv2: Multiple Vulnerabilities]]> https://www.tenable.com/plugins/nessus/301499 https://www.tenable.com/plugins/nessus/301499 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301499 with Medium Severity

Synopsis

null

Description

The remote host is affected by the vulnerability described in GLSA-202603-01 (Exiv2: Multiple Vulnerabilities)

 The following vulnerabilities have been discovered in Exiv2: 2 out of bounds reads, an integer overflow, and an uncaught exception. The worst of which can lead to a Denial of Service via a crash of the program.
 Please review the CVE identifiers referenced below for details.

Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

All Exiv2 users should upgrade to the latest version:

 # emerge --sync # emerge --ask --oneshot --verbose >=media-gfx/exiv2-0.28.8

Read more at https://www.tenable.com/plugins/nessus/301499

]]> <![CDATA[RHEL 9 : kernel (RHSA-2026:3966)]]> https://www.tenable.com/plugins/nessus/301494 https://www.tenable.com/plugins/nessus/301494 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301494 with High Severity

Synopsis

The remote Red Hat host is missing one or more security updates for kernel.

Description

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3966 advisory.

 The kernel packages contain the Linux kernel, the core of any Linux operating system.

 Security Fix(es):

 * kernel: Linux kernel io_uring: Local privilege escalation, information disclosure, or denial of service via use-after-free (CVE-2025-38106)

 * kernel: macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL kernel package based on the guidance in RHSA-2026:3966.

Read more at https://www.tenable.com/plugins/nessus/301494

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3713]]> https://www.tenable.com/plugins/nessus/301483 https://www.tenable.com/plugins/nessus/301483 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301483 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. (CVE-2026-3713)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301483

]]> <![CDATA[Fedora 43 : vim (2026-651ba4626f)]]> https://www.tenable.com/plugins/nessus/301469 https://www.tenable.com/plugins/nessus/301469 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301469 with High Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-651ba4626f advisory.

 Security fixes for CVE-2026-28417, CVE-2026-28418, CVE-2026-28419, CVE-2026-28420, CVE-2026-28421, CVE-2026-28422

 ----

 Security fixes for CVE-2026-28417, CVE-2026-28418, CVE-2026-28419, CVE-2026-28420, CVE-2026-28421, CVE-2026-28422

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected 2:vim package.

Read more at https://www.tenable.com/plugins/nessus/301469

]]> <![CDATA[SUSE SLES16 Security Update : expat (SUSE-SU-2026:20627-1)]]> https://www.tenable.com/plugins/nessus/301459 https://www.tenable.com/plugins/nessus/301459 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301459 with High Severity

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES16 / SLES_SAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20627-1 advisory.

 - CVE-2026-24515: failure to copy the encoding handler data passed to XML_SetUnknownEncodingHandler may cause a NULL dereference (bsc#1257144).
 - CVE-2026-25210: lack of buffer size check can lead to an integer overflow (bsc#1257496).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected expat, libexpat-devel and / or libexpat1 packages.

Read more at https://www.tenable.com/plugins/nessus/301459

]]> <![CDATA[Fedora 44 : keylime / keylime-agent-rust (2026-2b8b223cf0)]]> https://www.tenable.com/plugins/nessus/301444 https://www.tenable.com/plugins/nessus/301444 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301444 with Critical Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-2b8b223cf0 advisory.

 Update keylime to version 7.14.1 and keylime-agent-rust to version 0.2.9

 Fixes: CVE-2026-1709 and CVE-2025-13609



Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected keylime and / or keylime-agent-rust packages.

Read more at https://www.tenable.com/plugins/nessus/301444

]]> <![CDATA[Amazon Linux 2023 : javapackages-bootstrap (ALAS2023-2026-1449)]]> https://www.tenable.com/plugins/nessus/301343 https://www.tenable.com/plugins/nessus/301343 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301343 with High Severity

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1449 advisory.

 AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine (JVM). Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity (XXE) vulnerability exists in `org.assertj.core.util.xml.XmlStringPrettyFormatter`: the `toXmlDocument(String)` method initializes `DocumentBuilderFactory` with default settings, without disabling DTDs or external entities. This formatter is used by the `isXmlEqualTo(CharSequence)` assertion for `CharSequence` values. An application is vulnerable only when it uses untrusted XML input with either `isXmlEqualTo(CharSequence)` from `org.assertj.core.api.AbstractCharSequenceAssert` or `xmlPrettyFormat(String)` from `org.assertj.core.util.xml.XmlStringPrettyFormatter`. If untrusted XML input is processed by tone of these methods, an attacker couldnread arbitrary local files via `file://` URIs (e.g., `/etc/passwd`, application configuration files); perform Server-Side Request Forgery (SSRF) via HTTP/HTTPS URIs, and/or cause Denial of Service via Billion Laughs entity expansion attacks. `isXmlEqualTo(CharSequence)` has been deprecated in favor of XMLUnit in version 3.18.0 and will be removed in version 4.0. Users of affected versions should, in order of preference: replace `isXmlEqualTo(CharSequence)` with XMLUnit, upgrade to version 3.27.7, or avoid using `isXmlEqualTo(CharSequence)` or `XmlStringPrettyFormatter` with untrusted input.
 `XmlStringPrettyFormatter` has historically been considered a utility for `isXmlEqualTo(CharSequence)` rather than a feature for AssertJ users, so it is deprecated in version 3.27.7 and removed in version 4.0, with no replacement. (CVE-2026-24400)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update javapackages-bootstrap --releasever 2023.10.20260302' or or 'dnf update --advisory ALAS2023-2026-1449 --releasever 2023.10.20260302' to update your system.

Read more at https://www.tenable.com/plugins/nessus/301343

]]> <![CDATA[Amazon Linux 2023 : assertj-core, assertj-core-javadoc (ALAS2023-2026-1448)]]> https://www.tenable.com/plugins/nessus/301341 https://www.tenable.com/plugins/nessus/301341 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301341 with High Severity

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1448 advisory.

 AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine (JVM). Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity (XXE) vulnerability exists in `org.assertj.core.util.xml.XmlStringPrettyFormatter`: the `toXmlDocument(String)` method initializes `DocumentBuilderFactory` with default settings, without disabling DTDs or external entities. This formatter is used by the `isXmlEqualTo(CharSequence)` assertion for `CharSequence` values. An application is vulnerable only when it uses untrusted XML input with either `isXmlEqualTo(CharSequence)` from `org.assertj.core.api.AbstractCharSequenceAssert` or `xmlPrettyFormat(String)` from `org.assertj.core.util.xml.XmlStringPrettyFormatter`. If untrusted XML input is processed by tone of these methods, an attacker couldnread arbitrary local files via `file://` URIs (e.g., `/etc/passwd`, application configuration files); perform Server-Side Request Forgery (SSRF) via HTTP/HTTPS URIs, and/or cause Denial of Service via Billion Laughs entity expansion attacks. `isXmlEqualTo(CharSequence)` has been deprecated in favor of XMLUnit in version 3.18.0 and will be removed in version 4.0. Users of affected versions should, in order of preference: replace `isXmlEqualTo(CharSequence)` with XMLUnit, upgrade to version 3.27.7, or avoid using `isXmlEqualTo(CharSequence)` or `XmlStringPrettyFormatter` with untrusted input.
 `XmlStringPrettyFormatter` has historically been considered a utility for `isXmlEqualTo(CharSequence)` rather than a feature for AssertJ users, so it is deprecated in version 3.27.7 and removed in version 4.0, with no replacement. (CVE-2026-24400)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update assertj-core --releasever 2023.10.20260302' or or 'dnf update --advisory ALAS2023-2026-1448 --releasever 2023.10.20260302' to update your system.

Read more at https://www.tenable.com/plugins/nessus/301341

]]> <![CDATA[Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1455)]]> https://www.tenable.com/plugins/nessus/301337 https://www.tenable.com/plugins/nessus/301337 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301337 with Medium Severity

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1455 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 bpf: Reject narrower access to pointer ctx fields (CVE-2025-38591)

 In the Linux kernel, the following vulnerability has been resolved:

 sched_ext: Fix possible deadlock in the deferred_irq_workfn() (CVE-2025-68333)

 In the Linux kernel, the following vulnerability has been resolved:

 exfat: fix refcount leak in exfat_find (CVE-2025-68351)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: fix racy bitfield write in btrfs_clear_space_info_full() (CVE-2025-68358)

 In the Linux kernel, the following vulnerability has been resolved:

 fs/ntfs3: Initialize allocated memory before use (CVE-2025-68365)

 In the Linux kernel, the following vulnerability has been resolved:

 bpf: Do not let BPF test infra emit invalid GSO types to stack (CVE-2025-68725)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (CVE-2025-71194)

 In the Linux kernel, the following vulnerability has been resolved:

 net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv (CVE-2026-22996)

 In the Linux kernel, the following vulnerability has been resolved:

 net/sched: sch_qfq: do not free existing class in qfq_change_class() (CVE-2026-22999)

 In the Linux kernel, the following vulnerability has been resolved:

 net/mlx5e: Fix crash on profile change rollback failure (CVE-2026-23000)

 In the Linux kernel, the following vulnerability has been resolved:

 macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001)

 In the Linux kernel, the following vulnerability has been resolved:

 lib/buildid: use __kernel_read() for sleepable context (CVE-2026-23002)

 In the Linux kernel, the following vulnerability has been resolved:

 ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() (CVE-2026-23003)

 In the Linux kernel, the following vulnerability has been resolved:

 x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 (CVE-2026-23005)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv6: Fix use-after-free in inet6_addr_del(). (CVE-2026-23010)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv4: ip_gre: make ipgre_header() robust (CVE-2026-23011)

 In the Linux kernel, the following vulnerability has been resolved:

 mm/page_alloc: prevent pcp corruption with SMP=n (CVE-2026-23025)

 In the Linux kernel, the following vulnerability has been resolved:

 null_blk: fix kmemleak by releasing references to fault configfs items (CVE-2026-23032)

 In the Linux kernel, the following vulnerability has been resolved:

 net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (CVE-2026-23035)

 In the Linux kernel, the following vulnerability has been resolved:

 pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (CVE-2026-23038)

 In the Linux kernel, the following vulnerability has been resolved:

 pNFS: Fix a deadlock when returning a delegation during open() (CVE-2026-23050)

 In the Linux kernel, the following vulnerability has been resolved:

 NFS: Fix a deadlock involving nfs_release_folio() (CVE-2026-23053)

 In the Linux kernel, the following vulnerability has been resolved:

 net: hv_netvsc: reject RSS hash key programming without RX indirection table (CVE-2026-23054)

 In the Linux kernel, the following vulnerability has been resolved:

 vsock/virtio: Coalesce only linear skb (CVE-2026-23057)

 In the Linux kernel, the following vulnerability has been resolved:

 crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (CVE-2026-23060)

 In the Linux kernel, the following vulnerability has been resolved:

 vsock/virtio: fix potential underflow in virtio_transport_get_credit() (CVE-2026-23069)

 In the Linux kernel, the following vulnerability has been resolved:

 regmap: Fix race condition in hwspinlock irqsave routine (CVE-2026-23071)

 In the Linux kernel, the following vulnerability has been resolved:

 net/sched: Enforce that teql can only be used as root qdisc (CVE-2026-23074)

 In the Linux kernel, the following vulnerability has been resolved:

 fou: Don't allow 0 for FOU_ATTR_IPPROTO. (CVE-2026-23083)

 In the Linux kernel, the following vulnerability has been resolved:

 irqchip/gic-v3-its: Avoid truncating memory addresses (CVE-2026-23085)

 In the Linux kernel, the following vulnerability has been resolved:

 vsock/virtio: cap TX credit to local buffer size (CVE-2026-23086)

 In the Linux kernel, the following vulnerability has been resolved:

 gue: Fix skb memleak with inner IP protocol 0. (CVE-2026-23095)

 In the Linux kernel, the following vulnerability has been resolved:

 migrate: correct lock ordering for hugetlb file folios (CVE-2026-23097)

 In the Linux kernel, the following vulnerability has been resolved:

 bonding: limit BOND_MODE_8023AD to Ethernet devices (CVE-2026-23099)

 In the Linux kernel, the following vulnerability has been resolved:

 ipvlan: Make the addrs_lock be per port (CVE-2026-23103)

 In the Linux kernel, the following vulnerability has been resolved:

 net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (CVE-2026-23105)

 In the Linux kernel, the following vulnerability has been resolved:

 arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (CVE-2026-23107)

 In the Linux kernel, the following vulnerability has been resolved:

 scsi: core: Wake up the error handler when final completions race against each other (CVE-2026-23110)

 In the Linux kernel, the following vulnerability has been resolved:

 io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (CVE-2026-23113)

 In the Linux kernel, the following vulnerability has been resolved:

 bonding: provide a net pointer to __skb_flow_dissect() (CVE-2026-23119)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv6: annotate data-race in ndisc_router_discovery() (CVE-2026-23124)

 In the Linux kernel, the following vulnerability has been resolved:

 sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (CVE-2026-23125)

 In the Linux kernel, the following vulnerability has been resolved:

 netdevsim: fix a race issue related to the operation on bpf_bound_progs list (CVE-2026-23126)

 In the Linux kernel, the following vulnerability has been resolved:

 arm64: Set __nocfi on swsusp_arch_resume() (CVE-2026-23128)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: send: check for inline extents in range_is_hole_in_parent() (CVE-2026-23141)

 In the Linux kernel, the following vulnerability has been resolved:

 mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure (CVE-2026-23142)

 In the Linux kernel, the following vulnerability has been resolved:

 mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure (CVE-2026-23144)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (CVE-2026-23145)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update kernel6.12 --releasever 2023.10.20260302' or or 'dnf update --advisory ALAS2023-2026-1455 --releasever 2023.10.20260302' to update your system.

Read more at https://www.tenable.com/plugins/nessus/301337

]]> <![CDATA[openSUSE 16 Security Update : assertj-core (openSUSE-SU-2026:20298-1)]]> https://www.tenable.com/plugins/nessus/301315 https://www.tenable.com/plugins/nessus/301315 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301315 with High Severity

Synopsis

The remote openSUSE host is missing a security update.

Description

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20298-1 advisory.

 Upgrade to version 3.27.7:

 - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion (bsc#1257293).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected assertj-core and / or assertj-core-javadoc packages.

Read more at https://www.tenable.com/plugins/nessus/301315

]]> <![CDATA[openSUSE 16 Security Update : expat (openSUSE-SU-2026:20306-1)]]> https://www.tenable.com/plugins/nessus/301308 https://www.tenable.com/plugins/nessus/301308 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301308 with High Severity

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20306-1 advisory.

 - CVE-2026-24515: failure to copy the encoding handler data passed to XML_SetUnknownEncodingHandler may cause a NULL dereference (bsc#1257144).
 - CVE-2026-25210: lack of buffer size check can lead to an integer overflow (bsc#1257496).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected expat, libexpat-devel and / or libexpat1 packages.

Read more at https://www.tenable.com/plugins/nessus/301308

]]> <![CDATA[SUSE SLES15 Security Update : ocaml (SUSE-SU-2026:0800-1)]]> https://www.tenable.com/plugins/nessus/301291 https://www.tenable.com/plugins/nessus/301291 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301291 with High Severity

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0800-1 advisory.

 - CVE-2026-28364: missing bounds validation in readblock() can lead to arbitrary code execution (bsc#1258992).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301291

]]> <![CDATA[openSUSE 15 Security Update : expat (SUSE-SU-2026:0826-1)]]> https://www.tenable.com/plugins/nessus/301287 https://www.tenable.com/plugins/nessus/301287 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301287 with High Severity

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0826-1 advisory.

 - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144)
 - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301287

]]> <![CDATA[SUSE SLES16 Security Update : assertj-core (SUSE-SU-2026:20604-1)]]> https://www.tenable.com/plugins/nessus/301282 https://www.tenable.com/plugins/nessus/301282 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301282 with High Severity

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLES16 / SLES_SAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:20604-1 advisory.

 Upgrade to version 3.27.7:

 - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion (bsc#1257293).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected assertj-core and / or assertj-core-javadoc packages.

Read more at https://www.tenable.com/plugins/nessus/301282

]]> <![CDATA[SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ocaml (SUSE-SU-2026:0830-1)]]> https://www.tenable.com/plugins/nessus/301279 https://www.tenable.com/plugins/nessus/301279 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301279 with High Severity

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0830-1 advisory.

 - CVE-2026-28364: missing bounds validation in readblock() can lead to arbitrary code execution (bsc#1258992).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301279

]]> <![CDATA[Vim < 9.2.0075 Heap-based Buffer Underflow (GHSA-xcc8-r6c5-hvwv)]]> https://www.tenable.com/plugins/nessus/301248 https://www.tenable.com/plugins/nessus/301248 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301248 with Medium Severity

Synopsis

The remote host is missing a security update.

Description

The version of Vim installed on the remote host is prior to 9.2.0075. It is, therefore, affected by a vulnerability as referenced in the GHSA-xcc8-r6c5-hvwv advisory.

 - Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding the allocated buffer. Version 9.2.0075 fixes the issue. (CVE-2026-28419)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Vim version 9.2.0075 or later.

Read more at https://www.tenable.com/plugins/nessus/301248

]]> <![CDATA[RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.0.12 (RHSA-2026:3891)]]> https://www.tenable.com/plugins/nessus/301160 https://www.tenable.com/plugins/nessus/301160 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301160 with Critical Severity

Synopsis

The remote Red Hat host is missing one or more security updates for Red Hat JBoss Enterprise Application Platform 8.0.12.

Description

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3891 advisory.

 Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.12 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.11, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.12 Release Notes for information about the most significant bug fixes and enhancements included in this release.

 Security Fix(es):

 * undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF [eap-8.0.z] (CVE-2025-12543)

 * undertow-core: Undertow MadeYouReset HTTP/2 DDoS Vulnerability (CVE-2025-9784)

 * undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded [eap-8.0.z] (CVE-2024-3884)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL Red Hat JBoss Enterprise Application Platform 8.0.12 package based on the guidance in RHSA-2026:3891.

Read more at https://www.tenable.com/plugins/nessus/301160

]]> <![CDATA[RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.0.12 (RHSA-2026:3889)]]> https://www.tenable.com/plugins/nessus/301159 https://www.tenable.com/plugins/nessus/301159 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301159 with Critical Severity

Synopsis

The remote Red Hat host is missing one or more security updates for Red Hat JBoss Enterprise Application Platform 8.0.12.

Description

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3889 advisory.

 Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.12 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.11, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.12 Release Notes for information about the most significant bug fixes and enhancements included in this release.

 Security Fix(es):

 * undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF [eap-8.0.z] (CVE-2025-12543)

 * undertow-core: Undertow MadeYouReset HTTP/2 DDoS Vulnerability (CVE-2025-9784)

 * undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded [eap-8.0.z] (CVE-2024-3884)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL Red Hat JBoss Enterprise Application Platform 8.0.12 package based on the guidance in RHSA-2026:3889.

Read more at https://www.tenable.com/plugins/nessus/301159

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-29022]]> https://www.tenable.com/plugins/nessus/301145 https://www.tenable.com/plugins/nessus/301145 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301145 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - dr_libs version 0.14.4 and earlier (fixed in commit 8a7258c) contain a heap buffer overflow vulnerability in the drwav__read_smpl_to_metadata_obj() function of dr_wav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 and unconditional processing in pass 2 to overflow heap allocations with 36 bytes of attacker-controlled data through any drwav_init_*_with_metadata() call on untrusted input. (CVE-2026-29022)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301145

]]> <![CDATA[Exiv2 0.28.7 Multiple Vulnerabilities]]> https://www.tenable.com/plugins/nessus/301135 https://www.tenable.com/plugins/nessus/301135 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 301135 with Medium Severity

Synopsis

The remote host is missing a security update.

Description

The version of Exiv2 installed on the remote host is 0.28.7. It is, therefore, affected by multiple vulnerabilities:

 - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. In version 0.28.7, an out-of-bounds read was found. The vulnerability is in the CRW image parser. (CVE-2026-25884)

 - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. In version 0.28.7, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. The out-of-bounds read is at a 4GB offset, which usually causes Exiv2 to crash. (CVE-2026-27596)

 - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. In version 0.28.7, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. Due to an integer overflow, the code attempts to create a huge std::vector, which causes Exiv2 to crash with an uncaught exception. (CVE-2026-27631)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Exiv2 version 0.28.8 or later.

Read more at https://www.tenable.com/plugins/nessus/301135

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27601]]> https://www.tenable.com/plugins/nessus/300943 https://www.tenable.com/plugins/nessus/300943 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300943 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the _.flatten and _.isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service (DoS) attack by triggering a stack overflow. Untrusted input must be used to create a recursive datastructure, for example using JSON.parse, with no enforced depth limit. The datastructure thus created must be passed to _.flatten or _.isEqual. In the case of _.flatten, the vulnerability can only be exploited if it is possible for a remote client to prepare a datastructure that consists of arrays at all levels AND if no finite depth limit is passed as the second argument to
 _.flatten. In the case of _.isEqual, the vulnerability can only be exploited if there exists a code path in which two distinct datastructures that were submitted by the same remote client are compared using
 _.isEqual. For example, if a client submits data that are stored in a database, and the same client can later submit another datastructure that is then compared to the data that were saved in the database previously, OR if a client submits a single request, but its data are parsed twice, creating two non- identical but equivalent datastructures that are then compared. Exceptions originating from the call to
 _.flatten or _.isEqual, as a result of a stack overflow, are not being caught. This vulnerability is fixed in 1.13.8. (CVE-2026-27601)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300943

]]> <![CDATA[Python Library Django 4.2.x < 4.2.29 / 5.2.x < 5.2.12 / 6.0.x < 6.0.3 DoS]]> https://www.tenable.com/plugins/nessus/300915 https://www.tenable.com/plugins/nessus/300915 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300915 with High Severity

Synopsis

A Python library installed on the remote host is affected by a denial of service vulnerability.

Description

The detected version of the Django Python package, is 4.2.x prior to 4.2.29, 5.2.x prior to 5.2.12, or 6.0.x prior to 6.0.3. It is, therefore, affected by a denial of service vulnerability as referenced by security release advisory:

 - An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. `URLField.to_python()` in Django calls `urllib.parse.urlsplit()`, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial of service via large URL inputs containing these characters. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. (CVE-2026-25673)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Django version 4.2.29, 5.2.12, 6.0.3 or later.

Read more at https://www.tenable.com/plugins/nessus/300915

]]> <![CDATA[Python Library Django 4.2.x < 4.2.29 / 5.2.x < 5.2.12 / 6.0.x < 6.0.3 Race Condition]]> https://www.tenable.com/plugins/nessus/300914 https://www.tenable.com/plugins/nessus/300914 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300914 with Low Severity

Synopsis

A Python library installed on the remote host is affected by a race condition vulnerability.

Description

The detected version of the Django Python package, is 4.2.x prior to 4.2.29, 5.2.x prior to 5.2.12, or 6.0.x prior to 6.0.3. It is, therefore, affected by a race condition vulnerability as referenced by security release advisory:

 - An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's temporary `umask` change affects other threads in multi-threaded environments. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. (CVE-2026-25674)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Django version 4.2.29, 5.2.12, 6.0.3 or later.

Read more at https://www.tenable.com/plugins/nessus/300914

]]> <![CDATA[Fedora 43 : keylime / keylime-agent-rust (2026-e5027335a3)]]> https://www.tenable.com/plugins/nessus/300875 https://www.tenable.com/plugins/nessus/300875 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300875 with Critical Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-e5027335a3 advisory.

 Update keylime to version 7.14.1 and keylime-agent-rust to version 0.2.9

 Fixes: CVE-2026-1709 and CVE-2025-13609

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected keylime and / or keylime-agent-rust packages.

Read more at https://www.tenable.com/plugins/nessus/300875

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3389]]> https://www.tenable.com/plugins/nessus/300841 https://www.tenable.com/plugins/nessus/300841 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300841 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstd_rex_newnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
 (CVE-2026-3389)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300841

]]> <![CDATA[Zed < 0.224.4 Multiple Path Traversal Vulnerabilities]]> https://www.tenable.com/plugins/nessus/300838 https://www.tenable.com/plugins/nessus/300838 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300838 with High Severity

Synopsis

A code editor installed on the remote host is affected by multiple path traversal vulnerabilities.

Description

The version of Zed installed on the remote host is prior to 0.224.4. It is, therefore, affected by multiple vulnerabilities:

 - A Zip Slip path traversal vulnerability exists in the extension archive extraction functionality. The extract_zip() function fails to validate ZIP entry filenames for path traversal sequences, allowing a malicious extension to write files outside its designated sandbox directory by downloading and extracting a crafted ZIP archive.
 (CVE-2026-27800)

 - A path traversal vulnerability exists in the extension installer tar extractor. The tar extractor creates symlinks from the archive without validation, and the path guard only performs lexical prefix checks without resolving symlinks. An attacker can ship a tar that creates a symlink inside the extension workdir pointing outside, then writes files through the symlink, causing writes to arbitrary host paths. This escapes the extension sandbox and enables code execution. (CVE-2026-27976)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Zed version 0.224.4 or later.

Read more at https://www.tenable.com/plugins/nessus/300838

]]> <![CDATA[SUSE SLES12 Security Update : libxml2 (SUSE-SU-2026:0782-1)]]> https://www.tenable.com/plugins/nessus/300833 https://www.tenable.com/plugins/nessus/300833 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300833 with Medium Severity

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0782-1 advisory.

 - CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI`. (bsc#1256807, bsc#1256811)
 - CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to exponential behavior. (bsc#1256809, bsc#1256812)
 - CVE-2026-1757: Fixed a memory leak in the `xmllint` interactive shell. (bsc#1257594, bsc#1257595)
 - CVE-2025-10911: Fixed a use-after-free with key data stored cross-RVT. (bsc#1250553)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/300833

]]> <![CDATA[Fedora 42 : keylime / keylime-agent-rust (2026-c2b5451b35)]]> https://www.tenable.com/plugins/nessus/300825 https://www.tenable.com/plugins/nessus/300825 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300825 with Critical Severity

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-c2b5451b35 advisory.

 Update keylime to version 7.14.1 and keylime-agent-rust to version 0.2.9

 Fixes: CVE-2026-1709 and CVE-2025-13609


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected keylime and / or keylime-agent-rust packages.

Read more at https://www.tenable.com/plugins/nessus/300825

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3449]]> https://www.tenable.com/plugins/nessus/300775 https://www.tenable.com/plugins/nessus/300775 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300775 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Red Hat Enterprise Linux - @tootallnate/once: @tootallnate/once: Denial of Service due to incorrect control flow scoping with AbortSignal (CVE-2026-3449)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300775

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3388]]> https://www.tenable.com/plugins/nessus/300656 https://www.tenable.com/plugins/nessus/300656 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300656 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolled recursion. The attack needs to be approached locally. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet. (CVE-2026-3388)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300656

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-64736]]> https://www.tenable.com/plugins/nessus/300631 https://www.tenable.com/plugins/nessus/300631 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300631 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (5462afb0). A specially crafted .abf file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability. (CVE-2025-64736)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300631

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27596]]> https://www.tenable.com/plugins/nessus/300630 https://www.tenable.com/plugins/nessus/300630 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300630 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. The out-of-bounds read is at a 4GB offset, which usually causes Exiv2 to crash. This issue has been patched in version 0.28.8. (CVE-2026-27596)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300630

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-25884]]> https://www.tenable.com/plugins/nessus/300627 https://www.tenable.com/plugins/nessus/300627 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300627 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8. (CVE-2026-25884)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300627

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3336]]> https://www.tenable.com/plugins/nessus/300584 https://www.tenable.com/plugins/nessus/300584 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300584 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0. (CVE-2026-3336)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300584

]]> <![CDATA[SUSE SLED15 / SLES15 Security Update : expat (SUSE-SU-2026:0646-1)]]> https://www.tenable.com/plugins/nessus/300557 https://www.tenable.com/plugins/nessus/300557 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300557 with High Severity

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0646-1 advisory.

 - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144)
 - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected expat, libexpat-devel, libexpat1 and / or libexpat1-32bit packages.

Read more at https://www.tenable.com/plugins/nessus/300557

]]> <![CDATA[FreeBSD : Mozilla -- Multiple vulnerabilities (15f4e0f6-1338-11f1-a55d-b42e991fc52e)]]> https://www.tenable.com/plugins/nessus/300552 https://www.tenable.com/plugins/nessus/300552 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300552 with Medium Severity

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 15f4e0f6-1338-11f1-a55d-b42e991fc52e advisory.

 CVE-2026-2809: Memory safety bug in the JavaScript: WebAssembly component.
 CVE-2026-2808: Integer overflow in the JavaScript: Standard Library component.

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/300552

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-28421]]> https://www.tenable.com/plugins/nessus/300519 https://www.tenable.com/plugins/nessus/300519 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300519 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue.
 (CVE-2026-28421)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300519

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27810]]> https://www.tenable.com/plugins/nessus/300512 https://www.tenable.com/plugins/nessus/300512 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300512 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an unsanitized `content_disposition` query parameter in the `/get/` and `/data-files/get/` endpoints. All users running the calibre Content Server with authentication enabled are affected. The vulnerability is exploitable by any authenticated user and can also be triggered by tricking an authenticated victim into clicking a crafted link. Version 9.4.0 contains a fix for the issue. (CVE-2026-27810)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300512

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-28420]]> https://www.tenable.com/plugins/nessus/300511 https://www.tenable.com/plugins/nessus/300511 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300511 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue. (CVE-2026-28420)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300511

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-28419]]> https://www.tenable.com/plugins/nessus/300505 https://www.tenable.com/plugins/nessus/300505 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300505 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding the allocated buffer. Version 9.2.0075 fixes the issue. (CVE-2026-28419)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300505

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27824]]> https://www.tenable.com/plugins/nessus/300504 https://www.tenable.com/plugins/nessus/300504 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300504 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both `remote_addr` and the `X-Forwarded-For` header. Since the `X-Forwarded-For` header is read directly from the HTTP request without any validation or trusted-proxy configuration, an attacker can bypass IP-based bans by simply changing or adding this header, rendering the brute-force protection completely ineffective. This is particularly dangerous for calibre servers exposed to the internet, where brute-force protection is the primary defense against credential stuffing and password guessing attacks.
 Version 9.4.0 contains a fix for the issue. (CVE-2026-27824)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300504

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27821]]> https://www.tenable.com/plugins/nessus/300487 https://www.tenable.com/plugins/nessus/300487 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300487 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in `src/filters/dmx_nhml.c`. The value of the xmlHeaderEnd XML attribute is copied from att->value into szXmlHeaderEnd[1000] using strcpy() without any length validation. If the input exceeds 1000 bytes, it overwrites beyond the stack buffer boundary. Commit 9bd7137fded2db40de61a2cf3045812c8741ec52 patches the issue. (CVE-2026-27821)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300487

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27809]]> https://www.tenable.com/plugins/nessus/300480 https://www.tenable.com/plugins/nessus/300480 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300480 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data (e.g. a literal run that extends past the expected row size), decode_rle() raises ValueError which propagated all the way to the user, crashing psd.composite() and psd-tools export. decompress() already had a fallback that replaces failed channels with black pixels when result is None, but it never triggered because the ValueError from decode_rle() was not caught. The fix in version 1.12.2 wraps the decode_rle() call in a try/except so the existing fallback handles the error gracefully. (CVE-2026-27809)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300480

]]> <![CDATA[IBM MQ 9.1 < 9.1.0.34 LTS / 9.2 < 9.2.0.41 LTS / 9.3 < 9.3.0.37 LTS / 9.3 < 9.4.5 CD / 9.4 < 9.4.0.20 LTS (7261944)]]> https://www.tenable.com/plugins/nessus/300430 https://www.tenable.com/plugins/nessus/300430 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300430 with Medium Severity

Synopsis

The remote web server is affected by a vulnerability.

Description

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7261944 advisory.

 - IBM MQ 9.1.0.0 through 9.1.0.33 LTS, 9.2.0.0 through 9.2.0.40 LTS, 9.3.0.0 through 9.3.0.36 LTS, 9.30.0 through 9.3.5.1 CD, 9.4.0.0 through 9.4.0.17 LTS, and 9.4.0.0 through 9.4.4.1 CD (CVE-2026-1713)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to IBM MQ 9.1.0.34 LTS, 9.2.0.41 LTS, 9.3.0.37 LTS, 9.4.0.20 LTS, 9.4.5 CD or later.

Read more at https://www.tenable.com/plugins/nessus/300430

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27699]]> https://www.tenable.com/plugins/nessus/300394 https://www.tenable.com/plugins/nessus/300394 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300394 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - The `basic-ftp` FTP client library for Node.js contains a path traversal vulnerability (CWE-22) in versions prior to 5.2.0 in the `downloadToDir()` method. A malicious FTP server can send directory listings with filenames containing path traversal sequences (`../`) that cause files to be written outside the intended download directory. Version 5.2.0 patches the issue. (CVE-2026-27699)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300394

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27631]]> https://www.tenable.com/plugins/nessus/300392 https://www.tenable.com/plugins/nessus/300392 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300392 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. Due to an integer overflow, the code attempts to create a huge std::vector, which causes Exiv2 to crash with an uncaught exception. This issue has been patched in version 0.28.8.
 (CVE-2026-27631)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300392

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-23865]]> https://www.tenable.com/plugins/nessus/300295 https://www.tenable.com/plugins/nessus/300295 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300295 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2. (CVE-2026-23865)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300295

]]> <![CDATA[IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.3 (7261761)]]> https://www.tenable.com/plugins/nessus/300293 https://www.tenable.com/plugins/nessus/300293 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300293 with Critical Severity

Synopsis

The remote web application server is affected by a vulnerability.

Description

The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7261761 advisory.

 - IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings. CWE: CWE-321: Use of Hard-coded Cryptographic Key (CVE-2025-14923)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update to IBM WebSphere Application Server Liberty version 26.0.0.3 or later. Alternatively, upgrade to the minimal fix pack levels required by the interim fix and then apply Interim Fix PH69658.

Read more at https://www.tenable.com/plugins/nessus/300293

]]> <![CDATA[Zed < 0.225.9 Symlink Escape (CVE-2026-27967)]]> https://www.tenable.com/plugins/nessus/300255 https://www.tenable.com/plugins/nessus/300255 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300255 with High Severity

Synopsis

A code editor installed on the remote host is affected by a symlink escape vulnerability.

Description

The version of Zed installed on the remote host is prior to 0.225.9. It is, therefore, affected by a symlink escape vulnerability:

 - A symlink escape vulnerability exists in the Zed Agent file tools (read_file, edit_file) that allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace boundary and privacy protections, potentially leaking sensitive user data to the LLM. (CVE-2026-27967)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Zed version 0.225.9 or later.

Read more at https://www.tenable.com/plugins/nessus/300255

]]> <![CDATA[VMWare Aria Operations 8.x < 8.18.6 Multiple Vulnerabilities (VMSA-2026-0001)]]> https://www.tenable.com/plugins/nessus/300235 https://www.tenable.com/plugins/nessus/300235 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300235 with Critical Severity

Synopsis

A web application running on the remote server is affected by multiple vulnerabilities.

Description

According to its self-reported version, the instance of VMWare Aria Operations (formerly vRealize Operations) running on the remote web server is 8.x < 8.18.6. It is, therefore, affected by the following:

 - VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. (CVE-2026-22719)
- VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations.
 (CVE-2026-22720)

 - VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations.
 (CVE-2026-22721)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to VMWare Aria Operations 8.18.6.

Read more at https://www.tenable.com/plugins/nessus/300235

]]> <![CDATA[SUSE SLES12 Security Update : expat (SUSE-SU-2026:0647-1)]]> https://www.tenable.com/plugins/nessus/300232 https://www.tenable.com/plugins/nessus/300232 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300232 with High Severity

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0647-1 advisory.

 - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144)
 - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected expat, libexpat-devel, libexpat1 and / or libexpat1-32bit packages.

Read more at https://www.tenable.com/plugins/nessus/300232

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-28364]]> https://www.tenable.com/plugins/nessus/300178 https://www.tenable.com/plugins/nessus/300178 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300178 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data. (CVE-2026-28364)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300178

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3201]]> https://www.tenable.com/plugins/nessus/300144 https://www.tenable.com/plugins/nessus/300144 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300144 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service (CVE-2026-3201)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300144

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3203]]> https://www.tenable.com/plugins/nessus/300138 https://www.tenable.com/plugins/nessus/300138 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300138 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service (CVE-2026-3203)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300138

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27798]]> https://www.tenable.com/plugins/nessus/300130 https://www.tenable.com/plugins/nessus/300130 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300130 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability occurs when processing an image with small dimension using the `-wavelet-denoise` operator. Versions 7.1.2-15 and 6.9.13-40 contain a patch. (CVE-2026-27798)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300130

]]> <![CDATA[FreeBSD : FreeBSD -- Jail chroot escape via fd exchange with a different jail (a88f5b2d-11e9-11f1-8148-bc241121aa0a)]]> https://www.tenable.com/plugins/nessus/300106 https://www.tenable.com/plugins/nessus/300106 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300106 with High Severity

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a88f5b2d-11e9-11f1-8148-bc241121aa0a advisory.

 If two sibling jails are restricted to separate filesystem trees, which is to say that neither of the two jail root directories is an ancestor of the other, jailed processes may nonetheless be able to access a shared directory via a nullfs mount, if the administrator has configured one.
 In this case, cooperating processes in the two jails may establish a connection using a unix domain socket and exchange directory descriptors with each other.
 When performing a filesystem name lookup, at each step of the lookup, the kernel checks whether the lookup would descend below the jail root of the current process. If the jail root directory is not encountered, the lookup continues.
 In a configuration where processes in two different jails are able to exchange file descriptors using a unix domain socket, it is possible for a jailed process to receive a directory for a descriptor that is below that process' jail root. This enables full filesystem access for a jailed process, breaking the chroot.
 Note that the system administrator is still responsible for ensuring that an unprivileged user on the jail host is not able to pass directory descriptors to a jailed process, even in a patched kernel.

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/300106

]]> <![CDATA[FreeBSD : FreeBSD -- Local DoS and possible privilege escalation via routing sockets (fbc47390-11e9-11f1-8148-bc241121aa0a)]]> https://www.tenable.com/plugins/nessus/300102 https://www.tenable.com/plugins/nessus/300102 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300102 with High Severity

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fbc47390-11e9-11f1-8148-bc241121aa0a advisory.

 The rtsock_msg_buffer() function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddr_storage structure on the stack. It assumes that the source sockaddr length field had already been validated, but this is not necessarily the case, and it's possible for a malicious userspace program to craft a request which triggers a 127-byte overflow.
 In practice, this overflow immediately overwrites the canary for the rtsock_msg_buffer() stack frame, resulting in a panic once the function returns.
 The bug allows an unprivileged user to crash the kernel by triggering a stack buffer overflow in rtsock_msg_buffer(). In particular, the overflow will corrupt a stack canary value that is verified when the function returns; this mitigates the impact of the stack overflow by triggering a kernel panic.
 Other kernel bugs may exist which allow userspace to find the canary value and thus defeat the mitigation, at which point local privilege escalation may be possible.

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/300102

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-25969]]> https://www.tenable.com/plugins/nessus/300064 https://www.tenable.com/plugins/nessus/300064 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300064 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a structure.
 However, when an exception is thrown, the allocated memory is not properly released, resulting in a potential memory leak. Version 7.1.2-15 contains a patch. (CVE-2026-25969)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300064

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-1229]]> https://www.tenable.com/plugins/nessus/300048 https://www.tenable.com/plugins/nessus/300048 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300048 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3 https://github.com/cloudflare/circl/releases/tag/v1.6.3 . (CVE-2026-1229)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300048

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-27606]]> https://www.tenable.com/plugins/nessus/300045 https://www.tenable.com/plugins/nessus/300045 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300045 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.
 (CVE-2026-27606)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300045

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-25967]]> https://www.tenable.com/plugins/nessus/300032 https://www.tenable.com/plugins/nessus/300032 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 300032 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash. Version 7.1.2-15 contains a patch. (CVE-2026-25967)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300032

]]> <![CDATA[Cisco Catalyst SD-WAN Manager Multiple Vulnerabilities (cisco-sa-sdwan-authbp-qwCX8D4v)]]> https://www.tenable.com/plugins/nessus/299999 https://www.tenable.com/plugins/nessus/299999 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299999 with High Severity

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

According to its self-reported version, Cisco Catalyst SD-WAN Manager is affected by multiple vulnerabilities:

 - A vulnerability could allow an authenticated, local attacker to escalate privileges on the underlying operating system. (CVE-2026-20126)

 - A vulnerability could allow an unauthenticated, remote attacker to access sensitive information from the affected system. (CVE-2026-20133)

 - A vulnerability could allow an authenticated, remote attacker to modify data and impact availability of the system. (CVE-2026-20122)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCws33583, CSCws33584, CSCws33586, CSCws93470.

Read more at https://www.tenable.com/plugins/nessus/299999

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2760]]> https://www.tenable.com/plugins/nessus/299922 https://www.tenable.com/plugins/nessus/299922 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299922 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. (CVE-2026-2760)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299922

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-25966]]> https://www.tenable.com/plugins/nessus/299907 https://www.tenable.com/plugins/nessus/299907 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299907 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped secure security policy includes a rule intended to prevent reading/writing from standard streams.
 However, ImageMagick also supports fd: pseudo-filenames (e.g., fd:0, fd:1). Prior to versions 7.1.2-15 and 6.9.13-40, this path form is not blocked by the secure policy templates, and therefore bypasses the protection goal of no stdin/stdout. Versions 7.1.2-15 and 6.9.13-40 contain a patch by including a change to the more secure policies by default. As a workaround, add the change to one's security policy manually. (CVE-2026-25966)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299907

]]> <![CDATA[Metabase < 0.57.13 / 0.58.x < 0.58.7 / 1.x < 1.57.13 / 1.58.x < 1.58.7 Information Disclosure]]> https://www.tenable.com/plugins/nessus/299881 https://www.tenable.com/plugins/nessus/299881 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299881 with Medium Severity

Synopsis

The remote host is affected by an information disclosure vulnerability.

Description

The version of Metabase installed on the remote host is prior to 0.57.13, 0.58.x prior to 0.58.7, 1.x prior to 1.57.13, or 1.58.x prior to 1.58.7. It is, therefore, affected by an information disclosure vulnerability:

 - Authenticated users are able to retrieve sensitive information from a Metabase instance, including database access credentials. A low-privileged user can extract sensitive information including database credentials into the email body via template evaluation. (CVE-2026-27464)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Metabase version 0.57.13, 0.58.7, 1.57.13, 1.58.7, or later.

Read more at https://www.tenable.com/plugins/nessus/299881

]]> <![CDATA[Photon OS 5.0: Linux PHSA-2026-5.0-0770]]> https://www.tenable.com/plugins/nessus/299743 https://www.tenable.com/plugins/nessus/299743 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299743 with High Severity

Synopsis

The remote PhotonOS host is missing multiple security updates.

Description

An update of the linux package has been released.

Solution

Update the affected Linux packages.

Read more at https://www.tenable.com/plugins/nessus/299743

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-25896]]> https://www.tenable.com/plugins/nessus/299725 https://www.tenable.com/plugins/nessus/299725 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299725 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. From 4.1.3to before 5.3.5, a dot (.) in a DOCTYPE entity name is treated as a regex wildcard during entity replacement, allowing an attacker to shadow built-in XML entities (<, >, &, , ') with arbitrary values. This bypasses entity encoding and leads to XSS when parsed output is rendered. This vulnerability is fixed in 5.3.5. (CVE-2026-25896)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299725

]]> <![CDATA[openSUSE 15 Security Update : vexctl (SUSE-SU-2026:0592-1)]]> https://www.tenable.com/plugins/nessus/299709 https://www.tenable.com/plugins/nessus/299709 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299709 with High Severity

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0592-1 advisory.

 - Update to version 0.4.1+git78.f951e3a:
 - CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2. (bsc#1239186)
 - CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto. (bsc#1234486)
 - CVE-2025-27144: Go JOSE's Parsing Vulnerable to Denial of Service. (bsc#1237611)
 - CVE-2025-22870: proxy bypass using IPv6 zone IDs. (bsc#1238683)
 - CVE-2025-22869: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh. (bsc#1239323)
 - CVE-2025-30204: jwt-go allows excessive memory allocation during header parsing. (bsc#1240444)
 - CVE-2025-58181: invalidated number of mechanisms can cause unbounded memory consumption. (bsc#1253802)
 - CVE-2026-22772: MetaIssuer URL validation bypass can trigger SSRF to arbitrary internal services.
 (bsc#1256535)
 - CVE-2026-24137: legacy TUF client allows for arbitrary file writes with target cache path traversal.
 (bsc#1257138)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected vexctl package.

Read more at https://www.tenable.com/plugins/nessus/299709

]]> <![CDATA[AIX (IJ57276)]]> https://www.tenable.com/plugins/nessus/299610 https://www.tenable.com/plugins/nessus/299610 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299610 with Medium Severity

Synopsis

The remote AIX host is missing a security patch.

Description

The version of AIX installed on the remote host is prior to APAR IJ57276. It is, therefore, affected by a vulnerability as referenced in the IJ57276 advisory.

 - A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that [t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all. (CVE-2025-8732)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Please apply the appropriate interim fix per APAR IJ57276.

Read more at https://www.tenable.com/plugins/nessus/299610

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-14009]]> https://www.tenable.com/plugins/nessus/299599 https://www.tenable.com/plugins/nessus/299599 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299599 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The
 _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as
 __init__.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potential persistence mechanisms. (CVE-2025-14009)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299599

]]> <![CDATA[Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-051 (ALASFIREFOX-2026-051)]]> https://www.tenable.com/plugins/nessus/299553 https://www.tenable.com/plugins/nessus/299553 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299553 with High Severity

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of firefox installed on the remote host is prior to 140.7.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-051 advisory.

 HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0. (CVE-2026-22693)

 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlaced 16-bit PNGs with 8-bit output format and non-minimal row stride. This is a regression introduced by the fix for CVE-2025-65018.
 This vulnerability is fixed in 1.6.54. (CVE-2026-22695)

 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions png_write_image_16bit and png_write_image_8bit causes heap buffer over-read when the caller provides a negative row stride (for bottom-up image layouts) or a stride exceeding 65535 bytes. The bug was introduced in libpng 1.6.26 (October 2016) by casts added to silence compiler warnings on 16-bit systems. This vulnerability is fixed in 1.6.54. (CVE-2026-22801)

 In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. (CVE-2026-25210)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update firefox' or or 'yum update --advisory ALAS2FIREFOX-2026-051' to update your system.

Read more at https://www.tenable.com/plugins/nessus/299553

]]> <![CDATA[Amazon Linux 2023 : firefox (ALAS2023-2026-1424)]]> https://www.tenable.com/plugins/nessus/299540 https://www.tenable.com/plugins/nessus/299540 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299540 with High Severity

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1424 advisory.

 In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. (CVE-2026-25210)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update firefox --releasever 2023.10.20260216' or or 'dnf update --advisory ALAS2023-2026-1424 --releasever 2023.10.20260216' to update your system.

Read more at https://www.tenable.com/plugins/nessus/299540

]]> <![CDATA[Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3171 (ALAS-2026-3171)]]> https://www.tenable.com/plugins/nessus/299539 https://www.tenable.com/plugins/nessus/299539 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299539 with High Severity

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of thunderbird installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3171 advisory.

 HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0. (CVE-2026-22693)

 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlaced 16-bit PNGs with 8-bit output format and non-minimal row stride. This is a regression introduced by the fix for CVE-2025-65018.
 This vulnerability is fixed in 1.6.54. (CVE-2026-22695)

 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions png_write_image_16bit and png_write_image_8bit causes heap buffer over-read when the caller provides a negative row stride (for bottom-up image layouts) or a stride exceeding 65535 bytes. The bug was introduced in libpng 1.6.26 (October 2016) by casts added to silence compiler warnings on 16-bit systems. This vulnerability is fixed in 1.6.54. (CVE-2026-22801)

 In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. (CVE-2026-25210)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update thunderbird' or or 'yum update --advisory ALAS2-2026-3171' to update your system.

Read more at https://www.tenable.com/plugins/nessus/299539

]]> <![CDATA[Amazon Linux 2 : expat, --advisory ALAS2-2026-3170 (ALAS-2026-3170)]]> https://www.tenable.com/plugins/nessus/299537 https://www.tenable.com/plugins/nessus/299537 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299537 with High Severity

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of expat installed on the remote host is prior to 2.1.0-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3170 advisory.

 In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. (CVE-2026-25210)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update expat' or or 'yum update --advisory ALAS2-2026-3170' to update your system.

Read more at https://www.tenable.com/plugins/nessus/299537

]]> <![CDATA[Amazon Linux 2023 : python3.13-filelock (ALAS2023-2026-1411)]]> https://www.tenable.com/plugins/nessus/299516 https://www.tenable.com/plugins/nessus/299516 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299516 with Medium Severity

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1411 advisory.

 filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check- Time-of-Use (TOCTOU) race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation where filelock checks if a file exists before opening it with O_TRUNC. An attacker can create a symlink pointing to a victim file in the time gap between the check and open, causing os.open() to follow the symlink and truncate the target file. All users of filelock on Unix, Linux, macOS, and Windows systems are impacted.
 The vulnerability cascades to dependent libraries. The attack requires local filesystem access and ability to create symlinks (standard user permissions on Unix; Developer Mode on Windows 10+). Exploitation succeeds within 1-3 attempts when lock file paths are predictable. The issue is fixed in version 3.20.1.
 If immediate upgrade is not possible, use SoftFileLock instead of UnixFileLock/WindowsFileLock (note:
 different locking semantics, may not be suitable for all use cases); ensure lock file directories have restrictive permissions (chmod 0700) to prevent untrusted users from creating symlinks; and/or monitor lock file directories for suspicious symlinks before running trusted applications. These workarounds provide only partial mitigation. The race condition remains exploitable. Upgrading to version 3.20.1 is strongly recommended. (CVE-2025-68146)

 filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition between the permission validation and file creation to cause lock operations to fail or behave unexpectedly. The vulnerability occurs in the _acquire() method between raise_on_not_writable_file() (permission check) and os.open() (file creation). During this race window, an attacker can create a symlink at the lock file path, potentially causing the lock to operate on an unintended target file or leading to denial of service. This issue has been patched in version 3.20.3. (CVE-2026-22701)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update python3.13-filelock --releasever 2023.10.20260216' or or 'dnf update --advisory ALAS2023-2026-1411 --releasever 2023.10.20260216' to update your system.

Read more at https://www.tenable.com/plugins/nessus/299516

]]> <![CDATA[Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2026-1425)]]> https://www.tenable.com/plugins/nessus/299514 https://www.tenable.com/plugins/nessus/299514 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299514 with High Severity

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1425 advisory.

 In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. (CVE-2026-25210)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update expat --releasever 2023.10.20260216' or or 'dnf update --advisory ALAS2023-2026-1425 --releasever 2023.10.20260216' to update your system.

Read more at https://www.tenable.com/plugins/nessus/299514

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-24733]]> https://www.tenable.com/plugins/nessus/299445 https://www.tenable.com/plugins/nessus/299445 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299445 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a (specification invalid) HEAD request using HTTP/0.9. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0.M1 through 9.0.112. Older, EOL versions are also affected. Users are recommended to upgrade to version 11.0.15 or later, 10.1.50 or later or 9.0.113 or later, which fixes the issue.
 (CVE-2026-24733)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299445

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-23226]]> https://www.tenable.com/plugins/nessus/299441 https://www.tenable.com/plugins/nessus/299441 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299441 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ksmbd: add chann_lock to protect ksmbd_chann_list xarray ksmbd_chann_list xarray lacks synchronization, allowing use-after-free in multi-channel sessions (between lookup_chann_list() and ksmbd_chann_del). Adds rw_semaphore chann_lock to struct ksmbd_session and protects all xa_load/xa_store/xa_erase accesses.
 (CVE-2026-23226)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299441

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-66614]]> https://www.tenable.com/plugins/nessus/299434 https://www.tenable.com/plugins/nessus/299434 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299434 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL versions are not affected. Tomcat did not validate that the host name provided via the SNI extension was the same as the host name provided in the HTTP host header field. If Tomcat was configured with more than one virtual host and the TLS configuration for one of those hosts did not require client certificate authentication but another one did, it was possible for a client to bypass the client certificate authentication by sending different host names in the SNI extension and the HTTP host header field. The vulnerability only applies if client certificate authentication is only enforced at the Connector. It does not apply if client certificate authentication is enforced at the web application. Users are recommended to upgrade to version 11.0.15 or later, 10.1.50 or later or 9.0.113 or later, which fix the issue. (CVE-2025-66614)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299434

]]> <![CDATA[Apache Tomcat 10.1.0.M7 < 10.1.52]]> https://www.tenable.com/plugins/nessus/299410 https://www.tenable.com/plugins/nessus/299410 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299410 with High Severity

Synopsis

The remote Apache Tomcat server is affected by a vulnerability

Description

The version of Tomcat installed on the remote host is prior to 10.1.52. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_10.1.52_security-10 advisory.

 - Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed. This issue affects Apache Tomcat Native: from 1.3.0 through 1.3.4, from 2.0.0 through 2.0.11; Apache Tomcat:
 from 11.0.0-M1 through 11.0.17, from 10.1.0-M7 through 10.1.51, from 9.0.83 through 9.0.114. The following versions were EOL at the time the CVE was created but are known to be affected: from 1.1.23 through 1.1.34, from 1.2.0 through 1.2.39. Older EOL versions are not affected. Apache Tomcat Native users are recommended to upgrade to versions 1.3.5 or later or 2.0.12 or later, which fix the issue. Apache Tomcat users are recommended to upgrade to versions 11.0.18 or later, 10.1.52 or later or 9.0.115 or later which fix the issue. (CVE-2026-24734)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache Tomcat version 10.1.52 or later.

Read more at https://www.tenable.com/plugins/nessus/299410

]]> <![CDATA[Apache Tomcat 11.0.0.M1 < 11.0.15 multiple vulnerabilities]]> https://www.tenable.com/plugins/nessus/299403 https://www.tenable.com/plugins/nessus/299403 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299403 with Critical Severity

Synopsis

The remote Apache Tomcat server is affected by multiple vulnerabilities

Description

The version of Tomcat installed on the remote host is prior to 11.0.15. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_11.0.15_security-11 advisory.

 - Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL versions are not affected. Tomcat did not validate that the host name provided via the SNI extension was the same as the host name provided in the HTTP host header field. If Tomcat was configured with more than one virtual host and the TLS configuration for one of those hosts did not require client certificate authentication but another one did, it was possible for a client to bypass the client certificate authentication by sending different host names in the SNI extension and the HTTP host header field. The vulnerability only applies if client certificate authentication is only enforced at the Connector. It does not apply if client certificate authentication is enforced at the web application. Users are recommended to upgrade to version 11.0.15 or later, 10.1.50 or later or 9.0.113 or later, which fix the issue. (CVE-2025-66614)

 - Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a (specification invalid) HEAD request using HTTP/0.9. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0.M1 through 9.0.112. Older, EOL versions are also affected. Users are recommended to upgrade to version 11.0.15 or later, 10.1.50 or later or 9.0.113 or later, which fixes the issue.
 (CVE-2026-24733)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache Tomcat version 11.0.15 or later.

Read more at https://www.tenable.com/plugins/nessus/299403

]]> <![CDATA[Apache Tomcat 9.0.83 < 9.0.115]]> https://www.tenable.com/plugins/nessus/299402 https://www.tenable.com/plugins/nessus/299402 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299402 with High Severity

Synopsis

The remote Apache Tomcat server is affected by a vulnerability

Description

The version of Tomcat installed on the remote host is prior to 9.0.115. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_9.0.115_security-9 advisory.

 - Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed. This issue affects Apache Tomcat Native: from 1.3.0 through 1.3.4, from 2.0.0 through 2.0.11; Apache Tomcat:
 from 11.0.0-M1 through 11.0.17, from 10.1.0-M7 through 10.1.51, from 9.0.83 through 9.0.114. The following versions were EOL at the time the CVE was created but are known to be affected: from 1.1.23 through 1.1.34, from 1.2.0 through 1.2.39. Older EOL versions are not affected. Apache Tomcat Native users are recommended to upgrade to versions 1.3.5 or later or 2.0.12 or later, which fix the issue. Apache Tomcat users are recommended to upgrade to versions 11.0.18 or later, 10.1.52 or later or 9.0.115 or later which fix the issue. (CVE-2026-24734)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache Tomcat version 9.0.115 or later.

Read more at https://www.tenable.com/plugins/nessus/299402

]]> <![CDATA[Apache Tomcat 10.1.0.M1 < 10.1.50 multiple vulnerabilities]]> https://www.tenable.com/plugins/nessus/299401 https://www.tenable.com/plugins/nessus/299401 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299401 with Critical Severity

Synopsis

The remote Apache Tomcat server is affected by multiple vulnerabilities

Description

The version of Tomcat installed on the remote host is prior to 10.1.50. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_10.1.50_security-10 advisory.

 - Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL versions are not affected. Tomcat did not validate that the host name provided via the SNI extension was the same as the host name provided in the HTTP host header field. If Tomcat was configured with more than one virtual host and the TLS configuration for one of those hosts did not require client certificate authentication but another one did, it was possible for a client to bypass the client certificate authentication by sending different host names in the SNI extension and the HTTP host header field. The vulnerability only applies if client certificate authentication is only enforced at the Connector. It does not apply if client certificate authentication is enforced at the web application. Users are recommended to upgrade to version 11.0.15 or later, 10.1.50 or later or 9.0.113 or later, which fix the issue. (CVE-2025-66614)

 - Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a (specification invalid) HEAD request using HTTP/0.9. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0.M1 through 9.0.112. Older, EOL versions are also affected. Users are recommended to upgrade to version 11.0.15 or later, 10.1.50 or later or 9.0.113 or later, which fixes the issue.
 (CVE-2026-24733)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache Tomcat version 10.1.50 or later.

Read more at https://www.tenable.com/plugins/nessus/299401

]]> <![CDATA[Apache Tomcat 11.0.0.M1 < 11.0.18]]> https://www.tenable.com/plugins/nessus/299398 https://www.tenable.com/plugins/nessus/299398 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299398 with High Severity

Synopsis

The remote Apache Tomcat server is affected by a vulnerability

Description

The version of Tomcat installed on the remote host is prior to 11.0.18. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_11.0.18_security-11 advisory.

 - Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed. This issue affects Apache Tomcat Native: from 1.3.0 through 1.3.4, from 2.0.0 through 2.0.11; Apache Tomcat:
 from 11.0.0-M1 through 11.0.17, from 10.1.0-M7 through 10.1.51, from 9.0.83 through 9.0.114. The following versions were EOL at the time the CVE was created but are known to be affected: from 1.1.23 through 1.1.34, from 1.2.0 through 1.2.39. Older EOL versions are not affected. Apache Tomcat Native users are recommended to upgrade to versions 1.3.5 or later or 2.0.12 or later, which fix the issue. Apache Tomcat users are recommended to upgrade to versions 11.0.18 or later, 10.1.52 or later or 9.0.115 or later which fix the issue. (CVE-2026-24734)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache Tomcat version 11.0.18 or later.

Read more at https://www.tenable.com/plugins/nessus/299398

]]> <![CDATA[Apache Tomcat 9.0.0.M1 < 9.0.113 multiple vulnerabilities]]> https://www.tenable.com/plugins/nessus/299397 https://www.tenable.com/plugins/nessus/299397 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299397 with Critical Severity

Synopsis

The remote Apache Tomcat server is affected by multiple vulnerabilities

Description

The version of Tomcat installed on the remote host is prior to 9.0.113. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_9.0.113_security-9 advisory.

 - Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL versions are not affected. Tomcat did not validate that the host name provided via the SNI extension was the same as the host name provided in the HTTP host header field. If Tomcat was configured with more than one virtual host and the TLS configuration for one of those hosts did not require client certificate authentication but another one did, it was possible for a client to bypass the client certificate authentication by sending different host names in the SNI extension and the HTTP host header field. The vulnerability only applies if client certificate authentication is only enforced at the Connector. It does not apply if client certificate authentication is enforced at the web application. Users are recommended to upgrade to version 11.0.15 or later, 10.1.50 or later or 9.0.113 or later, which fix the issue. (CVE-2025-66614)

 - Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a (specification invalid) HEAD request using HTTP/0.9. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0.M1 through 9.0.112. Older, EOL versions are also affected. Users are recommended to upgrade to version 11.0.15 or later, 10.1.50 or later or 9.0.113 or later, which fixes the issue.
 (CVE-2026-24733)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache Tomcat version 9.0.113 or later.

Read more at https://www.tenable.com/plugins/nessus/299397

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-24734]]> https://www.tenable.com/plugins/nessus/299376 https://www.tenable.com/plugins/nessus/299376 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299376 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed. This issue affects Apache Tomcat Native: from 1.3.0 through 1.3.4, from 2.0.0 through 2.0.11; Apache Tomcat:
 from 11.0.0-M1 through 11.0.17, from 10.1.0-M7 through 10.1.51, from 9.0.83 through 9.0.114. The following versions were EOL at the time the CVE was created but are known to be affected: from 1.1.23 through 1.1.34, from 1.2.0 through 1.2.39. Older EOL versions are not affected. Apache Tomcat Native users are recommended to upgrade to versions 1.3.5 or later or 2.0.12 or later, which fix the issue. Apache Tomcat users are recommended to upgrade to versions 11.0.18 or later, 10.1.52 or later or 9.0.115 or later which fix the issue. (CVE-2026-24734)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299376

]]> <![CDATA[openSUSE 15 Security Update : libxml2 (SUSE-SU-2026:0568-1)]]> https://www.tenable.com/plugins/nessus/299355 https://www.tenable.com/plugins/nessus/299355 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299355 with Medium Severity

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0568-1 advisory.

 - CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI`. (bsc#1256807, bsc#1256811)
 - CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to exponential behavior. (bsc#1256809, bsc#1256812)
 - CVE-2026-1757: Fixed a memory leak in the `xmllint` interactive shell. (bsc#1257594, bsc#1257595)
 - CVE-2025-10911: Fixed a use-after-free with key data stored cross-RVT. (bsc#1250553)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected python3-libxml2-python package.

Read more at https://www.tenable.com/plugins/nessus/299355

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2447]]> https://www.tenable.com/plugins/nessus/299233 https://www.tenable.com/plugins/nessus/299233 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299233 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2. (CVE-2026-2447)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299233

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-26076]]> https://www.tenable.com/plugins/nessus/299023 https://www.tenable.com/plugins/nessus/299023 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299023 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ntpd-rs is a full-featured implementation of the Network Time Protocol. Prior to 1.7.1, an attacker can remotely induce moderate increases (2-4 times above normal) in cpu usage. When having NTS enabled on an ntpd-rs server, an attacker can create malformed NTS packets that take significantly more effort for the server to respond to by requesting a large number of cookies. This can lead to degraded server performance even when a server could otherwise handle the load. This vulnerability is fixed in 1.7.1. (CVE-2026-26076)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299023

]]> <![CDATA[RockyLinux 9 : keylime (RLSA-2026:2224)]]> https://www.tenable.com/plugins/nessus/299001 https://www.tenable.com/plugins/nessus/299001 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 299001 with Critical Severity

Synopsis

The remote RockyLinux host is missing a security update.

Description

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:2224 advisory.

 * keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/299001

]]> <![CDATA[FreeBSD : expat -- multiple vulnerabilities (027c6c07-065b-11f1-baae-589cfc023192)]]> https://www.tenable.com/plugins/nessus/298957 https://www.tenable.com/plugins/nessus/298957 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298957 with High Severity

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 027c6c07-065b-11f1-baae-589cfc023192 advisory.

 expat team reports:
 Update contains 2 security fixes:

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/298957

]]> <![CDATA[AlmaLinux 9 : keylime (ALSA-2026:2224)]]> https://www.tenable.com/plugins/nessus/298849 https://www.tenable.com/plugins/nessus/298849 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298849 with Critical Severity

Synopsis

The remote AlmaLinux host is missing a security update.

Description

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2224 advisory.

 * keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/298849

]]> <![CDATA[Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : xmltok library vulnerabilities (USN-8023-1)]]> https://www.tenable.com/plugins/nessus/298808 https://www.tenable.com/plugins/nessus/298808 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298808 with High Severity

Synopsis

The remote Ubuntu host is missing one or more security updates.

Description

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8023-1 advisory.

 It was discovered that Expat, contained within the xmltok library, incorrectly handled the initialization of parsers for external entities. An attacker could possibly use this issue to cause a denial of service.
 (CVE-2026-24515)

 It was discovered that Expat, contained within the xmltok library, incorrectly handled integer calculations when allocating memory for XML tags. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-25210)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected libxmltok1, libxmltok1-dev and / or libxmltok1t64 packages.

Read more at https://www.tenable.com/plugins/nessus/298808

]]> <![CDATA[Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 25.10 : Expat vulnerabilities (USN-8022-1)]]> https://www.tenable.com/plugins/nessus/298805 https://www.tenable.com/plugins/nessus/298805 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298805 with High Severity

Synopsis

The remote Ubuntu host is missing one or more security updates.

Description

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8022-1 advisory.

 It was discovered that Expat incorrectly handled memory when parsing certain XML files. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 25.10.
 (CVE-2025-59375)

 It was discovered that Expat incorrectly handled the initialization of parsers for external entities. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-24515)

 It was discovered that Expat incorrectly handled integer calculations when allocating memory for XML tags.
 An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
 (CVE-2026-25210)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/298805

]]> <![CDATA[MiracleLinux 9 : keylime-7.12.1-11.el9_7.4 (AXSA:2026-165:01)]]> https://www.tenable.com/plugins/nessus/298753 https://www.tenable.com/plugins/nessus/298753 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298753 with Critical Severity

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-165:01 advisory.

 * keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/298753

]]> <![CDATA[Debian dla-4476 : linux-config-6.1 - security update]]> https://www.tenable.com/plugins/nessus/298659 https://www.tenable.com/plugins/nessus/298659 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298659 with High Severity

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4476 advisory.

 ------------------------------------------------------------------------- Debian LTS Advisory DLA-4476-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Ben Hutchings February 10, 2026 https://wiki.debian.org/LTS
 -------------------------------------------------------------------------

 Package : linux-6.1 Version : 6.1.162-1~deb11u1 CVE ID : CVE-2023-52658 CVE-2023-53421 CVE-2023-54285 CVE-2024-42079 CVE-2024-46786 CVE-2024-49968 CVE-2025-21946 CVE-2025-22022 CVE-2025-22083 CVE-2025-22090 CVE-2025-22107 CVE-2025-22111 CVE-2025-22121 CVE-2025-37926 CVE-2025-38022 CVE-2025-38104 CVE-2025-38125 CVE-2025-38129 CVE-2025-38232 CVE-2025-38361 CVE-2025-38408 CVE-2025-38591 CVE-2025-38718 CVE-2025-39721 CVE-2025-39871 CVE-2025-40039 CVE-2025-40110 CVE-2025-40149 CVE-2025-40164 CVE-2025-40215 CVE-2025-68211 CVE-2025-68223 CVE-2025-68254 CVE-2025-68255 CVE-2025-68256 CVE-2025-68257 CVE-2025-68258 CVE-2025-68259 CVE-2025-68261 CVE-2025-68263 CVE-2025-68264 CVE-2025-68266 CVE-2025-68291 CVE-2025-68325 CVE-2025-68332 CVE-2025-68335 CVE-2025-68336 CVE-2025-68337 CVE-2025-68340 CVE-2025-68344 CVE-2025-68345 CVE-2025-68346 CVE-2025-68347 CVE-2025-68349 CVE-2025-68354 CVE-2025-68362 CVE-2025-68363 CVE-2025-68364 CVE-2025-68365 CVE-2025-68366 CVE-2025-68367 CVE-2025-68369 CVE-2025-68371 CVE-2025-68372 CVE-2025-68380 CVE-2025-68724 CVE-2025-68725 CVE-2025-68727 CVE-2025-68728 CVE-2025-68732 CVE-2025-68733 CVE-2025-68740 CVE-2025-68742 CVE-2025-68746 CVE-2025-68753 CVE-2025-68757 CVE-2025-68758 CVE-2025-68759 CVE-2025-68764 CVE-2025-68765 CVE-2025-68766 CVE-2025-68767 CVE-2025-68769 CVE-2025-68771 CVE-2025-68772 CVE-2025-68773 CVE-2025-68774 CVE-2025-68776 CVE-2025-68777 CVE-2025-68778 CVE-2025-68780 CVE-2025-68781 CVE-2025-68782 CVE-2025-68783 CVE-2025-68785 CVE-2025-68786 CVE-2025-68787 CVE-2025-68788 CVE-2025-68795 CVE-2025-68796 CVE-2025-68797 CVE-2025-68798 CVE-2025-68799 CVE-2025-68800 CVE-2025-68801 CVE-2025-68803 CVE-2025-68804 CVE-2025-68806 CVE-2025-68808 CVE-2025-68813 CVE-2025-68814 CVE-2025-68815 CVE-2025-68816 CVE-2025-68817 CVE-2025-68818 CVE-2025-68819 CVE-2025-68820 CVE-2025-68821 CVE-2025-71064 CVE-2025-71066 CVE-2025-71069 CVE-2025-71071 CVE-2025-71075 CVE-2025-71077 CVE-2025-71078 CVE-2025-71079 CVE-2025-71081 CVE-2025-71082 CVE-2025-71083 CVE-2025-71084 CVE-2025-71085 CVE-2025-71086 CVE-2025-71087 CVE-2025-71088 CVE-2025-71091 CVE-2025-71093 CVE-2025-71094 CVE-2025-71095 CVE-2025-71096 CVE-2025-71097 CVE-2025-71098 CVE-2025-71102 CVE-2025-71104 CVE-2025-71105 CVE-2025-71108 CVE-2025-71111 CVE-2025-71112 CVE-2025-71113 CVE-2025-71114 CVE-2025-71116 CVE-2025-71118 CVE-2025-71119 CVE-2025-71120 CVE-2025-71121 CVE-2025-71123 CVE-2025-71125 CVE-2025-71126 CVE-2025-71127 CVE-2025-71130 CVE-2025-71131 CVE-2025-71132 CVE-2025-71133 CVE-2025-71136 CVE-2025-71137 CVE-2025-71147 CVE-2025-71149 CVE-2025-71150 CVE-2025-71154 CVE-2025-71162 CVE-2025-71163 CVE-2025-71180 CVE-2025-71182 CVE-2025-71183 CVE-2025-71185 CVE-2025-71186 CVE-2025-71189 CVE-2025-71190 CVE-2025-71191 CVE-2025-71192 CVE-2025-71194 CVE-2025-71196 CVE-2025-71197 CVE-2025-71199 CVE-2026-22976 CVE-2026-22977 CVE-2026-22978 CVE-2026-22979 CVE-2026-22980 CVE-2026-22982 CVE-2026-22984 CVE-2026-22990 CVE-2026-22991 CVE-2026-22992 CVE-2026-22994 CVE-2026-22997 CVE-2026-22998 CVE-2026-22999 CVE-2026-23001 CVE-2026-23003 CVE-2026-23005 CVE-2026-23006 CVE-2026-23010 CVE-2026-23011 CVE-2026-23019 CVE-2026-23020 CVE-2026-23021 CVE-2026-23025 CVE-2026-23026 CVE-2026-23030 CVE-2026-23031 CVE-2026-23033 CVE-2026-23037 CVE-2026-23038 CVE-2026-23047 CVE-2026-23049 CVE-2026-23054 CVE-2026-23056 CVE-2026-23058 CVE-2026-23060 CVE-2026-23061 CVE-2026-23063 CVE-2026-23064 CVE-2026-23068 CVE-2026-23069 CVE-2026-23071 CVE-2026-23073 CVE-2026-23074 CVE-2026-23075 CVE-2026-23076 CVE-2026-23078 CVE-2026-23080 CVE-2026-23083 CVE-2026-23084 CVE-2026-23085 CVE-2026-23086 CVE-2026-23087 CVE-2026-23089 CVE-2026-23090 CVE-2026-23091 CVE-2026-23093 CVE-2026-23095 CVE-2026-23096 CVE-2026-23097 CVE-2026-23098 CVE-2026-23099 CVE-2026-23101 CVE-2026-23102 CVE-2026-23103 CVE-2026-23105 CVE-2026-23107 CVE-2026-23108 CVE-2026-23110 Debian Bug : 1121535 1122193

 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

 For Debian 11 bullseye, these problems have been fixed in version 6.1.162-1~deb11u1. This update also fixes several bugs reported to Debian. It additionally includes many more bug fixes from stable updates 6.1.160-6.1.162 inclusive.

 We recommend that you upgrade your linux-6.1 packages.

 For the detailed security status of linux-6.1 please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/linux-6.1

 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Attachment:
 signature.asc Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the linux-config-6.1 packages.

Read more at https://www.tenable.com/plugins/nessus/298659

]]> <![CDATA[FreeBSD : FreeBSD -- blocklistd(8) socket leak (8d8012e5-0705-11f1-8148-bc241121aa0a)]]> https://www.tenable.com/plugins/nessus/298643 https://www.tenable.com/plugins/nessus/298643 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298643 with High Severity

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8d8012e5-0705-11f1-8148-bc241121aa0a advisory.

 Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives.
 Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes before it is able to exec the helper. At this point, blocklistd still records adverse events but is unable to block new addresses or unblock addresses whose database entries have expired.
 Once a second, much higher number of leaked sockets is reached, blocklistd becomes unable to receive new adverse event reports.
 An attacker may take advantage of this by triggering a large number of adverse events from sacrificial IP addresses to effectively disable blocklistd before launching an attack.
 Even in the absence of attacks or probes by would-be attackers, adverse events will occur regularly in the course of normal operations, and blocklistd will gradually run out file descriptors and become ineffective.
 The accumulation of open sockets may have knock-on effects on other parts of the system, resulting in a general slowdown until blocklistd is restarted.

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/298643

]]> <![CDATA[RockyLinux 10 : keylime (RLSA-2026:2225)]]> https://www.tenable.com/plugins/nessus/298617 https://www.tenable.com/plugins/nessus/298617 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298617 with Critical Severity

Synopsis

The remote RockyLinux host is missing a security update.

Description

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:2225 advisory.

 * keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/298617

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-26007]]> https://www.tenable.com/plugins/nessus/298585 https://www.tenable.com/plugins/nessus/298585 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298585 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers.
 Prior to 46.0.5, the public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_key() functions do not verify that the point belongs to the expected prime-order subgroup of the curve. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor > 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it's easy to forge signatures on the small subgroup. Only SECT curves are impacted by this. This vulnerability is fixed in 46.0.5. (CVE-2026-26007)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/298585

]]> <![CDATA[AlmaLinux 10 : keylime (ALSA-2026:2225)]]> https://www.tenable.com/plugins/nessus/298469 https://www.tenable.com/plugins/nessus/298469 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298469 with Critical Severity

Synopsis

The remote AlmaLinux host is missing a security update.

Description

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2225 advisory.

 * keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/298469

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-25646]]> https://www.tenable.com/plugins/nessus/298457 https://www.tenable.com/plugins/nessus/298457 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298457 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to enter into an infinite loop that reads past the end of an internal heap-allocated buffer.
 The images that trigger this vulnerability are valid per the PNG specification. This vulnerability is fixed in 1.6.55. (CVE-2026-25646)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/298457

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-25934]]> https://www.tenable.com/plugins/nessus/298456 https://www.tenable.com/plugins/nessus/298456 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298456 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - go-git is a highly extensible git implementation library written in pure Go. Prior to 5.16.5, a vulnerability was discovered in go-git whereby data integrity values for .pack and .idx files were not properly verified. This resulted in go-git potentially consuming corrupted files, which would likely result in unexpected errors such as object not found. For context, clients fetch packfiles from upstream Git servers. Those files contain a checksum of their contents, so that clients can perform integrity checks before consuming it. The pack indexes (.idx) are generated locally by go-git, or the git cli, when new .pack files are received and processed. The integrity checks for both files were not being verified correctly. This vulnerability is fixed in 5.16.5. (CVE-2026-25934)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/298456

]]> <![CDATA[Oracle Linux 10 : keylime (ELSA-2026-2225)]]> https://www.tenable.com/plugins/nessus/298411 https://www.tenable.com/plugins/nessus/298411 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298411 with Critical Severity

Synopsis

The remote Oracle Linux host is missing a security update.

Description

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2225 advisory.

 - CVE-2026-1709: Registrar authentication bypass

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/298411

]]> <![CDATA[Oracle Linux 9 : keylime (ELSA-2026-2224)]]> https://www.tenable.com/plugins/nessus/298410 https://www.tenable.com/plugins/nessus/298410 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298410 with Critical Severity

Synopsis

The remote Oracle Linux host is missing a security update.

Description

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2224 advisory.

 [7.12.1-11.4]
 - CVE-2026-1709: Registrar authentication bypass Resolves: RHEL-145390

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/298410

]]> <![CDATA[Debian dsa-6127 : affs-modules-6.1.0-37-4kc-malta-di - security update]]> https://www.tenable.com/plugins/nessus/298404 https://www.tenable.com/plugins/nessus/298404 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298404 with High Severity

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6127 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6127-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 09, 2026 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : linux CVE ID : CVE-2023-52658 CVE-2023-53421 CVE-2023-54285 CVE-2024-42079 CVE-2024-46786 CVE-2024-49968 CVE-2025-21946 CVE-2025-22022 CVE-2025-22083 CVE-2025-22090 CVE-2025-22107 CVE-2025-22111 CVE-2025-22121 CVE-2025-37926 CVE-2025-38022 CVE-2025-38104 CVE-2025-38125 CVE-2025-38129 CVE-2025-38232 CVE-2025-38361 CVE-2025-38408 CVE-2025-38591 CVE-2025-38718 CVE-2025-39721 CVE-2025-39871 CVE-2025-40039 CVE-2025-40110 CVE-2025-40149 CVE-2025-40164 CVE-2025-40215 CVE-2025-68211 CVE-2025-68223 CVE-2025-68254 CVE-2025-68255 CVE-2025-68256 CVE-2025-68257 CVE-2025-68258 CVE-2025-68259 CVE-2025-68261 CVE-2025-68263 CVE-2025-68264 CVE-2025-68266 CVE-2025-68291 CVE-2025-68325 CVE-2025-68332 CVE-2025-68335 CVE-2025-68336 CVE-2025-68337 CVE-2025-68340 CVE-2025-68344 CVE-2025-68345 CVE-2025-68346 CVE-2025-68347 CVE-2025-68349 CVE-2025-68354 CVE-2025-68362 CVE-2025-68363 CVE-2025-68364 CVE-2025-68365 CVE-2025-68366 CVE-2025-68367 CVE-2025-68369 CVE-2025-68371 CVE-2025-68372 CVE-2025-68380 CVE-2025-68724 CVE-2025-68725 CVE-2025-68727 CVE-2025-68728 CVE-2025-68732 CVE-2025-68733 CVE-2025-68740 CVE-2025-68742 CVE-2025-68746 CVE-2025-68753 CVE-2025-68757 CVE-2025-68758 CVE-2025-68759 CVE-2025-68764 CVE-2025-68765 CVE-2025-68766 CVE-2025-68767 CVE-2025-68769 CVE-2025-68771 CVE-2025-68772 CVE-2025-68773 CVE-2025-68774 CVE-2025-68776 CVE-2025-68777 CVE-2025-68778 CVE-2025-68780 CVE-2025-68781 CVE-2025-68782 CVE-2025-68783 CVE-2025-68785 CVE-2025-68786 CVE-2025-68787 CVE-2025-68788 CVE-2025-68789 CVE-2025-68795 CVE-2025-68796 CVE-2025-68797 CVE-2025-68798 CVE-2025-68799 CVE-2025-68800 CVE-2025-68801 CVE-2025-68803 CVE-2025-68804 CVE-2025-68806 CVE-2025-68808 CVE-2025-68813 CVE-2025-68814 CVE-2025-68815 CVE-2025-68816 CVE-2025-68817 CVE-2025-68818 CVE-2025-68819 CVE-2025-68820 CVE-2025-68821 CVE-2025-71064 CVE-2025-71066 CVE-2025-71069 CVE-2025-71071 CVE-2025-71075 CVE-2025-71077 CVE-2025-71078 CVE-2025-71079 CVE-2025-71081 CVE-2025-71082 CVE-2025-71083 CVE-2025-71084 CVE-2025-71085 CVE-2025-71086 CVE-2025-71087 CVE-2025-71088 CVE-2025-71091 CVE-2025-71093 CVE-2025-71094 CVE-2025-71095 CVE-2025-71096 CVE-2025-71097 CVE-2025-71098 CVE-2025-71102 CVE-2025-71104 CVE-2025-71105 CVE-2025-71108 CVE-2025-71111 CVE-2025-71112 CVE-2025-71113 CVE-2025-71114 CVE-2025-71116 CVE-2025-71118 CVE-2025-71119 CVE-2025-71120 CVE-2025-71121 CVE-2025-71123 CVE-2025-71125 CVE-2025-71126 CVE-2025-71127 CVE-2025-71130 CVE-2025-71131 CVE-2025-71132 CVE-2025-71133 CVE-2025-71136 CVE-2025-71137 CVE-2025-71147 CVE-2025-71149 CVE-2025-71150 CVE-2025-71154 CVE-2025-71162 CVE-2025-71163 CVE-2025-71180 CVE-2025-71182 CVE-2025-71183 CVE-2025-71185 CVE-2025-71186 CVE-2025-71189 CVE-2025-71190 CVE-2025-71191 CVE-2025-71192 CVE-2025-71194 CVE-2025-71196 CVE-2025-71197 CVE-2025-71199 CVE-2026-22976 CVE-2026-22977 CVE-2026-22978 CVE-2026-22979 CVE-2026-22980 CVE-2026-22982 CVE-2026-22984 CVE-2026-22990 CVE-2026-22991 CVE-2026-22992 CVE-2026-22994 CVE-2026-22997 CVE-2026-22998 CVE-2026-22999 CVE-2026-23001 CVE-2026-23003 CVE-2026-23005 CVE-2026-23006 CVE-2026-23010 CVE-2026-23011 CVE-2026-23019 CVE-2026-23020 CVE-2026-23021 CVE-2026-23025 CVE-2026-23026 CVE-2026-23030 CVE-2026-23031 CVE-2026-23033 CVE-2026-23037 CVE-2026-23038 CVE-2026-23047 CVE-2026-23049 CVE-2026-23054 CVE-2026-23056 CVE-2026-23058 CVE-2026-23060 CVE-2026-23061 CVE-2026-23063 CVE-2026-23064 CVE-2026-23068 CVE-2026-23069 CVE-2026-23071 CVE-2026-23073 CVE-2026-23074 CVE-2026-23075 CVE-2026-23076 CVE-2026-23078 CVE-2026-23080 CVE-2026-23083 CVE-2026-23084 CVE-2026-23085 CVE-2026-23086 CVE-2026-23087 CVE-2026-23089 CVE-2026-23090 CVE-2026-23091 CVE-2026-23093 CVE-2026-23095 CVE-2026-23096 CVE-2026-23097 CVE-2026-23098 CVE-2026-23099 CVE-2026-23101 CVE-2026-23102 CVE-2026-23103 CVE-2026-23105 CVE-2026-23107 CVE-2026-23108 CVE-2026-23110

 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

 For the oldstable distribution (bookworm), these problems have been fixed in version 6.1.162-1.

 We recommend that you upgrade your linux packages.

 For the detailed security status of linux please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/linux

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the affs-modules-6.1.0-37-4kc-malta-di packages.

Read more at https://www.tenable.com/plugins/nessus/298404

]]> <![CDATA[Debian dsa-6126 : ata-modules-6.12.31-armmp-di - security update]]> https://www.tenable.com/plugins/nessus/298403 https://www.tenable.com/plugins/nessus/298403 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298403 with High Severity

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6126 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6126-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 09, 2026 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : linux CVE ID : CVE-2024-58096 CVE-2024-58097 CVE-2025-22111 CVE-2025-38234 CVE-2025-38248 CVE-2025-38591 CVE-2025-39872 CVE-2025-40149 CVE-2025-40164 CVE-2025-40170 CVE-2025-40276 CVE-2025-40325 CVE-2025-68206 CVE-2025-68333 CVE-2025-68345 CVE-2025-68351 CVE-2025-68357 CVE-2025-68358 CVE-2025-68365 CVE-2025-68725 CVE-2025-68749 CVE-2025-68767 CVE-2025-68769 CVE-2025-68770 CVE-2025-68771 CVE-2025-68772 CVE-2025-68773 CVE-2025-68774 CVE-2025-68775 CVE-2025-68776 CVE-2025-68777 CVE-2025-68778 CVE-2025-68780 CVE-2025-68781 CVE-2025-68782 CVE-2025-68783 CVE-2025-68784 CVE-2025-68785 CVE-2025-68786 CVE-2025-68787 CVE-2025-68788 CVE-2025-68789 CVE-2025-68792 CVE-2025-68794 CVE-2025-68795 CVE-2025-68796 CVE-2025-68797 CVE-2025-68798 CVE-2025-68799 CVE-2025-68800 CVE-2025-68801 CVE-2025-68802 CVE-2025-68803 CVE-2025-68804 CVE-2025-68806 CVE-2025-68808 CVE-2025-68809 CVE-2025-68810 CVE-2025-68811 CVE-2025-68813 CVE-2025-68814 CVE-2025-68815 CVE-2025-68816 CVE-2025-68817 CVE-2025-68818 CVE-2025-68819 CVE-2025-68820 CVE-2025-68821 CVE-2025-68822 CVE-2025-71064 CVE-2025-71065 CVE-2025-71066 CVE-2025-71067 CVE-2025-71068 CVE-2025-71069 CVE-2025-71071 CVE-2025-71072 CVE-2025-71073 CVE-2025-71075 CVE-2025-71076 CVE-2025-71077 CVE-2025-71078 CVE-2025-71079 CVE-2025-71080 CVE-2025-71081 CVE-2025-71082 CVE-2025-71083 CVE-2025-71084 CVE-2025-71085 CVE-2025-71086 CVE-2025-71087 CVE-2025-71088 CVE-2025-71089 CVE-2025-71091 CVE-2025-71093 CVE-2025-71094 CVE-2025-71095 CVE-2025-71096 CVE-2025-71097 CVE-2025-71098 CVE-2025-71099 CVE-2025-71100 CVE-2025-71101 CVE-2025-71102 CVE-2025-71104 CVE-2025-71105 CVE-2025-71107 CVE-2025-71108 CVE-2025-71109 CVE-2025-71111 CVE-2025-71112 CVE-2025-71113 CVE-2025-71114 CVE-2025-71116 CVE-2025-71118 CVE-2025-71119 CVE-2025-71120 CVE-2025-71121 CVE-2025-71122 CVE-2025-71123 CVE-2025-71125 CVE-2025-71126 CVE-2025-71127 CVE-2025-71129 CVE-2025-71130 CVE-2025-71131 CVE-2025-71132 CVE-2025-71133 CVE-2025-71134 CVE-2025-71135 CVE-2025-71136 CVE-2025-71137 CVE-2025-71138 CVE-2025-71140 CVE-2025-71143 CVE-2025-71144 CVE-2025-71146 CVE-2025-71147 CVE-2025-71148 CVE-2025-71149 CVE-2025-71150 CVE-2025-71151 CVE-2025-71153 CVE-2025-71154 CVE-2025-71156 CVE-2025-71157 CVE-2025-71160 CVE-2025-71162 CVE-2025-71163 CVE-2025-71180 CVE-2025-71182 CVE-2025-71183 CVE-2025-71184 CVE-2025-71185 CVE-2025-71186 CVE-2025-71189 CVE-2025-71190 CVE-2025-71191 CVE-2025-71192 CVE-2025-71193 CVE-2025-71194 CVE-2025-71195 CVE-2025-71196 CVE-2025-71197 CVE-2025-71198 CVE-2025-71199 CVE-2026-22976 CVE-2026-22977 CVE-2026-22978 CVE-2026-22979 CVE-2026-22980 CVE-2026-22982 CVE-2026-22984 CVE-2026-22989 CVE-2026-22990 CVE-2026-22991 CVE-2026-22992 CVE-2026-22994 CVE-2026-22996 CVE-2026-22997 CVE-2026-22998 CVE-2026-22999 CVE-2026-23000 CVE-2026-23001 CVE-2026-23002 CVE-2026-23003 CVE-2026-23005 CVE-2026-23006 CVE-2026-23010 CVE-2026-23011 CVE-2026-23013 CVE-2026-23019 CVE-2026-23020 CVE-2026-23021 CVE-2026-23023 CVE-2026-23025 CVE-2026-23026 CVE-2026-23030 CVE-2026-23031 CVE-2026-23032 CVE-2026-23033 CVE-2026-23035 CVE-2026-23037 CVE-2026-23038 CVE-2026-23047 CVE-2026-23049 CVE-2026-23050 CVE-2026-23053 CVE-2026-23054 CVE-2026-23055 CVE-2026-23056 CVE-2026-23057 CVE-2026-23058 CVE-2026-23059 CVE-2026-23060 CVE-2026-23061 CVE-2026-23062 CVE-2026-23063 CVE-2026-23064 CVE-2026-23065 CVE-2026-23068 CVE-2026-23069 CVE-2026-23071 CVE-2026-23072 CVE-2026-23073 CVE-2026-23074 CVE-2026-23075 CVE-2026-23076 CVE-2026-23078 CVE-2026-23080 CVE-2026-23083 CVE-2026-23084 CVE-2026-23085 CVE-2026-23086 CVE-2026-23087 CVE-2026-23088 CVE-2026-23089 CVE-2026-23090 CVE-2026-23091 CVE-2026-23093 CVE-2026-23094 CVE-2026-23095 CVE-2026-23096 CVE-2026-23097 CVE-2026-23098 CVE-2026-23099 CVE-2026-23101 CVE-2026-23103 CVE-2026-23105 CVE-2026-23107 CVE-2026-23108 CVE-2026-23110

 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

 For the stable distribution (trixie), these problems have been fixed in version 6.12.69-1.

 We recommend that you upgrade your linux packages.

 For the detailed security status of linux please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/linux

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the ata-modules-6.12.31-armmp-di packages.

Read more at https://www.tenable.com/plugins/nessus/298403

]]> <![CDATA[RHEL 10 : keylime (RHSA-2026:2298)]]> https://www.tenable.com/plugins/nessus/298378 https://www.tenable.com/plugins/nessus/298378 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298378 with Critical Severity

Synopsis

The remote Red Hat host is missing a security update for keylime.

Description

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2298 advisory.

 Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.

 Security Fix(es):

 * keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL keylime package based on the guidance in RHSA-2026:2298.

Read more at https://www.tenable.com/plugins/nessus/298378

]]> <![CDATA[RHEL 9 : keylime (RHSA-2026:2224)]]> https://www.tenable.com/plugins/nessus/298376 https://www.tenable.com/plugins/nessus/298376 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298376 with Critical Severity

Synopsis

The remote Red Hat host is missing a security update for keylime.

Description

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2224 advisory.

 Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.

 Security Fix(es):

 * keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL keylime package based on the guidance in RHSA-2026:2224.

Read more at https://www.tenable.com/plugins/nessus/298376

]]> <![CDATA[RHEL 10 : keylime (RHSA-2026:2225)]]> https://www.tenable.com/plugins/nessus/298371 https://www.tenable.com/plugins/nessus/298371 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298371 with Critical Severity

Synopsis

The remote Red Hat host is missing a security update for keylime.

Description

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2225 advisory.

 Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.

 Security Fix(es):

 * keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL keylime package based on the guidance in RHSA-2026:2225.

Read more at https://www.tenable.com/plugins/nessus/298371

]]> <![CDATA[Photon OS 5.0: Expat PHSA-2026-5.0-0756]]> https://www.tenable.com/plugins/nessus/298353 https://www.tenable.com/plugins/nessus/298353 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298353 with High Severity

Synopsis

The remote PhotonOS host is missing multiple security updates.

Description

An update of the expat package has been released.

Solution

Update the affected Linux packages.

Read more at https://www.tenable.com/plugins/nessus/298353

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-58190]]> https://www.tenable.com/plugins/nessus/298280 https://www.tenable.com/plugins/nessus/298280 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298280 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
 (CVE-2025-58190)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/298280

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-47911]]> https://www.tenable.com/plugins/nessus/298274 https://www.tenable.com/plugins/nessus/298274 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 298274 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
 (CVE-2025-47911)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/298274

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-21933]]> https://www.tenable.com/plugins/nessus/297695 https://www.tenable.com/plugins/nessus/297695 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 297695 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9;
 Oracle GraalVM Enterprise Edition: 21.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. (CVE-2026-21933)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/297695

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54024]]> https://www.tenable.com/plugins/nessus/279968 https://www.tenable.com/plugins/nessus/279968 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279968 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - KVM: Destroy target device if coalesced MMIO unregistration fails Destroy and free the target coalesced MMIO device if unregistering said device fails. As clearly noted in the code, kvm_io_bus_unregister_dev() does not destroy the target device. BUG: memory leak unreferenced object 0xffff888112a54880 (size 64):
 comm syz-executor.2, pid 5258, jiffies 4297861402 (age 14.129s) hex dump (first 32 bytes): 38 c7 67 15 00 c9 ff ff 38 c7 67 15 00 c9 ff ff 8.g.....8.g..... e0 c7 e1 83 ff ff ff ff 00 30 67 15 00 c9 ff ff .........0g..... backtrace: [<0000000006995a8a>] kmalloc include/linux/slab.h:556 [inline] [<0000000006995a8a>] kzalloc include/linux/slab.h:690 [inline] [<0000000006995a8a>] kvm_vm_ioctl_register_coalesced_mmio+0x8e/0x3d0 arch/x86/kvm/../../../virt/kvm/coalesced_mmio.c:150 [<00000000022550c2>] kvm_vm_ioctl+0x47d/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3323 [<000000008a75102f>] vfs_ioctl fs/ioctl.c:46 [inline] [<000000008a75102f>] file_ioctl fs/ioctl.c:509 [inline] [<000000008a75102f>] do_vfs_ioctl+0xbab/0x1160 fs/ioctl.c:696 [<0000000080e3f669>] ksys_ioctl+0x76/0xa0 fs/ioctl.c:713 [<0000000059ef4888>] __do_sys_ioctl fs/ioctl.c:720 [inline] [<0000000059ef4888>] __se_sys_ioctl fs/ioctl.c:718 [inline] [<0000000059ef4888>] __x64_sys_ioctl+0x6f/0xb0 fs/ioctl.c:718 [<000000006444fa05>] do_syscall_64+0x9f/0x4e0 arch/x86/entry/common.c:290 [<000000009a4ed50b>] entry_SYSCALL_64_after_hwframe+0x49/0xbe BUG: leak checking failed (CVE-2023-54024)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279968

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54119]]> https://www.tenable.com/plugins/nessus/279898 https://www.tenable.com/plugins/nessus/279898 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279898 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - inotify: Avoid reporting event with invalid wd When inotify_freeing_mark() races with inotify_handle_inode_event() it can happen that inotify_handle_inode_event() sees that i_mark->wd got already reset to -1 and reports this value to userspace which can confuse the inotify listener. Avoid the problem by validating that wd is sensible (and pretend the mark got removed before the event got generated otherwise). (CVE-2023-54119)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279898

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2022-50781]]> https://www.tenable.com/plugins/nessus/279895 https://www.tenable.com/plugins/nessus/279895 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279895 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the input_index variable is capped at 2 but not checked for negative values so it results in an out of bounds read. This value comes from the user via sysfs. (CVE-2022-50781)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279895

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54069]]> https://www.tenable.com/plugins/nessus/279890 https://www.tenable.com/plugins/nessus/279890 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279890 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end position of ext4_free_extent, this position may be exactly where ext4_lblk_t (i.e. uint) overflows. For example, if ac_g_ex.fe_logical is 4294965248 and ac_orig_goal_len is 2048, then the computed end is 0x100000000, which is 0. If ac->ac_o_ex.fe_logical is not the first case of adjusting the best extent, that is, new_bex_end > 0, the following BUG_ON will be triggered: ========================================================= kernel BUG at fs/ext4/mballoc.c:5116! invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 673 Comm:
 xfs_io Tainted: G E 6.5.0-rc1+ #279 RIP: 0010:ext4_mb_new_inode_pa+0xc5/0x430 Call Trace: ext4_mb_use_best_found+0x203/0x2f0 ext4_mb_try_best_found+0x163/0x240 ext4_mb_regular_allocator+0x158/0x1550 ext4_mb_new_blocks+0x86a/0xe10 ext4_ext_map_blocks+0xb0c/0x13a0 ext4_map_blocks+0x2cd/0x8f0 ext4_iomap_begin+0x27b/0x400 iomap_iter+0x222/0x3d0 __iomap_dio_rw+0x243/0xcb0 iomap_dio_rw+0x16/0x80 ========================================================= A simple reproducer demonstrating the problem: mkfs.ext4 -F /dev/sda -b 4096 100M mount /dev/sda /tmp/test fallocate -l1M /tmp/test/tmp fallocate -l10M /tmp/test/file fallocate -i -o 1M -l16777203M /tmp/test/file fsstress -d /tmp/test -l 0 -n 100000 -p 8 & sleep 10 && killall -9 fsstress rm -f /tmp/test/tmp xfs_io -c open -ad /tmp/test/file -c pwrite -S 0xff 0 8192 We simply refactor the logic for adjusting the best extent by adding a temporary ext4_free_extent ex and use extent_logical_end() to avoid overflow, which also simplifies the code. (CVE-2023-54069)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279890

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2022-50771]]> https://www.tenable.com/plugins/nessus/279887 https://www.tenable.com/plugins/nessus/279887 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279887 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() Running rcutorture with non-zero fqs_duration module parameter in a kernel built with CONFIG_PREEMPTION=y results in the following splat:
 BUG: using __this_cpu_read() in preemptible [00000000] code: rcu_torture_fqs/398 caller is
 __this_cpu_preempt_check+0x13/0x20 CPU: 3 PID: 398 Comm: rcu_torture_fqs Not tainted 6.0.0-rc1-yoctodev- standard+ Call Trace: dump_stack_lvl+0x5b/0x86 dump_stack+0x10/0x16 check_preemption_disabled+0xe5/0xf0 __this_cpu_preempt_check+0x13/0x20 rcu_force_quiescent_state.part.0+0x1c/0x170 rcu_force_quiescent_state+0x1e/0x30 rcu_torture_fqs+0xca/0x160 ? rcu_torture_boost+0x430/0x430 kthread+0x192/0x1d0 ? kthread_complete_and_exit+0x30/0x30 ret_from_fork+0x22/0x30 The problem is that rcu_force_quiescent_state() uses __this_cpu_read() in preemptible code instead of the proper raw_cpu_read(). This commit therefore changes __this_cpu_read() to raw_cpu_read(). (CVE-2022-50771)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279887

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54095]]> https://www.tenable.com/plugins/nessus/279885 https://www.tenable.com/plugins/nessus/279885 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279885 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - powerpc/iommu: Fix notifiers being shared by PCI and VIO buses fail_iommu_setup() registers the fail_iommu_bus_notifier struct to both PCI and VIO buses. struct notifier_block is a linked list node, so this causes any notifiers later registered to either bus type to also be registered to the other since they share the same node. This causes issues in (at least) the vgaarb code, which registers a notifier for PCI buses. pci_notify() ends up being called on a vio device, converted with to_pci_dev() even though it's not a PCI device, and finally makes a bad access in vga_arbiter_add_pci_device() as discovered with KASAN:
 BUG: KASAN: slab-out-of-bounds in vga_arbiter_add_pci_device+0x60/0xe00 Read of size 4 at addr c000000264c26fdc by task swapper/0/1 Call Trace: dump_stack_lvl+0x1bc/0x2b8 (unreliable) print_report+0x3f4/0xc60 kasan_report+0x244/0x698 __asan_load4+0xe8/0x250 vga_arbiter_add_pci_device+0x60/0xe00 pci_notify+0x88/0x444 notifier_call_chain+0x104/0x320 blocking_notifier_call_chain+0xa0/0x140 device_add+0xac8/0x1d30 device_register+0x58/0x80 vio_register_device_node+0x9ac/0xce0 vio_bus_scan_register_devices+0xc4/0x13c
 __machine_initcall_pseries_vio_device_init+0x94/0xf0 do_one_initcall+0x12c/0xaa8 kernel_init_freeable+0xa48/0xba8 kernel_init+0x64/0x400 ret_from_kernel_thread+0x5c/0x64 Fix this by creating separate notifier_block structs for each bus type. [mpe: Add #ifdef to fix CONFIG_IBMVIO=n build] (CVE-2023-54095)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279885

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54100]]> https://www.tenable.com/plugins/nessus/279884 https://www.tenable.com/plugins/nessus/279884 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279884 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - scsi: qedi: Fix use after free bug in qedi_remove() In qedi_probe() we call __qedi_probe() which initializes &qedi->recovery_work with qedi_recovery_handler() and &qedi->board_disable_work with qedi_board_disable_work(). When qedi_schedule_recovery_handler() is called, schedule_delayed_work() will finally start the work. In qedi_remove(), which is called to remove the driver, the following sequence may be observed: Fix this by finishing the work before cleanup in qedi_remove(). CPU0 CPU1 |qedi_recovery_handler qedi_remove | __qedi_remove | iscsi_host_free | scsi_host_put | //free shost | |iscsi_host_for_each_session |//use qedi->shost Cancel recovery_work and board_disable_work in
 __qedi_remove(). (CVE-2023-54100)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279884

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54117]]> https://www.tenable.com/plugins/nessus/279883 https://www.tenable.com/plugins/nessus/279883 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279883 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - s390/dcssblk: fix kernel crash with list_add corruption Commit fb08a1908cb1 (dax: simplify the dax_device <-> gendisk association) introduced new logic for gendisk association, requiring drivers to explicitly call dax_add_host() and dax_remove_host(). For dcssblk driver, some dax_remove_host() calls were missing, e.g. in device remove path. The commit also broke error handling for out_dax case in device add path, resulting in an extra put_device() w/o the previous get_device() in that case. This lead to stale xarray entries after device add / remove cycles. In the case when a previously used struct gendisk pointer (xarray index) would be used again, because blk_alloc_disk() happened to return such a pointer, the xa_insert() in dax_add_host() would fail and go to out_dax, doing the extra put_device() in the error path. In combination with an already flawed error handling in dcssblk (device_register() cleanup), which needs to be addressed in a separate patch, this resulted in a missing device_del() / klist_del(), and eventually in the kernel crash with list_add corruption on a subsequent device_add() / klist_add(). Fix this by adding the missing dax_remove_host() calls, and also move the put_device() in the error path to restore the previous logic. (CVE-2023-54117)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279883

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54096]]> https://www.tenable.com/plugins/nessus/279872 https://www.tenable.com/plugins/nessus/279872 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279872 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for soundwire device to become enumerated on the bus and initialised by their drivers, respectively. The code implementing the signalling is currently broken as it does not signal all current and future waiters and also uses the wrong reinitialisation function, which can potentially lead to memory corruption if there are still waiters on the queue. Not signalling future waiters specifically breaks sound card probe deferrals as codec drivers can not tell that the soundwire device is already attached when being reprobed. Some codec runtime PM implementations suffer from similar problems as waiting for enumeration during resume can also timeout despite the device already having been enumerated.
 (CVE-2023-54096)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279872

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54043]]> https://www.tenable.com/plugins/nessus/279869 https://www.tenable.com/plugins/nessus/279869 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279869 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - iommufd: Do not add the same hwpt to the ioas->hwpt_list twice The hwpt is added to the hwpt_list only during its creation, it is never added again. This hunk is some missed leftover from rework. Adding it twice will corrupt the linked list in some cases. It effects HWPT specific attachment, which is something the test suite cannot cover until we can create a legitimate struct device with a non-system iommu driver (ie we need the bus removed from the iommu code) (CVE-2023-54043)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279869

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54076]]> https://www.tenable.com/plugins/nessus/279864 https://www.tenable.com/plugins/nessus/279864 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279864 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - smb: client: fix missed ses refcounting Use new cifs_smb_ses_inc_refcount() helper to get an active reference of @ses and @ses->dfs_root_ses (if set). This will prevent @ses->dfs_root_ses of being put in the next call to cifs_put_smb_ses() and thus potentially causing an use-after-free bug. (CVE-2023-54076)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279864

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2022-50769]]> https://www.tenable.com/plugins/nessus/279863 https://www.tenable.com/plugins/nessus/279863 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279863 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(). (CVE-2022-50769)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279863

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54090]]> https://www.tenable.com/plugins/nessus/279860 https://www.tenable.com/plugins/nessus/279860 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279860 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ixgbe: Fix panic during XDP_TX with > 64 CPUs Commit 4fe815850bdc (ixgbe: let the xdpdrv work with more than 64 cpus) adds support to allow XDP programs to run on systems with more than 64 CPUs by locking the XDP TX rings and indexing them using cpu % 64 (IXGBE_MAX_XDP_QS). Upon trying this out patch on a system with more than 64 cores, the kernel paniced with an array-index-out-of-bounds at the return in ixgbe_determine_xdp_ring in ixgbe.h, which means ixgbe_determine_xdp_q_idx was just returning the cpu instead of cpu % IXGBE_MAX_XDP_QS. An example splat:
 ========================================================================== UBSAN: array-index-out-of- bounds in /var/lib/dkms/ixgbe/5.18.6+focal-1/build/src/ixgbe.h:1147:26 index 65 is out of range for type 'ixgbe_ring *[64]' ========================================================================== BUG: kernel NULL pointer dereference, address: 0000000000000058 #PF: supervisor read access in kernel mode #PF:
 error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] SMP NOPTI CPU: 65 PID: 408 Comm:
 ksoftirqd/65 Tainted: G IOE 5.15.0-48-generic #54~20.04.1-Ubuntu Hardware name: Dell Inc. PowerEdge R640/0W23H8, BIOS 2.5.4 01/13/2020 RIP: 0010:ixgbe_xmit_xdp_ring+0x1b/0x1c0 [ixgbe] Code: 3b 52 d4 cf e9 42 f2 ff ff 66 0f 1f 44 00 00 0f 1f 44 00 00 55 b9 00 00 00 00 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 08 <44> 0f b7 47 58 0f b7 47 5a 0f b7 57 54 44 0f b7 76 08 66 41 39 c0 RSP: 0018:ffffbc3fcd88fcb0 EFLAGS: 00010282 RAX: ffff92a253260980 RBX: ffffbc3fe68b00a0 RCX: 0000000000000000 RDX: ffff928b5f659000 RSI: ffff928b5f659000 RDI: 0000000000000000 RBP: ffffbc3fcd88fce0 R08: ffff92b9dfc20580 R09:
 0000000000000001 R10: 3d3d3d3d3d3d3d3d R11: 3d3d3d3d3d3d3d3d R12: 0000000000000000 R13: ffff928b2f0fa8c0 R14: ffff928b9be20050 R15: 000000000000003c FS: 0000000000000000(0000) GS:ffff92b9dfc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000058 CR3:
 000000011dd6a002 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: ixgbe_poll+0x103e/0x1280 [ixgbe] ? sched_clock_cpu+0x12/0xe0 __napi_poll+0x30/0x160 net_rx_action+0x11c/0x270 __do_softirq+0xda/0x2ee run_ksoftirqd+0x2f/0x50 smpboot_thread_fn+0xb7/0x150 ? sort_range+0x30/0x30 kthread+0x127/0x150 ? set_kthread_struct+0x50/0x50 ret_from_fork+0x1f/0x30 I think this is how it happens: Upon loading the first XDP program on a system with more than 64 CPUs, ixgbe_xdp_locking_key is incremented in ixgbe_xdp_setup. However, immediately after this, the rings are reconfigured by ixgbe_setup_tc. ixgbe_setup_tc calls ixgbe_clear_interrupt_scheme which calls ixgbe_free_q_vectors which calls ixgbe_free_q_vector in a loop. ixgbe_free_q_vector decrements ixgbe_xdp_locking_key once per call if it is non-zero. Commenting out the decrement in ixgbe_free_q_vector stopped my system from panicing. I suspect to make the original patch work, I would need to load an XDP program and then replace it in order to get ixgbe_xdp_locking_key back above 0 since ixgbe_setup_tc is only called when transitioning between XDP and non-XDP ring configurations, while ixgbe_xdp_locking_key is incremented every time ixgbe_xdp_setup is called. Also, ixgbe_setup_tc can be called via ethtool --set- channels, so this becomes another path to decrement ixgbe_xdp_locking_key to 0 on systems with more than 64 CPUs. Since ixgbe_xdp_locking_key only protects the XDP_TX path and is tied to the number of CPUs present, there is no reason to disable it upon unloading an XDP program. To avoid confusion, I have moved enabling ixgbe_xdp_locking_key into ixgbe_sw_init, which is part of the probe path. (CVE-2023-54090)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279860

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2022-50782]]> https://www.tenable.com/plugins/nessus/279859 https://www.tenable.com/plugins/nessus/279859 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279859 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows:
 ================================================================== kernel BUG at fs/ext4/extents_status.c:202! invalid opcode: 0000 [#1] PREEMPT SMP CPU: 1 PID: 810 Comm: mount Not tainted 6.1.0-rc1-next-g9631525255e3 #352 RIP: 0010:__es_tree_search.isra.0+0xb8/0xe0 RSP:
 0018:ffffc90001227900 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000000077512a0f RCX: 0000000000000000 RDX: 0000000000000002 RSI: 0000000000002a10 RDI: ffff8881004cd0c8 RBP: ffff888177512ac8 R08:
 47ffffffffffffff R09: 0000000000000001 R10: 0000000000000001 R11: 00000000000679af R12: 0000000000002a10 R13: ffff888177512d88 R14: 0000000077512a10 R15: 0000000000000000 FS:
 00007f4bd76dbc40(0000)GS:ffff88842fd00000(0000)knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0:
 0000000080050033 CR2: 00005653bf993cf8 CR3: 000000017bfdf000 CR4: 00000000000006e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
 0000000000000400 Call Trace: ext4_es_cache_extent+0xe2/0x210 ext4_cache_extents+0xd2/0x110 ext4_find_extent+0x5d5/0x8c0 ext4_ext_map_blocks+0x9c/0x1d30 ext4_map_blocks+0x431/0xa50 ext4_getblk+0x82/0x340 ext4_bread+0x14/0x110 ext4_quota_read+0xf0/0x180 v2_read_header+0x24/0x90 v2_check_quota_file+0x2f/0xa0 dquot_load_quota_sb+0x26c/0x760 dquot_load_quota_inode+0xa5/0x190 ext4_enable_quotas+0x14c/0x300 __ext4_fill_super+0x31cc/0x32c0 ext4_fill_super+0x115/0x2d0 get_tree_bdev+0x1d2/0x360 ext4_get_tree+0x19/0x30 vfs_get_tree+0x26/0xe0 path_mount+0x81d/0xfc0 do_mount+0x8d/0xc0 __x64_sys_mount+0xc0/0x160 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x63/0xcd ================================================================== Above issue may happen as follows:
 ------------------------------------- ext4_fill_super ext4_orphan_cleanup ext4_enable_quotas ext4_quota_enable ext4_iget --> get error inode <5> ext4_ext_check_inode --> Wrong imode makes it escape inspection make_bad_inode(inode) --> EXT4_BOOT_LOADER_INO set imode dquot_load_quota_inode vfs_setup_quota_inode --> check pass dquot_load_quota_sb v2_check_quota_file v2_read_header ext4_quota_read ext4_bread ext4_getblk ext4_map_blocks ext4_ext_map_blocks ext4_find_extent ext4_cache_extents ext4_es_cache_extent __es_tree_search.isra.0 ext4_es_end --> Wrong extents trigger BUG_ON In the above issue, s_usr_quota_inum is set to 5, but inode<5> contains incorrect imode and disordered extents. Because 5 is EXT4_BOOT_LOADER_INO, the ext4_ext_check_inode check in the ext4_iget function can be bypassed, finally, the extents that are not checked trigger the BUG_ON in the
 __es_tree_search function. To solve this issue, check whether the inode is bad_inode in vfs_setup_quota_inode(). (CVE-2022-50782)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279859

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54135]]> https://www.tenable.com/plugins/nessus/279854 https://www.tenable.com/plugins/nessus/279854 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279854 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extends to the last slot in the node, in which case the node maximum should be used as the end pivot. akpm: this doesn't affect any current callers, but new users of mapletree may encounter this problem if backported into earlier kernels, so let's fix it in -stable kernels in case of this. (CVE-2023-54135)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279854

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54160]]> https://www.tenable.com/plugins/nessus/279820 https://www.tenable.com/plugins/nessus/279820 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279820 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - firmware: arm_sdei: Fix sleep from invalid context BUG Running a preempt-rt (v6.2-rc3-rt1) based kernel on an Ampere Altra triggers: BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46 in_atomic(): 0, irqs_disabled(): 128, non_block: 0, pid: 24, name: cpuhp/0 preempt_count: 0, expected: 0 RCU nest depth: 0, expected: 0 3 locks held by cpuhp/0/24: #0:
 ffffda30217c70d0 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x5c/0x248 #1: ffffda30217c7120 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x5c/0x248 #2: ffffda3021c711f0 (sdei_list_lock){....}-{3:3}, at: sdei_cpuhp_up+0x3c/0x130 irq event stamp: 36 hardirqs last enabled at (35): [] finish_task_switch+0xb4/0x2b0 hardirqs last disabled at (36):
 [] cpuhp_thread_fun+0x21c/0x248 softirqs last enabled at (0): [] copy_process+0x63c/0x1ac0 softirqs last disabled at (0): [<0000000000000000>] 0x0 CPU: 0 PID: 24 Comm:
 cpuhp/0 Not tainted 5.19.0-rc3-rt5-[...] Hardware name: WIWYNN Mt.Jade Server [...] Call trace:
 dump_backtrace+0x114/0x120 show_stack+0x20/0x70 dump_stack_lvl+0x9c/0xd8 dump_stack+0x18/0x34
 __might_resched+0x188/0x228 rt_spin_lock+0x70/0x120 sdei_cpuhp_up+0x3c/0x130 cpuhp_invoke_callback+0x250/0xf08 cpuhp_thread_fun+0x120/0x248 smpboot_thread_fn+0x280/0x320 kthread+0x130/0x140 ret_from_fork+0x10/0x20 sdei_cpuhp_up() is called in the STARTING hotplug section, which runs with interrupts disabled. Use a CPUHP_AP_ONLINE_DYN entry instead to execute the cpuhp cb later, with preemption enabled. SDEI originally got its own cpuhp slot to allow interacting with perf. It got superseded by pNMI and this early slot is not relevant anymore. [1] Some SDEI calls (e.g.
 SDEI_1_0_FN_SDEI_PE_MASK) take actions on the calling CPU. It is checked that preemption is disabled for them. _ONLINE cpuhp cb are executed in the 'per CPU hotplug thread'. Preemption is enabled in those threads, but their cpumask is limited to 1 CPU. Move 'WARN_ON_ONCE(preemptible())' statements so that SDEI cpuhp cb don't trigger them. Also add a check for the SDEI_1_0_FN_SDEI_PRIVATE_RESET SDEI call which acts on the calling CPU. [1]: https://lore.kernel.org/all/5813b8c5-ae3e-87fd-fccc-94c9cd08816d@arm.com/ (CVE-2023-54160)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279820

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54146]]> https://www.tenable.com/plugins/nessus/279814 https://www.tenable.com/plugins/nessus/279814 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279814 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 (x86/kexec: fix memory leak of elf header buffer), freeing image->elf_headers in the error path of crash_load_segments() is not needed because kimage_file_post_load_cleanup() will take care of that later. And not clearing it could result in a double-free. Drop the superfluous vfree() call at the error path of crash_load_segments().
 (CVE-2023-54146)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279814

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54145]]> https://www.tenable.com/plugins/nessus/279809 https://www.tenable.com/plugins/nessus/279809 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279809 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger verifier log line truncated warning, as verifier has a fixed-sized buffer of 1024 bytes (as of now), and there are at least two pieces of user-provided information that can be output through this buffer, and both can be arbitrarily sized by user: - BTF names; - BTF.ext source code lines strings. Verifier log buffer should be properly sized for typical verifier state output. But it's sort-of expected that this buffer won't be long enough in some circumstances. So let's drop the check. In any case code will work correctly, at worst truncating a part of a single line output. (CVE-2023-54145)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279809

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-68736]]> https://www.tenable.com/plugins/nessus/279801 https://www.tenable.com/plugins/nessus/279801 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279801 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mount in a way that makes them inaccessible from the mount point (i.e. out of scope). Previously, access rights tied to files or directories opened through a disconnected directory were collected by walking the related hierarchy down to the root of the filesystem, without taking into account the mount point because it couldn't be found. This could lead to inconsistent access results, potential access right widening, and hard-to-debug renames, especially since such paths cannot be printed. For a sandboxed task to create a disconnected directory, it needs to have write access (i.e. FS_MAKE_REG, FS_REMOVE_FILE, and FS_REFER) to the underlying source of the bind mount, and read access to the related mount point. Because a sandboxed task cannot acquire more access rights than those defined by its Landlock domain, this could lead to inconsistent access rights due to missing permissions that should be inherited from the mount point hierarchy, while inheriting permissions from the filesystem hierarchy hidden by this mount point instead.
 Landlock now handles files and directories opened from disconnected directories by taking into account the filesystem hierarchy when the mount point is not found in the hierarchy walk, and also always taking into account the mount point from which these disconnected directories were opened. This ensures that a rename is not allowed if it would widen access rights [1]. The rationale is that, even if disconnected hierarchies might not be visible or accessible to a sandboxed task, relying on the collected access rights from them improves the guarantee that access rights will not be widened during a rename because of the access right comparison between the source and the destination (see LANDLOCK_ACCESS_FS_REFER). It may look like this would grant more access on disconnected files and directories, but the security policies are always enforced for all the evaluated hierarchies. This new behavior should be less surprising to users and safer from an access control perspective. Remove a wrong WARN_ON_ONCE() canary in collect_domain_accesses() and fix the related comment. Because opened files have their access rights stored in the related file security properties, there is no impact for disconnected or unlinked files.
 (CVE-2025-68736)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279801

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54153]]> https://www.tenable.com/plugins/nessus/279770 https://www.tenable.com/plugins/nessus/279770 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279770 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ext4: turn quotas off if mount failed after enabling quotas Yi found during a review of the patch ext4:
 don't BUG on inconsistent journal feature that when ext4_mark_recovery_complete() returns an error value, the error handling path does not turn off the enabled quotas, which triggers the following kmemleak:
 ================================================================ unreferenced object 0xffff8cf68678e7c0 (size 64): comm mount, pid 746, jiffies 4294871231 (age 11.540s) hex dump (first 32 bytes): 00 90 ef 82 f6 8c ff ff 00 00 00 00 41 01 00 00 ............A... c7 00 00 00 bd 00 00 00 0a 00 00 00 48 00 00 00 ............H... backtrace: [<00000000c561ef24>] __kmem_cache_alloc_node+0x4d4/0x880 [<00000000d4e621d7>] kmalloc_trace+0x39/0x140 [<00000000837eee74>] v2_read_file_info+0x18a/0x3a0 [<0000000088f6c877>] dquot_load_quota_sb+0x2ed/0x770 [<00000000340a4782>] dquot_load_quota_inode+0xc6/0x1c0 [<0000000089a18bd5>] ext4_enable_quotas+0x17e/0x3a0 [ext4] [<000000003a0268fa>]
 __ext4_fill_super+0x3448/0x3910 [ext4] [<00000000b0f2a8a8>] ext4_fill_super+0x13d/0x340 [ext4] [<000000004a9489c4>] get_tree_bdev+0x1dc/0x370 [<000000006e723bf1>] ext4_get_tree+0x1d/0x30 [ext4] [<00000000c7cb663d>] vfs_get_tree+0x31/0x160 [<00000000320e1bed>] do_new_mount+0x1d5/0x480 [<00000000c074654c>] path_mount+0x22e/0xbe0 [<0000000003e97a8e>] do_mount+0x95/0xc0 [<000000002f3d3736>]
 __x64_sys_mount+0xc4/0x160 [<0000000027d2140c>] do_syscall_64+0x3f/0x90 ================================================================ To solve this problem, we add a failed_mount10 tag, and call ext4_quota_off_umount() in this tag to release the enabled qoutas.
 (CVE-2023-54153)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279770

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54083]]> https://www.tenable.com/plugins/nessus/279766 https://www.tenable.com/plugins/nessus/279766 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279766 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy the port dev, it will destroy its dev driver as well. But we did not remove the reference from usb-phy dev.
 This might cause the use-after-free issue in KASAN. (CVE-2023-54083)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279766

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2022-50750]]> https://www.tenable.com/plugins/nessus/279762 https://www.tenable.com/plugins/nessus/279762 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279762 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to avoid memory leak. (CVE-2022-50750)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279762

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54088]]> https://www.tenable.com/plugins/nessus/279744 https://www.tenable.com/plugins/nessus/279744 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279744 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - blk-cgroup: hold queue_lock when removing blkg->q_node When blkg is removed from q->blkg_list from blkg_free_workfn(), queue_lock has to be held, otherwise, all kinds of bugs(list corruption, hard lockup, ..) can be triggered from blkg_destroy_all(). (CVE-2023-54088)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279744

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2023-54144]]> https://www.tenable.com/plugins/nessus/279722 https://www.tenable.com/plugins/nessus/279722 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279722 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - drm/amdkfd: Fix kernel warning during topology setup This patch fixes the following kernel warning seen during driver load by correctly initializing the p2plink attr before creating the sysfs file: [ +0.002865]
 ------------[ cut here ]------------ [ +0.002327] kobject: '(null)' (0000000056260cfb): is not initialized, yet kobject_put() is being called. [ +0.004780] WARNING: CPU: 32 PID: 1006 at lib/kobject.c:718 kobject_put+0xaa/0x1c0 [ +0.001361] Call Trace: [ +0.001234] [ +0.001067] kfd_remove_sysfs_node_entry+0x24a/0x2d0 [amdgpu] [ +0.003147] kfd_topology_update_sysfs+0x3d/0x750 [amdgpu] [ +0.002890] kfd_topology_add_device+0xbd7/0xc70 [amdgpu] [ +0.002844] ? lock_release+0x13c/0x2e0 [ +0.001936] ? smu_cmn_send_smc_msg_with_param+0x1e8/0x2d0 [amdgpu] [ +0.003313] ? amdgpu_dpm_get_mclk+0x54/0x60 [amdgpu] [ +0.002703] kgd2kfd_device_init.cold+0x39f/0x4ed [amdgpu] [ +0.002930] amdgpu_amdkfd_device_init+0x13d/0x1f0 [amdgpu] [ +0.002944] amdgpu_device_init.cold+0x1464/0x17b4 [amdgpu] [ +0.002970] ? pci_bus_read_config_word+0x43/0x80 [ +0.002380] amdgpu_driver_load_kms+0x15/0x100 [amdgpu] [ +0.002744] amdgpu_pci_probe+0x147/0x370 [amdgpu] [ +0.002522] local_pci_probe+0x40/0x80 [ +0.001896] work_for_cpu_fn+0x10/0x20 [ +0.001892] process_one_work+0x26e/0x5a0 [ +0.002029] worker_thread+0x1fd/0x3e0 [ +0.001890] ? process_one_work+0x5a0/0x5a0 [ +0.002115] kthread+0xea/0x110 [ +0.001618] ? kthread_complete_and_exit+0x20/0x20 [ +0.002422] ret_from_fork+0x1f/0x30 [ +0.001808] [ +0.001103] irq event stamp: 59837 [ +0.001718] hardirqs last enabled at (59849): []
 __up_console_sem+0x52/0x60 [ +0.004414] hardirqs last disabled at (59860): []
 __up_console_sem+0x37/0x60 [ +0.004414] softirqs last enabled at (59654): [] irq_exit_rcu+0xd7/0x130 [ +0.004205] softirqs last disabled at (59649): [] irq_exit_rcu+0xd7/0x130 [ +0.004203] ---[ end trace 0000000000000000 ]--- (CVE-2023-54144)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279722

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2022-50778]]> https://www.tenable.com/plugins/nessus/279718 https://www.tenable.com/plugins/nessus/279718 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279718 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL With CONFIG_FORTIFY=y and CONFIG_UBSAN_LOCAL_BOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's (CTS) android.hardware.input.cts.tests. This is stemming from a strlen() call in hidinput_allocate(). __compiletime_strlen() is implemented in terms of __builtin_object_size(), then does an array access to check for NUL-termination. A quirk of __builtin_object_size() is that for strings whose values are runtime dependent, __builtin_object_size(str, 1 or 0) returns the maximum size of possible values when those sizes are determinable at compile time. Example: static const char *v = FOO BAR;
 static const char *y = FOO BA; unsigned long x (int z) { // Returns 8, which is: // max(__builtin_object_size(v, 1), __builtin_object_size(y, 1)) return __builtin_object_size(z ? v : y, 1);
 } So when FORTIFY_SOURCE is enabled, the current implementation of __compiletime_strlen() will try to access beyond the end of y at runtime using the size of v. Mixed with UBSAN_LOCAL_BOUNDS we get a fault.
 hidinput_allocate() has a local C string whose value is control flow dependent on a switch statement, so
 __builtin_object_size(str, 1) evaluates to the maximum string length, making all other cases fault on the last character check. hidinput_allocate() could be cleaned up to avoid runtime calls to strlen() since the local variable can only have literal values, so there's no benefit to trying to fortify the strlen call site there. Perform a __builtin_constant_p() check against index 0 earlier in the macro to filter out the control-flow-dependant case. Add a KUnit test for checking the expected behavioral characteristics of FORTIFY_SOURCE internals. (CVE-2022-50778)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279718

]]> <![CDATA[OT Discovery : Discovered Directly Connected Device]]> https://www.tenable.com/plugins/nessus/279109 https://www.tenable.com/plugins/nessus/279109 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279109 with Info Severity

Synopsis

Use Tenable OT Discovery to discover OT devices.

Description

The OT Discovery engine has identified that the remote host is an OT asset.
This asset was identified via active queries and protocol-level inspection.

Details about any indirectly connected assets can be found in plugin 279108 - OT Discovery : Discovered Indirectly Connected Devices

Solution

null

Read more at https://www.tenable.com/plugins/nessus/279109

]]> <![CDATA[OT Discovery : Discovered Indirectly Connected Devices]]> https://www.tenable.com/plugins/nessus/279108 https://www.tenable.com/plugins/nessus/279108 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 279108 with Info Severity

Synopsis

Use Tenable OT Discovery to discover OT devices.

Description

Tenable OT Discovery has discovered one or more OT devices indirectly connected to the scanned host. These assets were identified via active queries and protocol-level inspection. They are not independently scanned or licensed at this stage but are presented here for visibility and planning purposes.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/279108

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-61662]]> https://www.tenable.com/plugins/nessus/275735 https://www.tenable.com/plugins/nessus/275735 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 275735 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded. (CVE-2025-61662)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/275735

]]> <![CDATA[Microsoft Endpoint Configuration Manager (CVE-2025-59501)]]> https://www.tenable.com/plugins/nessus/271811 https://www.tenable.com/plugins/nessus/271811 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 271811 with Medium Severity

Synopsis

A system management application installed on the remote host is affected by an elevation of privilege vulnerability.

Description

The Microsoft Endpoint Configuration Manager application installed on the remote host is missing a security hotfix documented in the vendor advisory. It is, therefore, affected by an elevation of privilege vulnerability. An attacker could exploit this vulnerability by modifying the user principal name (UPN) of a valid Microsoft Entra ID account or create a new Account to impersonate an Active Directory user with the same UPN that was not synchronized to Entra ID. Successful exploitation could allow the attacker to gain unauthorized administrative control over Microsoft Configuration Manager and its managed clients.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply the security patch according to the vendor.

Read more at https://www.tenable.com/plugins/nessus/271811

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2022-50285]]> https://www.tenable.com/plugins/nessus/264968 https://www.tenable.com/plugins/nessus/264968 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 264968 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages The h->*_huge_pages counters are protected by the hugetlb_lock, but alloc_huge_page has a corner case where it can decrement the counter outside of the lock. This could lead to a corrupted value of h->resv_huge_pages, which we have observed on our systems. Take the hugetlb_lock before decrementing h->resv_huge_pages to avoid a potential race.
 (CVE-2022-50285)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/264968

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-21587]]> https://www.tenable.com/plugins/nessus/252115 https://www.tenable.com/plugins/nessus/252115 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 252115 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data.
 Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.
 (CVE-2025-21587)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/252115

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-30698]]> https://www.tenable.com/plugins/nessus/252109 https://www.tenable.com/plugins/nessus/252109 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 252109 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2025-30698)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/252109

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-30691]]> https://www.tenable.com/plugins/nessus/252047 https://www.tenable.com/plugins/nessus/252047 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 252047 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE.
 Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data as well as unauthorized read access to a subset of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. (CVE-2025-30691)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/252047

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-30749]]> https://www.tenable.com/plugins/nessus/249844 https://www.tenable.com/plugins/nessus/249844 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 249844 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2025-30749)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/249844

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-50059]]> https://www.tenable.com/plugins/nessus/248279 https://www.tenable.com/plugins/nessus/248279 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 248279 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE:
 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. While the vulnerability is in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2025-50059)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/248279

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-50106]]> https://www.tenable.com/plugins/nessus/248057 https://www.tenable.com/plugins/nessus/248057 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 248057 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.
 This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. (CVE-2025-50106)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/248057

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-30752]]> https://www.tenable.com/plugins/nessus/244904 https://www.tenable.com/plugins/nessus/244904 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 244904 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE (component:
 Compiler). The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK:
 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2025-30752)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/244904

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-30754]]> https://www.tenable.com/plugins/nessus/243773 https://www.tenable.com/plugins/nessus/243773 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 243773 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2025-30754)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/243773

]]> <![CDATA[Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7683-1)]]> https://www.tenable.com/plugins/nessus/243278 https://www.tenable.com/plugins/nessus/243278 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 243278 with High Severity

Synopsis

The remote Ubuntu host is missing one or more security updates.

Description

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7683-1 advisory.

 Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

 - TTY drivers;

 - Network traffic control; (CVE-2025-38083, CVE-2024-50073)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

Read more at https://www.tenable.com/plugins/nessus/243278

]]> <![CDATA[VMware ESXi 7.x < 7.0 Update 3w / 8.x < 8.0 Update 2e / 8.0 Update 3 < 8.0 Update 3f (VMSA-2025-0013)]]> https://www.tenable.com/plugins/nessus/242168 https://www.tenable.com/plugins/nessus/242168 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 242168 with Critical Severity

Synopsis

VMware ESXi is affected by multiple vulnerabilities.

Description

The version of VMware ESXi installed on the remote host is 7.x prior to 7.0 Update 3w, 8.x prior to 8.0 Update 2e, or 8.0 Update 3 prior to 8.0 Update 3f. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0013 advisory:

 - VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. (CVE-2025-41236)

 - VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. (CVE-2025-41237)

 - VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. (CVE-2025-41238)

 - VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. (CVE-2025-41239)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to VMware ESXi 7.0 Update 3w, 8.0 Update 2e, or 8.0 Update 3f or later.

Read more at https://www.tenable.com/plugins/nessus/242168

]]> <![CDATA[Wing FTP Server < 7.4.4 Multiple Vulnerabilities]]> https://www.tenable.com/plugins/nessus/241999 https://www.tenable.com/plugins/nessus/241999 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 241999 with Critical Severity

Synopsis

The remote FTP service is affected by multiple vulnerabilities.

Description

The remote FTP server is running a version of Wing FTP Server earlier than 7.4.4. It is, therefore, affected by multiple vulnerabilities, as follows:

 - In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts. (CVE-2025-47812)

 - loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie. (CVE-2025-47813)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to version 7.4.4 or later.

Read more at https://www.tenable.com/plugins/nessus/241999

]]> <![CDATA[VMware ESXi 7.0 / 8.0 Multiple Vulnerabilities (VMSA-2025-0004)]]> https://www.tenable.com/plugins/nessus/237304 https://www.tenable.com/plugins/nessus/237304 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 237304 with Critical Severity

Synopsis

The remote VMware ESXi host is affected by multiple vulnerabilities.

Description

The version of VMware ESXi installed on the remote host is 7.0 prior to 7.0 Update 3s, 8.0 Update 2 prior to 8.0 Update 2d, or 8.0 Update 3 prior to 8.0 Update 3d. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0004 advisory:

 - VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. (CVE-2025-22224)

 - VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox. (CVE-2025-22225)

 - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process. (CVE-2025-22226)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to VMware ESXi 7.0 Update 3s, 8.0 Update 2d, or 8.0 Update 3d or later.

Read more at https://www.tenable.com/plugins/nessus/237304

]]> <![CDATA[VMware ESXi 7.0 / 8.0 Multiple Vulenerabilities (VMSA-2025-0010)]]> https://www.tenable.com/plugins/nessus/237246 https://www.tenable.com/plugins/nessus/237246 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 237246 with Medium Severity

Synopsis

The VMware ESXi is affected by multiple vulnerabilities.

Description

The version of VMware ESXi installed on the remote host is 7.0.x prior to 7.0 Update 3v or 8.0.x prior to 8.0 Update 3e. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0010 advisory.

 - ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. (CVE-2025-41226)

 - Workstation, Fusion and ESXi contain a denial-of-service vulnerability due to certain guest options. (CVE-2025-41227)

 - VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. (CVE-2025-41228)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to ESXi 7.0 Update 3v, 8.0 Update 3e or later.

Read more at https://www.tenable.com/plugins/nessus/237246

]]> <![CDATA[Debian dsa-5908 : fonts-opensymbol - security update]]> https://www.tenable.com/plugins/nessus/234915 https://www.tenable.com/plugins/nessus/234915 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 234915 with Low Severity

Synopsis

The remote Debian host is missing a security-related update.

Description

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5908 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5908-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2025 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : libreoffice CVE ID : CVE-2025-2866

 Juray Sarinay discovered that PDF documents signed with the adbe.pkcs7.sha1 standard were incompletely validated by LibreOffice, which could cause invalid signatures to be accepted as legitimate.

 For the stable distribution (bookworm), this problem has been fixed in version 4:7.4.7-1+deb12u8.

 We recommend that you upgrade your libreoffice packages.

 For the detailed security status of libreoffice please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/libreoffice

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade the fonts-opensymbol packages.

Read more at https://www.tenable.com/plugins/nessus/234915

]]> <![CDATA[AnyViewer Installed (MacOSX)]]> https://www.tenable.com/plugins/nessus/232316 https://www.tenable.com/plugins/nessus/232316 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 232316 with Info Severity

Synopsis

AnyViewer is installed on the remote MacOSX host.

Description

AnyViewer, remote access software, is installed on the remote MacOSX host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/232316

]]> <![CDATA[Debian dsa-5873 : fonts-opensymbol - security update]]> https://www.tenable.com/plugins/nessus/229743 https://www.tenable.com/plugins/nessus/229743 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 229743 with High Severity

Synopsis

The remote Debian host is missing a security-related update.

Description

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5873 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5873-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 04, 2025 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : libreoffice CVE ID : CVE-2025-1080

 Amel Bouziane-Leblond discovered that insufficient validation of vnd.libreoffice.command URI schemes could result in the execution of arbitrary macro commands.

 For the stable distribution (bookworm), this problem has been fixed in version 4:7.4.7-1+deb12u7.

 We recommend that you upgrade your libreoffice packages.

 For the detailed security status of libreoffice please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/libreoffice

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade the fonts-opensymbol packages.

Read more at https://www.tenable.com/plugins/nessus/229743

]]> <![CDATA[Debian dsa-5846 : fonts-opensymbol - security update]]> https://www.tenable.com/plugins/nessus/214390 https://www.tenable.com/plugins/nessus/214390 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 214390 with Medium Severity

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5846 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5846-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 19, 2025 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : libreoffice CVE ID : CVE-2024-12425 CVE-2024-12426

 Thomas Rinsma discovered two security vulnerabilities in LibreOffice, which could result in information disclosure or overwriting of files when opening malformed documents.

 For the stable distribution (bookworm), these problems have been fixed in version 4:7.4.7-1+deb12u6.

 We recommend that you upgrade your libreoffice packages.

 For the detailed security status of libreoffice please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/libreoffice

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the fonts-opensymbol packages.

Read more at https://www.tenable.com/plugins/nessus/214390

]]> <![CDATA[Palo Alto Cortex XDR Agent Installed (Linux)]]> https://www.tenable.com/plugins/nessus/208935 https://www.tenable.com/plugins/nessus/208935 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 208935 with Info Severity

Synopsis

A VPN client is installed on the remote Linux host.

Description

Palo Alto Cortex XDR Agent, a continuous security monitoring product, is installed on the remote Linux host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/208935

]]> <![CDATA[Debian dsa-5772 : fonts-opensymbol - security update]]> https://www.tenable.com/plugins/nessus/207365 https://www.tenable.com/plugins/nessus/207365 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 207365 with High Severity

Synopsis

The remote Debian host is missing a security-related update.

Description

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5772 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5772-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 17, 2024 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : libreoffice CVE ID : CVE-2024-7788

 Yufan You discovered that Libreoffice's handling of documents based on ZIP archives was suspectible to spoofing attacks when the repair mode attempts to address a malformed archive structure.

 For additional information please refer to https://www.libreoffice.org/about-us/security/advisories/cve-2024-7788/

 For the stable distribution (bookworm), this problem has been fixed in version 4:7.4.7-1+deb12u5.

 We recommend that you upgrade your libreoffice packages.

 For the detailed security status of libreoffice please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/libreoffice

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade the fonts-opensymbol packages.

Read more at https://www.tenable.com/plugins/nessus/207365

]]> <![CDATA[Debian dsa-5737 : fonts-opensymbol - security update]]> https://www.tenable.com/plugins/nessus/204990 https://www.tenable.com/plugins/nessus/204990 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 204990 with High Severity

Synopsis

The remote Debian host is missing a security-related update.

Description

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5737 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5737-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 05, 2024 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : libreoffice CVE ID : CVE-2024-6472

 If LibreOffice failed to validate a signed macro, it displayed a warning but still allowed execution of the script after printing a warning.
 Going forward in high macro security mode such macros are now disabled.

 For additional information please refer to https://www.libreoffice.org/about-us/security/advisories/cve-2024-6472/

 For the oldstable distribution (bullseye), this problem has been fixed in version 1:7.0.4-4+deb11u10.

 For the stable distribution (bookworm), this problem has been fixed in version 4:7.4.7-1+deb12u4.

 We recommend that you upgrade your libreoffice packages.

 For the detailed security status of libreoffice please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/libreoffice

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade the fonts-opensymbol packages.

Read more at https://www.tenable.com/plugins/nessus/204990

]]> <![CDATA[Debian dsa-5690 : fonts-opensymbol - security update]]> https://www.tenable.com/plugins/nessus/197090 https://www.tenable.com/plugins/nessus/197090 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 197090 with Medium Severity

Synopsis

The remote Debian host is missing a security-related update.

Description

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5690 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5690-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 15, 2024 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : libreoffice CVE ID : CVE-2024-3044

 Amel Bouziane-Leblond discovered that LibreOffice's support for binding scripts to click events on graphics could result in unchecked script execution.

 For the oldstable distribution (bullseye), this problem has been fixed in version 1:7.0.4-4+deb11u9.

 For the stable distribution (bookworm), this problem has been fixed in version 4:7.4.7-1+deb12u2.

 We recommend that you upgrade your libreoffice packages.

 For the detailed security status of libreoffice please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/libreoffice

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade the fonts-opensymbol packages.

Read more at https://www.tenable.com/plugins/nessus/197090

]]> <![CDATA[RHEL 8 / 9 : OpenShift Container Platform 4.12.22 (RHSA-2023:3613)]]> https://www.tenable.com/plugins/nessus/194228 https://www.tenable.com/plugins/nessus/194228 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 194228 with High Severity

Synopsis

The remote Red Hat host is missing one or more security updates for OpenShift Container Platform 4.12.22.

Description

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3613 advisory.

 Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

 This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.22. See the following advisory for the container images for this release:

 https://access.redhat.com/errata/RHSA-2023:3615

 Security Fix(es):

 * golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)

 * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)

 * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)

 * golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags (CVE-2022-32149)

 * golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)

 * golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

 All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL OpenShift Container Platform 4.12.22 packages based on the guidance in RHSA-2023:3613.

Read more at https://www.tenable.com/plugins/nessus/194228

]]> <![CDATA[RHEL 8 / 9 : OpenShift Container Platform 4.12.0 (RHSA-2022:7398)]]> https://www.tenable.com/plugins/nessus/194196 https://www.tenable.com/plugins/nessus/194196 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 194196 with High Severity

Synopsis

The remote Red Hat host is missing one or more security updates for OpenShift Container Platform 4.12.0.

Description

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7398 advisory.

 Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

 This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.0. See the following advisory for the container images for this release:

 https://access.redhat.com/errata/RHSA-2022:7399

 Security Fix(es):

 * go-yaml: Denial of Service in go-yaml (CVE-2021-4235)
 * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
 * kubernetes: Unauthorized read of Custom Resources (CVE-2022-3162)
 * kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF) (CVE-2022-3172)
 * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
 * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)
 * golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)
 * golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
 * cri-o: incorrect handling of the supplementary groups (CVE-2022-2995)
 * OpenShift: Missing HTTP Strict Transport Security (CVE-2022-3259)
 * cri-o: Security regression of CVE-2022-27652 (CVE-2022-3466)
 * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

 All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL OpenShift Container Platform 4.12.0 packages based on the guidance in RHSA-2022:7398.

Read more at https://www.tenable.com/plugins/nessus/194196

]]> <![CDATA[F-Secure Anti-Virus Installed (Windows)]]> https://www.tenable.com/plugins/nessus/182587 https://www.tenable.com/plugins/nessus/182587 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 182587 with Info Severity

Synopsis

F-Secure Anti-Virus is installed on the remote Windows host.

Description

F-Secure Anti-Virus is installed on the remote Windows host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/182587

]]> <![CDATA[F-Secure Ultralight Installed (Windows)]]> https://www.tenable.com/plugins/nessus/182586 https://www.tenable.com/plugins/nessus/182586 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 182586 with Info Severity

Synopsis

F-Secure Ultralight was detected on the remote Windows host.

Description

F-Secure Ultralight was detected on the remote Windows host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/182586

]]> <![CDATA[CrowdStrike Falcon Sensor Installed (MacOSX)]]> https://www.tenable.com/plugins/nessus/176414 https://www.tenable.com/plugins/nessus/176414 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 176414 with Info Severity

Synopsis

CrowdStrike Falcon Sensor is installed on the remote MacOSX host.

Description

CrowdStrike Falcon Sensor, an agent for the Falcon platform, is installed on the remote MacOSX host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/176414

]]> <![CDATA[CrowdStrike Falcon Sensor Installed (Linux)]]> https://www.tenable.com/plugins/nessus/165456 https://www.tenable.com/plugins/nessus/165456 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 165456 with Info Severity

Synopsis

CrowdStrike Falcon Sensor is installed on the remote Linux host.

Description

CrowdStrike Falcon Sensor, an agent for the Falcon platform, is installed on the remote Linux host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/165456

]]> <![CDATA[FireEye Endpoint Agent Installed (Windows)]]> https://www.tenable.com/plugins/nessus/144648 https://www.tenable.com/plugins/nessus/144648 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 144648 with Info Severity

Synopsis

FireEye Endpoint Agent is installed on the remote Windows host.

Description

FireEye Endpoint Agent, an agent for the Falcon platform, is installed on the remote Windows host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/144648

]]> <![CDATA[ESET Cyber Security Installed (macOS)]]> https://www.tenable.com/plugins/nessus/141173 https://www.tenable.com/plugins/nessus/141173 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 141173 with Info Severity

Synopsis

An antivirus application is installed on the remote macOS host.

Description

ESET Cyber Security, a commercial antivirus software package, is installed on the remote macOS host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/141173

]]> <![CDATA[Tanium Client Installed (Windows)]]> https://www.tenable.com/plugins/nessus/140918 https://www.tenable.com/plugins/nessus/140918 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 140918 with Info Severity

Synopsis

Tanium Client is installed on the remote Windows host.

Description

Tanium Client, an agent for the Tanium platform, is installed on the remote Windows host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/140918

]]> <![CDATA[CrowdStrike Falcon Sensor Installed (Windows)]]> https://www.tenable.com/plugins/nessus/140633 https://www.tenable.com/plugins/nessus/140633 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 140633 with Info Severity

Synopsis

CrowdStrike Falcon Sensor is installed on the remote Windows host.

Description

CrowdStrike Falcon Sensor, an agent for the Falcon platform, is installed on the remote Windows host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/140633

]]> <![CDATA[ClamAV Installed (Linux)]]> https://www.tenable.com/plugins/nessus/139918 https://www.tenable.com/plugins/nessus/139918 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 139918 with Info Severity

Synopsis

Checks the packages and file system on the remote Linux host for a ClamAV installation.

Description

ClamAV, an open source anti-virus software package from Cisco, has been detected on the remote Linux host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/139918

]]> <![CDATA[BitDefender Endpoint Security Tools Detection (Windows)]]> https://www.tenable.com/plugins/nessus/136761 https://www.tenable.com/plugins/nessus/136761 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 136761 with Info Severity

Synopsis

An antivirus application is installed on the remote Windows host

Description

BitDefender Endpoint Security Tools, a commercial antivirus software package, is installed on the remote Windows host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/136761

]]> <![CDATA[VMware Carbon Black Cloud Endpoint Standard Installed (macOS)]]> https://www.tenable.com/plugins/nessus/134216 https://www.tenable.com/plugins/nessus/134216 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 134216 with Info Severity

Synopsis

VMware Carbon Black Cloud Endpoint Standard is installed on the remote macOS host.

Description

VMware Carbon Black Cloud Endpoint Standard, formerly Cb Defense and Confer, is installed on the remote macOS host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/134216

]]> <![CDATA[Sophos Anti-Virus Detection and Status (Linux)]]> https://www.tenable.com/plugins/nessus/133963 https://www.tenable.com/plugins/nessus/133963 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 133963 with Critical Severity

Synopsis

An antivirus application is installed on the remote host, but it is not working properly.

Description

Sophos Anti-Virus for Linux, a commercial antivirus software package, is installed on the remote host. However, there is a problem with the installation; either its services are not running or its engine and/or virus definitions are out of date.

Solution

Make sure that updates are working and the associated services are running.

Read more at https://www.tenable.com/plugins/nessus/133963

]]> <![CDATA[Sophos Anti-Virus Installed (Linux)]]> https://www.tenable.com/plugins/nessus/133962 https://www.tenable.com/plugins/nessus/133962 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 133962 with Info Severity

Synopsis

Sophos Anti-Virus is installed on the remote Linux host.

Description

Sophos Anti-Virus, a commercial antivirus software package for Linux, is installed on the remote host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/133962

]]> <![CDATA[VMware Carbon Black Cloud Endpoint Standard Installed (Windows)]]> https://www.tenable.com/plugins/nessus/133843 https://www.tenable.com/plugins/nessus/133843 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 133843 with Info Severity

Synopsis

VMware Carbon Black Cloud Endpoint Standard is installed on the remote Windows host.

Description

VMware Carbon Black Cloud Endpoint Standard, formerly Cb Defense and Confer, is installed on the remote Windows host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/133843

]]> <![CDATA[Sophos Anti-Virus Installed (Windows)]]> https://www.tenable.com/plugins/nessus/131725 https://www.tenable.com/plugins/nessus/131725 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 131725 with Info Severity

Synopsis

An antivirus application is installed on the remote Windows host.

Description

Sophos Anti-Virus, a commercial antivirus software package for Windows, is installed on the remote host.

Solution

n/a.

Read more at https://www.tenable.com/plugins/nessus/131725

]]> <![CDATA[Trellix Endpoint Security and Module Detection]]> https://www.tenable.com/plugins/nessus/124366 https://www.tenable.com/plugins/nessus/124366 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 124366 with Info Severity

Synopsis

A security application is installed on the remote Windows host.

Description

Trellix Endpoint Security (formerly McAfee), a security application with multiple optional modules, is installed on the remote Windows host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/124366

]]> <![CDATA[CylancePROTECT Detection (Mac OS X)]]> https://www.tenable.com/plugins/nessus/106758 https://www.tenable.com/plugins/nessus/106758 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 106758 with Info Severity

Synopsis

The remote Mac OS X host contains an antivirus application.

Description

CylancePROTECT, an antivirus application, is installed on the remote Mac OS X host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/106758

]]> <![CDATA[CylancePROTECT Detection]]> https://www.tenable.com/plugins/nessus/106757 https://www.tenable.com/plugins/nessus/106757 Mon, 16 Mar 2026 00:00:00 GMT Nessus Plugin ID 106757 with Info Severity

Synopsis

The remote Windows host contains an antivirus application.

Description

CylancePROTECT, an antivirus application, is installed on the Windows host.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/106757

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3922]]> https://www.tenable.com/plugins/nessus/301972 https://www.tenable.com/plugins/nessus/301972 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301972 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Use after free in MediaStream in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3922)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301972

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3937]]> https://www.tenable.com/plugins/nessus/301971 https://www.tenable.com/plugins/nessus/301971 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301971 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) (CVE-2026-3937)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301971

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3916]]> https://www.tenable.com/plugins/nessus/301970 https://www.tenable.com/plugins/nessus/301970 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301970 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3916)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301970

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3917]]> https://www.tenable.com/plugins/nessus/301968 https://www.tenable.com/plugins/nessus/301968 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301968 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Use after free in Agents in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3917)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301968

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3926]]> https://www.tenable.com/plugins/nessus/301967 https://www.tenable.com/plugins/nessus/301967 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301967 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Out of bounds read in V8 in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3926)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301967

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3941]]> https://www.tenable.com/plugins/nessus/301966 https://www.tenable.com/plugins/nessus/301966 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301966 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) (CVE-2026-3941)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301966

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3934]]> https://www.tenable.com/plugins/nessus/301965 https://www.tenable.com/plugins/nessus/301965 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301965 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3934)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301965

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3915]]> https://www.tenable.com/plugins/nessus/301964 https://www.tenable.com/plugins/nessus/301964 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301964 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3915)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301964

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3919]]> https://www.tenable.com/plugins/nessus/301963 https://www.tenable.com/plugins/nessus/301963 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301963 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Use after free in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
 (Chromium security severity: High) (CVE-2026-3919)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301963

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3924]]> https://www.tenable.com/plugins/nessus/301962 https://www.tenable.com/plugins/nessus/301962 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301962 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
 (Chromium security severity: High) (CVE-2026-3924)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301962

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3940]]> https://www.tenable.com/plugins/nessus/301961 https://www.tenable.com/plugins/nessus/301961 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301961 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) (CVE-2026-3940)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301961

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3914]]> https://www.tenable.com/plugins/nessus/301959 https://www.tenable.com/plugins/nessus/301959 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301959 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Integer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3914)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301959

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3918]]> https://www.tenable.com/plugins/nessus/301958 https://www.tenable.com/plugins/nessus/301958 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301958 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3918)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301958

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3930]]> https://www.tenable.com/plugins/nessus/301957 https://www.tenable.com/plugins/nessus/301957 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301957 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Unsafe navigation in Navigation in Google Chrome on iOS prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3930)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301957

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3928]]> https://www.tenable.com/plugins/nessus/301956 https://www.tenable.com/plugins/nessus/301956 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301956 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium) (CVE-2026-3928)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301956

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3923]]> https://www.tenable.com/plugins/nessus/301955 https://www.tenable.com/plugins/nessus/301955 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301955 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Use after free in WebMIDI in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3923)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301955

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3939]]> https://www.tenable.com/plugins/nessus/301954 https://www.tenable.com/plugins/nessus/301954 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301954 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. (Chromium security severity: Low) (CVE-2026-3939)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301954

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3932]]> https://www.tenable.com/plugins/nessus/301953 https://www.tenable.com/plugins/nessus/301953 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301953 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3932)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301953

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3938]]> https://www.tenable.com/plugins/nessus/301952 https://www.tenable.com/plugins/nessus/301952 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301952 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
 (Chromium security severity: Low) (CVE-2026-3938)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301952

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3936]]> https://www.tenable.com/plugins/nessus/301951 https://www.tenable.com/plugins/nessus/301951 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301951 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3936)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301951

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3929]]> https://www.tenable.com/plugins/nessus/301950 https://www.tenable.com/plugins/nessus/301950 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301950 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Side-channel information leakage in ResourceTiming in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3929)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301950

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3921]]> https://www.tenable.com/plugins/nessus/301949 https://www.tenable.com/plugins/nessus/301949 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301949 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Use after free in TextEncoding in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3921)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301949

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3927]]> https://www.tenable.com/plugins/nessus/301948 https://www.tenable.com/plugins/nessus/301948 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301948 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3927)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301948

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3913]]> https://www.tenable.com/plugins/nessus/301947 https://www.tenable.com/plugins/nessus/301947 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301947 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) (CVE-2026-3913)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301947

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3920]]> https://www.tenable.com/plugins/nessus/301946 https://www.tenable.com/plugins/nessus/301946 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301946 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Out of bounds memory access in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3920)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301946

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3942]]> https://www.tenable.com/plugins/nessus/301945 https://www.tenable.com/plugins/nessus/301945 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301945 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) (CVE-2026-3942)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301945

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3931]]> https://www.tenable.com/plugins/nessus/301944 https://www.tenable.com/plugins/nessus/301944 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301944 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Heap buffer overflow in Skia in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3931)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301944

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3925]]> https://www.tenable.com/plugins/nessus/301943 https://www.tenable.com/plugins/nessus/301943 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301943 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3925)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301943

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3935]]> https://www.tenable.com/plugins/nessus/301942 https://www.tenable.com/plugins/nessus/301942 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301942 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3935)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301942

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-30928]]> https://www.tenable.com/plugins/nessus/301856 https://www.tenable.com/plugins/nessus/301856 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301856 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file (glances.conf) via self.config.as_dict() with no filtering of sensitive values. The configuration file contains credentials for all configured backend services including database passwords, API tokens, JWT signing keys, and SSL key passwords. This vulnerability is fixed in 4.5.1. (CVE-2026-30928)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301856

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-1940]]> https://www.tenable.com/plugins/nessus/301748 https://www.tenable.com/plugins/nessus/301748 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301748 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.1 release: Twelve security vulnerabilities were addressed, including: These could lead to application crashes or potentially arbitrary code execution. (CVE-2026-1940)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301748

]]> <![CDATA[Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gnupg2 (UTSA-2026-005933)]]> https://www.tenable.com/plugins/nessus/301658 https://www.tenable.com/plugins/nessus/301658 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301658 with High Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005933 advisory.

 In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected gnupg2 package.

Read more at https://www.tenable.com/plugins/nessus/301658

]]> <![CDATA[Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: iperf3 (UTSA-2026-005934)]]> https://www.tenable.com/plugins/nessus/301657 https://www.tenable.com/plugins/nessus/301657 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301657 with Critical Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005934 advisory.

 In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected iperf3 package.

Read more at https://www.tenable.com/plugins/nessus/301657

]]> <![CDATA[Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-005918)]]> https://www.tenable.com/plugins/nessus/301497 https://www.tenable.com/plugins/nessus/301497 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301497 with High Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005918 advisory.

 Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form- data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type:
 multipart/form-data` in a proxy.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected python-tornado package.

Read more at https://www.tenable.com/plugins/nessus/301497

]]> <![CDATA[Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: transfig (UTSA-2026-005916)]]> https://www.tenable.com/plugins/nessus/301482 https://www.tenable.com/plugins/nessus/301482 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301482 with High Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005916 advisory.

 A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected transfig package.

Read more at https://www.tenable.com/plugins/nessus/301482

]]> <![CDATA[Unity Linux 20.1060a / 20.1070a Security Update: net-snmp (UTSA-2026-005913)]]> https://www.tenable.com/plugins/nessus/301481 https://www.tenable.com/plugins/nessus/301481 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301481 with Critical Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005913 advisory.

 net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected net-snmp package.

Read more at https://www.tenable.com/plugins/nessus/301481

]]> <![CDATA[Unity Linux 20.1060a / 20.1070a Security Update: glib2 (UTSA-2026-005914)]]> https://www.tenable.com/plugins/nessus/301480 https://www.tenable.com/plugins/nessus/301480 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301480 with High Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005914 advisory.

 A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected glib2 package.

Read more at https://www.tenable.com/plugins/nessus/301480

]]> <![CDATA[Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libreoffice (UTSA-2026-005915)]]> https://www.tenable.com/plugins/nessus/301479 https://www.tenable.com/plugins/nessus/301479 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301479 with High Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005915 advisory.

 LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments.
 This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected libreoffice package.

Read more at https://www.tenable.com/plugins/nessus/301479

]]> <![CDATA[Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-005912)]]> https://www.tenable.com/plugins/nessus/301468 https://www.tenable.com/plugins/nessus/301468 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301468 with High Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005912 advisory.

 Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, a single maliciously crafted HTTP request can block the server's event loop for an extended period, caused by the HTTPHeaders.add method. The function accumulates values using string concatenation when the same header name is repeated, causing a Denial of Service (DoS). Due to Python string immutability, each concatenation copies the entire string, resulting in O(n) time complexity. The severity can vary from high if max_header_size has been increased from its default, to low if it has its default value of 64KB.
 This issue is fixed in version 6.5.3.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected python-tornado package.

Read more at https://www.tenable.com/plugins/nessus/301468

]]> <![CDATA[Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-005911)]]> https://www.tenable.com/plugins/nessus/301467 https://www.tenable.com/plugins/nessus/301467 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 301467 with High Severity

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005911 advisory.

 Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and below use an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The
 _parseparam function in httputil.py is used to parse specific HTTP header values, such as those in multipart/form-data and repeatedly calls string.count() within a nested loop while processing quoted semicolons. If an attacker sends a request with a large number of maliciously crafted parameters in a Content-Disposition header, the server's CPU usage increases quadratically (O(n)) during parsing. Due to Tornado's single event loop architecture, a single malicious request can cause the entire server to become unresponsive for an extended period. This issue is fixed in version 6.5.3.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected python-tornado package.

Read more at https://www.tenable.com/plugins/nessus/301467

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3441]]> https://www.tenable.com/plugins/nessus/300633 https://www.tenable.com/plugins/nessus/300633 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 300633 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Debian Linux - binutils - A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service. Red Hat Enterprise Linux - binutils: GNU Binutils: Information disclosure via specially crafted XCOFF object file Ubuntu Linux - [Unknown description] (CVE-2026-3441)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300633

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3442]]> https://www.tenable.com/plugins/nessus/300628 https://www.tenable.com/plugins/nessus/300628 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 300628 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Debian Linux - binutils - A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service. Red Hat Enterprise Linux - binutils: GNU Binutils:
 Information disclosure or denial of service via out-of-bounds read in bfd linker Ubuntu Linux - [Unknown description] (CVE-2026-3442)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/300628

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-21620]]> https://www.tenable.com/plugins/nessus/299721 https://www.tenable.com/plugins/nessus/299721 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 299721 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftp_file modules), erlang otp inets (tftp_file modules), erlang otp tftp (tftp_file modules) allows Relative Path Traversal. This vulnerability is associated with program files lib/tftp/src/tftp_file.erl, src/tftp_file.erl. This issue affects otp: from 17.0, from 07b8f441ca711f9812fad9e9115bab3c3aa92f79; otp:
 from 5.10 before 7.0; otp: from 1.0. (CVE-2026-21620)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299721

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-15281]]> https://www.tenable.com/plugins/nessus/294814 https://www.tenable.com/plugins/nessus/294814 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 294814 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process. (CVE-2025-15281)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/294814

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-0915]]> https://www.tenable.com/plugins/nessus/288876 https://www.tenable.com/plugins/nessus/288876 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 288876 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver. (CVE-2026-0915)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/288876

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-0861]]> https://www.tenable.com/plugins/nessus/286817 https://www.tenable.com/plugins/nessus/286817 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 286817 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1<<62+ 1, 1<<63] and exactly 1<<63 for posix_memalign and aligned_alloc. Typically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments. (CVE-2026-0861)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/286817

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-11494]]> https://www.tenable.com/plugins/nessus/270211 https://www.tenable.com/plugins/nessus/270211 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 270211 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.
 (CVE-2025-11494)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/270211

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-47229]]> https://www.tenable.com/plugins/nessus/244776 https://www.tenable.com/plugins/nessus/244776 Sun, 15 Mar 2026 00:00:00 GMT Nessus Plugin ID 244776 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service (var_set_leave_quiet assertion failure and application exit) via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code. (CVE-2025-47229)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/244776

]]> <![CDATA[Oracle Linux 8 / 9 : dtrace (ELSA-2026-50152)]]> https://www.tenable.com/plugins/nessus/302228 https://www.tenable.com/plugins/nessus/302228 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 302228 with Critical Severity

Synopsis

The remote Oracle Linux host is missing a security update.

Description

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50152 advisory.

 [2.0.6-1]
 - Fix dtprobed unsafe probe description handling (CVE-2026-21991).
 [Orabug: 39054018]

 Credit Statement The following people or organizations reported security vulnerabilities addressed by this ELSA to Oracle:
 Dhiraj Mishra: CVE-2026-21991

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected dtrace, dtrace-devel and / or dtrace-testsuite packages.

Read more at https://www.tenable.com/plugins/nessus/302228

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-21619]]> https://www.tenable.com/plugins/nessus/302196 https://www.tenable.com/plugins/nessus/302196 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 302196 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4. This issue affects hex_core: from 0.1.0 before 0.12.1; hex:
 from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0. (CVE-2026-21619)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302196

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-32141]]> https://www.tenable.com/plugins/nessus/302061 https://www.tenable.com/plugins/nessus/302061 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 302061 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process. This vulnerability is fixed in 3.4.0. (CVE-2026-32141)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302061

]]> <![CDATA[Debian dsa-6162 : ata-modules-6.12.74+deb13+1-armmp-di - security update]]> https://www.tenable.com/plugins/nessus/302010 https://www.tenable.com/plugins/nessus/302010 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 302010 with High Severity

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6162 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6162-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 12, 2026 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : linux CVE ID : CVE-2025-71238 CVE-2026-23100 CVE-2026-23221 CVE-2026-23233 CVE-2026-23234 CVE-2026-23235 CVE-2026-23236 CVE-2026-23237 CVE-2026-23238

 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

 The Qualys Threat Research Unit (TRU) discovered several vulnerabilities in Apparmor. Details can be found in the Qualys advisory at https://www.qualys.com/2026/03/10/crack-armor.txt

 For the stable distribution (trixie), these problems have been fixed in version 6.12.74-2.

 We recommend that you upgrade your linux packages.

 For the detailed security status of linux please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/linux

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the ata-modules-6.12.74+deb13+1-armmp-di packages.

Read more at https://www.tenable.com/plugins/nessus/302010

]]> <![CDATA[RockyLinux 8 : virt:rhel and virt-devel:rhel (RLSA-2023:5264)]]> https://www.tenable.com/plugins/nessus/301880 https://www.tenable.com/plugins/nessus/301880 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 301880 with High Severity

Synopsis

The remote RockyLinux host is missing one or more security updates.

Description

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5264 advisory.

 * QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service (CVE-2023-3354)

 * NTFS-3G: buffer overflow issue in NTFS-3G can cause code execution via crafted metadata in an NTFS image (CVE-2022-40284)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301880

]]> <![CDATA[RockyLinux 8 : postgresql:16 (RLSA-2026:4063)]]> https://www.tenable.com/plugins/nessus/301558 https://www.tenable.com/plugins/nessus/301558 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 301558 with High Severity

Synopsis

The remote RockyLinux host is missing one or more security updates.

Description

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4063 advisory.

 * postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code (CVE-2026-2006)

 * postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code (CVE-2026-2004)

 * postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code (CVE-2026-2005)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301558

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-23925]]> https://www.tenable.com/plugins/nessus/301541 https://www.tenable.com/plugins/nessus/301541 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 301541 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - An authenticated Zabbix user (User role) with template/host write permissions is able to create objects via the configuration.import API. This can lead to confidentiality loss by creating unauthorized hosts.
 Note that the User role is normally not sufficient to create and edit templates/hosts even with write permissions. (CVE-2026-23925)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301541

]]> <![CDATA[RockyLinux 8 : postgresql:15 (RLSA-2026:4059)]]> https://www.tenable.com/plugins/nessus/301540 https://www.tenable.com/plugins/nessus/301540 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 301540 with High Severity

Synopsis

The remote RockyLinux host is missing one or more security updates.

Description

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4059 advisory.

 * postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code (CVE-2026-2006)

 * postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code (CVE-2026-2004)

 * postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code (CVE-2026-2005)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301540

]]> <![CDATA[RockyLinux 8 : postgresql:13 (RLSA-2026:4024)]]> https://www.tenable.com/plugins/nessus/301539 https://www.tenable.com/plugins/nessus/301539 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 301539 with High Severity

Synopsis

The remote RockyLinux host is missing one or more security updates.

Description

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4024 advisory.

 * postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code (CVE-2026-2006)

 * postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code (CVE-2026-2004)

 * postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code (CVE-2026-2005)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301539

]]> <![CDATA[RockyLinux 8 : postgresql:12 (RLSA-2026:4064)]]> https://www.tenable.com/plugins/nessus/301538 https://www.tenable.com/plugins/nessus/301538 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 301538 with High Severity

Synopsis

The remote RockyLinux host is missing one or more security updates.

Description

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4064 advisory.

 * postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code (CVE-2026-2006)

 * postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code (CVE-2026-2004)

 * postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code (CVE-2026-2005)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301538

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2219]]> https://www.tenable.com/plugins/nessus/301114 https://www.tenable.com/plugins/nessus/301114 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 301114 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU). (CVE-2026-2219)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301114

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2048]]> https://www.tenable.com/plugins/nessus/299704 https://www.tenable.com/plugins/nessus/299704 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 299704 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28591.
 (CVE-2026-2048)

 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP.
 User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. (CVE-2026-2048)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299704

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-0797]]> https://www.tenable.com/plugins/nessus/299702 https://www.tenable.com/plugins/nessus/299702 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 299702 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28599.
 (CVE-2026-0797)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299702

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2044]]> https://www.tenable.com/plugins/nessus/299701 https://www.tenable.com/plugins/nessus/299701 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 299701 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PGM files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28158. (CVE-2026-2044)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299701

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2045]]> https://www.tenable.com/plugins/nessus/299700 https://www.tenable.com/plugins/nessus/299700 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 299700 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28265.
 (CVE-2026-2045)

 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP.
 User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. (CVE-2026-2045)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/299700

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-21968]]> https://www.tenable.com/plugins/nessus/297725 https://www.tenable.com/plugins/nessus/297725 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 297725 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.
 Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2026-21968)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/297725

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-24765]]> https://www.tenable.com/plugins/nessus/297036 https://www.tenable.com/plugins/nessus/297036 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 297036 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the `cleanupForCoverage()` method, which deserializes code coverage files without validation, potentially allowing remote code execution if malicious `.coverage` files are present prior to the execution of the PHPT test. The vulnerability occurs when a `.coverage` file, which should not exist before test execution, is deserialized without the `allowed_classes` parameter restriction. An attacker with local file write access can place a malicious serialized object with a `__wakeup()` method into the file system, leading to arbitrary code execution during test runs with code coverage instrumentation enabled. This vulnerability requires local file write access to the location where PHPUnit stores or expects code coverage files for PHPT tests. This can occur through CI/CD pipeline attacks, the local development environment, and/or compromised dependencies. Rather than just silently sanitizing the input via `['allowed_classes' => false]`, the maintainer has chosen to make the anomalous state explicit by treating pre-existing `.coverage` files for PHPT tests as an error condition. Starting in versions in versions 12.5.8, 11.5.50, 10.5.62, 9.6.33, when a `.coverage` file is detected for a PHPT test prior to execution, PHPUnit will emit a clear error message identifying the anomalous state.
 Organizations can reduce the effective risk of this vulnerability through proper CI/CD configuration, including ephemeral runners, code review enforcement, branch protection, artifact isolation, and access control. (CVE-2026-24765)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/297036

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-58150]]> https://www.tenable.com/plugins/nessus/296777 https://www.tenable.com/plugins/nessus/296777 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 296777 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing. (CVE-2025-58150)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/296777

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-24486]]> https://www.tenable.com/plugins/nessus/296740 https://www.tenable.com/plugins/nessus/296740 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 296740 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting a malicious filename. Users should upgrade to version 0.0.22 to receive a patch or, as a workaround, avoid using `UPLOAD_KEEP_FILENAME=True` in project configurations. (CVE-2026-24486)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/296740

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-23949]]> https://www.tenable.com/plugins/nessus/293775 https://www.tenable.com/plugins/nessus/293775 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 293775 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed. The strip_first_component filter splits the path on the first `/` and extracts the second component, while allowing `../` sequences. Paths like `dummy_dir/../../etc/passwd` become `../../etc/passwd`. Note that this suffers from a nested tarball attack as well with multi-level tar files such as `dummy_dir/inner.tar.gz`, where the inner.tar.gz includes a traversal `dummy_dir/../../config/.env` that also gets translated to `../../config/.env`.
 Version 6.1.0 contains a patch for the issue. (CVE-2026-23949)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/293775

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-56226]]> https://www.tenable.com/plugins/nessus/286805 https://www.tenable.com/plugins/nessus/286805 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 286805 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file. (CVE-2025-56226)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/286805

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-0665]]> https://www.tenable.com/plugins/nessus/282642 https://www.tenable.com/plugins/nessus/282642 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 282642 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption. (CVE-2026-0665)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/282642

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-56225]]> https://www.tenable.com/plugins/nessus/282581 https://www.tenable.com/plugins/nessus/282581 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 282581 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file. (CVE-2025-56225)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/282581

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-67268]]> https://www.tenable.com/plugins/nessus/281617 https://www.tenable.com/plugins/nessus/281617 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 281617 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/driver_nmea2000.c file. The hnd_129540 function, which handles NMEA2000 PGN 129540 (GNSS Satellites in View) packets, fails to validate the user-supplied satellite count against the size of the skyview array (184 elements). This allows an attacker to write beyond the bounds of the array by providing a satellite count up to 255, leading to memory corruption, Denial of Service (DoS), and potentially arbitrary code execution. (CVE-2025-67268)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/281617

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-67269]]> https://www.tenable.com/plugins/nessus/281614 https://www.tenable.com/plugins/nessus/281614 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 281614 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit `ffa1d6f40bca0b035fc7f5e563160ebb67199da7`. When parsing a NAVCOM packet, the payload length is calculated using `lexer->length = (size_t)c - 4` without checking if the input byte `c` is less than 4. This results in an unsigned integer underflow, setting `lexer->length` to a very large value (near `SIZE_MAX`). The parser then enters a loop attempting to consume this massive number of bytes, causing 100% CPU utilization and a Denial of Service (DoS) condition. (CVE-2025-67269)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/281614

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-69195]]> https://www.tenable.com/plugins/nessus/281492 https://www.tenable.com/plugins/nessus/281492 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 281492 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities. (CVE-2025-69195)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/281492

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-69194]]> https://www.tenable.com/plugins/nessus/281490 https://www.tenable.com/plugins/nessus/281490 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 281490 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially allow further compromise of the user's environment. (CVE-2025-69194)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/281490

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-34457]]> https://www.tenable.com/plugins/nessus/279645 https://www.tenable.com/plugins/nessus/279645 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 279645 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 694c954, contain a stack- based buffer overflow vulnerability in the function kiss_rec_byte() located in src/kiss_frame.c. When processing crafted KISS frames that reach the maximum allowed frame length (MAX_KISS_LEN), the function appends a terminating FEND byte without reserving sufficient space in the stack buffer. This results in an out-of-bounds write followed by an out-of-bounds read during the subsequent call to kiss_unwrap(), leading to stack memory corruption or application crashes. This vulnerability may allow remote unauthenticated attackers to trigger a denial-of-service condition. (CVE-2025-34457)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279645

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-14876]]> https://www.tenable.com/plugins/nessus/279386 https://www.tenable.com/plugins/nessus/279386 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 279386 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service (DoS) on the host system by causing the QEMU process to terminate unexpectedly.
 (CVE-2025-14876)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279386

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-68114]]> https://www.tenable.com/plugins/nessus/279253 https://www.tenable.com/plugins/nessus/279253 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 279253 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream's index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit 2c7797182a1618be12017d7d41e0b6581d5d529e fixes the issue. (CVE-2025-68114)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279253

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-67873]]> https://www.tenable.com/plugins/nessus/279252 https://www.tenable.com/plugins/nessus/279252 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 279252 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds- checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767ab33b82166d263895f24084b75b316df3 fixes the issue. (CVE-2025-67873)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/279252

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-68146]]> https://www.tenable.com/plugins/nessus/278912 https://www.tenable.com/plugins/nessus/278912 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 278912 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check- Time-of-Use (TOCTOU) race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation where filelock checks if a file exists before opening it with O_TRUNC. An attacker can create a symlink pointing to a victim file in the time gap between the check and open, causing os.open() to follow the symlink and truncate the target file. All users of filelock on Unix, Linux, macOS, and Windows systems are impacted.
 The vulnerability cascades to dependent libraries. The attack requires local filesystem access and ability to create symlinks (standard user permissions on Unix; Developer Mode on Windows 10+). Exploitation succeeds within 1-3 attempts when lock file paths are predictable. The issue is fixed in version 3.20.1.
 If immediate upgrade is not possible, use SoftFileLock instead of UnixFileLock/WindowsFileLock (note:
 different locking semantics, may not be suitable for all use cases); ensure lock file directories have restrictive permissions (chmod 0700) to prevent untrusted users from creating symlinks; and/or monitor lock file directories for suspicious symlinks before running trusted applications. These workarounds provide only partial mitigation. The race condition remains exploitable. Upgrading to version 3.20.1 is strongly recommended. (CVE-2025-68146)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/278912

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-49643]]> https://www.tenable.com/plugins/nessus/277124 https://www.tenable.com/plugins/nessus/277124 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 277124 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.
 (CVE-2025-49643)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/277124

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-13699]]> https://www.tenable.com/plugins/nessus/276980 https://www.tenable.com/plugins/nessus/276980 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 276980 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of view names. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27000.
 (CVE-2025-13699)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/276980

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-63938]]> https://www.tenable.com/plugins/nessus/276975 https://www.tenable.com/plugins/nessus/276975 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 276975 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the strip_return_port() function within src/reqs.c. (CVE-2025-63938)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/276975

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-66034]]> https://www.tenable.com/plugins/nessus/276970 https://www.tenable.com/plugins/nessus/276970 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 276970 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2. (CVE-2025-66034)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/276970

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-62727]]> https://www.tenable.com/plugins/nessus/271968 https://www.tenable.com/plugins/nessus/271968 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 271968 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denialofservice for endpoints serving files (e.g., StaticFiles or any use of FileResponse). This vulnerability is fixed in 0.49.1. (CVE-2025-62727)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/271968

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-49641]]> https://www.tenable.com/plugins/nessus/269411 https://www.tenable.com/plugins/nessus/269411 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 269411 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A regular Zabbix user with no permission to the Monitoring -> Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems. (CVE-2025-49641)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/269411

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-27236]]> https://www.tenable.com/plugins/nessus/269410 https://www.tenable.com/plugins/nessus/269410 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 269410 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to.
 (CVE-2025-27236)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/269410

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-27231]]> https://www.tenable.com/plugins/nessus/269409 https://www.tenable.com/plugins/nessus/269409 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 269409 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change. (CVE-2025-27231)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/269409

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-61985]]> https://www.tenable.com/plugins/nessus/269333 https://www.tenable.com/plugins/nessus/269333 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 269333 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. (CVE-2025-61985)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/269333

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-61984]]> https://www.tenable.com/plugins/nessus/269332 https://www.tenable.com/plugins/nessus/269332 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 269332 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) (CVE-2025-61984)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/269332

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-9648]]> https://www.tenable.com/plugins/nessus/266288 https://www.tenable.com/plugins/nessus/266288 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 266288 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A vulnerability in the CivetWeb library's function mg_handle_form_request allows remote attackers to trigger a denial of service (DoS) condition. By sending a specially crafted HTTP POST request containing a null byte in the payload, the server enters an infinite loop during form data parsing. Multiple malicious requests will result in complete CPU exhaustion and render the service unresponsive to further requests.
 This issue was fixed in commit 782e189. This issue affects only the library, standalone executable pre- built by vendor is not affected. (CVE-2025-9648)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/266288

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-48041]]> https://www.tenable.com/plugins/nessus/264763 https://www.tenable.com/plugins/nessus/264763 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 264763 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12. (CVE-2025-48041)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/264763

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-48039]]> https://www.tenable.com/plugins/nessus/264760 https://www.tenable.com/plugins/nessus/264760 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 264760 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12. (CVE-2025-48039)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/264760

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-48038]]> https://www.tenable.com/plugins/nessus/264752 https://www.tenable.com/plugins/nessus/264752 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 264752 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12. (CVE-2025-48038)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/264752

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-48040]]> https://www.tenable.com/plugins/nessus/264748 https://www.tenable.com/plugins/nessus/264748 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 264748 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12. (CVE-2025-48040)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/264748

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-27238]]> https://www.tenable.com/plugins/nessus/264706 https://www.tenable.com/plugins/nessus/264706 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 264706 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them. (CVE-2025-27238)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/264706

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-27233]]> https://www.tenable.com/plugins/nessus/264705 https://www.tenable.com/plugins/nessus/264705 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 264705 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system. (CVE-2025-27233)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/264705

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-7709]]> https://www.tenable.com/plugins/nessus/261660 https://www.tenable.com/plugins/nessus/261660 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 261660 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds. (CVE-2025-7709)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/261660

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-55763]]> https://www.tenable.com/plugins/nessus/260738 https://www.tenable.com/plugins/nessus/260738 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 260738 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution. (CVE-2025-55763)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/260738

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-2588]]> https://www.tenable.com/plugins/nessus/258466 https://www.tenable.com/plugins/nessus/258466 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 258466 with Low Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function re_case_expand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. (CVE-2025-2588)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/258466

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-49589]]> https://www.tenable.com/plugins/nessus/255563 https://www.tenable.com/plugins/nessus/255563 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 255563 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. A stack-based buffer overflow exists in the Kprintf_HLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP Console Logging.
 This vulnerability is fixed in 2.3.414. (CVE-2025-49589)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/255563

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2016-1000107]]> https://www.tenable.com/plugins/nessus/254579 https://www.tenable.com/plugins/nessus/254579 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 254579 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an httpoxy issue. (CVE-2016-1000107)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/254579

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2024-47081]]> https://www.tenable.com/plugins/nessus/248812 https://www.tenable.com/plugins/nessus/248812 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 248812 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session. (CVE-2024-47081)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/248812

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2017-17785]]> https://www.tenable.com/plugins/nessus/221093 https://www.tenable.com/plugins/nessus/221093 Sat, 14 Mar 2026 00:00:00 GMT Nessus Plugin ID 221093 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file- fli/fli.c. (CVE-2017-17785)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/221093

]]> <![CDATA[F5 Compliance Checks]]> https://www.tenable.com/plugins/nessus/95388 https://www.tenable.com/plugins/nessus/95388 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 95388 with Info Severity

Synopsis

Compliance checks for F5 devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/95388

]]> <![CDATA[F5 Settings]]> https://www.tenable.com/plugins/nessus/95387 https://www.tenable.com/plugins/nessus/95387 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 95387 with Info Severity

Synopsis

This plugin configures the F5 settings.

Description

This script initializes the credentials used for F5 services.

To set the credentials, edit your scan policy and go to the 'Preferences -> F5 Settings' section.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/95387

]]> <![CDATA[Arista EOS Compliance Checks]]> https://www.tenable.com/plugins/nessus/92838 https://www.tenable.com/plugins/nessus/92838 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 92838 with Info Severity

Synopsis

Compliance checks for Arista EOS devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/92838

]]> <![CDATA[OpenStack Compliance Checks]]> https://www.tenable.com/plugins/nessus/86349 https://www.tenable.com/plugins/nessus/86349 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 86349 with Info Severity

Synopsis

Compliance checks for OpenStack.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/86349

]]> <![CDATA[OpenStack Settings]]> https://www.tenable.com/plugins/nessus/86348 https://www.tenable.com/plugins/nessus/86348 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 86348 with Info Severity

Synopsis

This plugin configures the OpenStack settings.

Description

This script initializes the credentials used for OpenStack services.

To set the credentials, edit your scan policy and go to the 'Preferences -> OpenStack Settings' section.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/86348

]]> <![CDATA[WatchGuard Compliance Checks]]> https://www.tenable.com/plugins/nessus/86269 https://www.tenable.com/plugins/nessus/86269 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 86269 with Info Severity

Synopsis

Compliance checks for WatchGuard devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/86269

]]> <![CDATA[OVAL Windows Compliance Checks]]> https://www.tenable.com/plugins/nessus/83189 https://www.tenable.com/plugins/nessus/83189 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 83189 with Info Severity

Synopsis

OVAL Compliance checks for Windows systems.

Description

Using the supplied credentials, this script performs a compliance check against the policy specified by OVAL content.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/83189

]]> <![CDATA[OVAL Linux Compliance Checks]]> https://www.tenable.com/plugins/nessus/83188 https://www.tenable.com/plugins/nessus/83188 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 83188 with Info Severity

Synopsis

OVAL Compliance checks for Linux systems.

Description

Using the supplied credentials, this script performs a compliance check against the policy specified by OVAL content.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/83188

]]> <![CDATA[Mobile Device Manager Compliance Checks]]> https://www.tenable.com/plugins/nessus/81914 https://www.tenable.com/plugins/nessus/81914 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 81914 with Info Severity

Synopsis

Compliance checks for Mobile Device Managers.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/81914

]]> <![CDATA[Microsoft Azure Compliance Checks]]> https://www.tenable.com/plugins/nessus/79357 https://www.tenable.com/plugins/nessus/79357 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 79357 with Info Severity

Synopsis

Compliance checks for Microsoft Azure.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/79357

]]> <![CDATA[Rackspace Compliance Checks]]> https://www.tenable.com/plugins/nessus/79356 https://www.tenable.com/plugins/nessus/79356 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 79356 with Info Severity

Synopsis

Compliance checks for Rackspace.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/79356

]]> <![CDATA[Rackspace Settings]]> https://www.tenable.com/plugins/nessus/79355 https://www.tenable.com/plugins/nessus/79355 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 79355 with Info Severity

Synopsis

This plugin configures the Rackspace settings.

Description

This script initializes the credentials used for Rackspace services.

To set the credentials, edit your scan policy and go to the 'Preferences -> Rackspace Settings' section.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/79355

]]> <![CDATA[RHEV Compliance Checks]]> https://www.tenable.com/plugins/nessus/77090 https://www.tenable.com/plugins/nessus/77090 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 77090 with Info Severity

Synopsis

Compliance checks for RHEV.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/77090

]]> <![CDATA[Salesforce.com Compliance Checks]]> https://www.tenable.com/plugins/nessus/76711 https://www.tenable.com/plugins/nessus/76711 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 76711 with Info Severity

Synopsis

Compliance checks for Salesforce.com.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/76711

]]> <![CDATA[MongoDB Compliance Checks]]> https://www.tenable.com/plugins/nessus/76513 https://www.tenable.com/plugins/nessus/76513 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 76513 with Info Severity

Synopsis

Compliance checks for MongoDB services.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/76513

]]> <![CDATA[MongoDB Settings]]> https://www.tenable.com/plugins/nessus/76512 https://www.tenable.com/plugins/nessus/76512 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 76512 with Info Severity

Synopsis

This plugin configures the MongoDB settings.

Description

This script initializes the credentials used for MongoDB services.

To set the credentials, edit your scan policy and go to the 'Preferences -> MongoDB Settings' section.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/76512

]]> <![CDATA[Huawei VRP Compliance Checks]]> https://www.tenable.com/plugins/nessus/73157 https://www.tenable.com/plugins/nessus/73157 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 73157 with Info Severity

Synopsis

Compliance checks for Huawei VRP devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/73157

]]> <![CDATA[Extreme ExtremeXOS Compliance Checks]]> https://www.tenable.com/plugins/nessus/73156 https://www.tenable.com/plugins/nessus/73156 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 73156 with Info Severity

Synopsis

Compliance checks for Extreme ExtremeXOS devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/73156

]]> <![CDATA[Amazon AWS Compliance Checks]]> https://www.tenable.com/plugins/nessus/72426 https://www.tenable.com/plugins/nessus/72426 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 72426 with Info Severity

Synopsis

Compliance checks for Amazon Web Services.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/72426

]]> <![CDATA[Unix File Contents Compliance Checks]]> https://www.tenable.com/plugins/nessus/72095 https://www.tenable.com/plugins/nessus/72095 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 72095 with Info Severity

Synopsis

File contents compliance checks.

Description

Using the supplied credentials, this script performs a Unix file content compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/72095

]]> <![CDATA[Adtran AOS Compliance Checks]]> https://www.tenable.com/plugins/nessus/71991 https://www.tenable.com/plugins/nessus/71991 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 71991 with Info Severity

Synopsis

Compliance checks for Adtran AOS devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/71991

]]> <![CDATA[SonicWALL SonicOS Compliance Checks]]> https://www.tenable.com/plugins/nessus/71955 https://www.tenable.com/plugins/nessus/71955 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 71955 with Info Severity

Synopsis

Compliance checks for SonicWALL SonicOS devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/71955

]]> <![CDATA[Brocade FabricOS Compliance Checks]]> https://www.tenable.com/plugins/nessus/71842 https://www.tenable.com/plugins/nessus/71842 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 71842 with Info Severity

Synopsis

Compliance checks for Brocade FabricOS devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/71842

]]> <![CDATA[BlueCoat ProxySG Compliance Checks]]> https://www.tenable.com/plugins/nessus/70470 https://www.tenable.com/plugins/nessus/70470 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 70470 with Info Severity

Synopsis

Compliance checks for BlueCoat ProxySG devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/70470

]]> <![CDATA[FireEye Compliance Checks]]> https://www.tenable.com/plugins/nessus/70469 https://www.tenable.com/plugins/nessus/70469 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 70469 with Info Severity

Synopsis

Compliance checks for FireEye devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/70469

]]> <![CDATA[Fortigate FortiOS Compliance Checks]]> https://www.tenable.com/plugins/nessus/70272 https://www.tenable.com/plugins/nessus/70272 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 70272 with Info Severity

Synopsis

Compliance checks for Fortigate FortiOS devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/70272

]]> <![CDATA[HP ProCurve Compliance Checks]]> https://www.tenable.com/plugins/nessus/70271 https://www.tenable.com/plugins/nessus/70271 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 70271 with Info Severity

Synopsis

Compliance checks for HP ProCurve devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/70271

]]> <![CDATA[NetApp Data ONTAP Compliance Checks]]> https://www.tenable.com/plugins/nessus/66934 https://www.tenable.com/plugins/nessus/66934 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 66934 with Info Severity

Synopsis

Compliance checks for NetApp Data ONTAP devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/66934

]]> <![CDATA[SCAP Information]]> https://www.tenable.com/plugins/nessus/66759 https://www.tenable.com/plugins/nessus/66759 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 66759 with Info Severity

Synopsis

SCAP Compliance additional information for Linux/Windows systems.

Description

This script reports additional SCAP content information.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/66759

]]> <![CDATA[SCAP XML Results]]> https://www.tenable.com/plugins/nessus/66758 https://www.tenable.com/plugins/nessus/66758 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 66758 with Info Severity

Synopsis

SCAP Compliance check results for Linux/Windows systems.

Description

This script reports SCAP content results including attached ARF, OVAL, and XCCDF results.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/66758

]]> <![CDATA[SCAP Linux Compliance Checks]]> https://www.tenable.com/plugins/nessus/66757 https://www.tenable.com/plugins/nessus/66757 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 66757 with Info Severity

Synopsis

SCAP Compliance checks for Linux systems.

Description

Using the supplied credentials, this script performs a compliance check against the policy specified by SCAP content.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/66757

]]> <![CDATA[SCAP Windows Compliance Checks]]> https://www.tenable.com/plugins/nessus/66756 https://www.tenable.com/plugins/nessus/66756 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 66756 with Info Severity

Synopsis

SCAP Compliance checks for Windows systems.

Description

Using the supplied credentials, this script performs a compliance check against the policy specified by SCAP content.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/66756

]]> <![CDATA[VMware vCenter/vSphere Compliance Checks]]> https://www.tenable.com/plugins/nessus/64455 https://www.tenable.com/plugins/nessus/64455 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 64455 with Info Severity

Synopsis

Compliance checks for VMware vCenter/vSphere devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/64455

]]> <![CDATA[Palo Alto Networks PAN-OS Compliance Checks]]> https://www.tenable.com/plugins/nessus/64095 https://www.tenable.com/plugins/nessus/64095 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 64095 with Info Severity

Synopsis

Compliance checks for Palo Alto PAN-OS

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/64095

]]> <![CDATA[Juniper Junos Compliance Checks]]> https://www.tenable.com/plugins/nessus/62680 https://www.tenable.com/plugins/nessus/62680 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 62680 with Info Severity

Synopsis

Compliance checks for Juniper Junos devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/62680

]]> <![CDATA[Check Point GAiA Compliance Checks]]> https://www.tenable.com/plugins/nessus/62679 https://www.tenable.com/plugins/nessus/62679 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 62679 with Info Severity

Synopsis

Compliance checks for Check Point GAiA devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/62679

]]> <![CDATA[IBM iSeries Compliance Checks]]> https://www.tenable.com/plugins/nessus/57860 https://www.tenable.com/plugins/nessus/57860 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 57860 with Info Severity

Synopsis

Compliance checks for IBM iSeries devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/57860

]]> <![CDATA[Cisco IOS Compliance Checks]]> https://www.tenable.com/plugins/nessus/46689 https://www.tenable.com/plugins/nessus/46689 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 46689 with Info Severity

Synopsis

Compliance checks for Cisco IOS devices.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/46689

]]> <![CDATA[Database Compliance Checks]]> https://www.tenable.com/plugins/nessus/33814 https://www.tenable.com/plugins/nessus/33814 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 33814 with Info Severity

Synopsis

Compliance checks for database servers.

Description

Using the supplied credentials, this script performs a compliance check against the given policy.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/33814

]]> <![CDATA[RHEL 10 : .NET 9.0 (RHSA-2026:4450)]]> https://www.tenable.com/plugins/nessus/302042 https://www.tenable.com/plugins/nessus/302042 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 302042 with High Severity

Synopsis

The remote Red Hat host is missing one or more security updates for .NET 9.0.

Description

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4450 advisory.

 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

 New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.115 and .NET Runtime 9.0.14.Security Fix(es):

 * .net: .NET: Denial of Service via out-of-bounds read (CVE-2026-26127)

 * asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (CVE-2026-26130)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL .NET 9.0 package based on the guidance in RHSA-2026:4450.

Read more at https://www.tenable.com/plugins/nessus/302042

]]> <![CDATA[RHEL 8 : .NET 10.0 (RHSA-2026:4458)]]> https://www.tenable.com/plugins/nessus/302041 https://www.tenable.com/plugins/nessus/302041 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 302041 with High Severity

Synopsis

The remote Red Hat host is missing one or more security updates for .NET 10.0.

Description

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4458 advisory.

 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

 New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.104 and .NET Runtime 10.0.4.Security Fix(es):

 * .net: .NET: Denial of Service via out-of-bounds read (CVE-2026-26127)

 * asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (CVE-2026-26130)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL .NET 10.0 package based on the guidance in RHSA-2026:4458.

Read more at https://www.tenable.com/plugins/nessus/302041

]]> <![CDATA[RHEL 10 : .NET 10.0 (RHSA-2026:4453)]]> https://www.tenable.com/plugins/nessus/302035 https://www.tenable.com/plugins/nessus/302035 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 302035 with High Severity

Synopsis

The remote Red Hat host is missing one or more security updates for .NET 10.0.

Description

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4453 advisory.

 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

 New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.104 and .NET Runtime 10.0.4.Security Fix(es):

 * .net: .NET: Denial of Service via out-of-bounds read (CVE-2026-26127)

 * asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (CVE-2026-26130)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL .NET 10.0 package based on the guidance in RHSA-2026:4453.

Read more at https://www.tenable.com/plugins/nessus/302035

]]> <![CDATA[RHEL 9 : .NET 10.0 (RHSA-2026:4445)]]> https://www.tenable.com/plugins/nessus/302028 https://www.tenable.com/plugins/nessus/302028 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 302028 with High Severity

Synopsis

The remote Red Hat host is missing one or more security updates for .NET 10.0.

Description

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4445 advisory.

 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

 New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.104 and .NET Runtime 10.0.4.Security Fix(es):

 * .net: .NET: Denial of Service via out-of-bounds read (CVE-2026-26127)

 * asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (CVE-2026-26130)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL .NET 10.0 package based on the guidance in RHSA-2026:4445.

Read more at https://www.tenable.com/plugins/nessus/302028

]]> <![CDATA[Debian dsa-6163 : affs-modules-6.1.0-43-4kc-malta-di - security update]]> https://www.tenable.com/plugins/nessus/302008 https://www.tenable.com/plugins/nessus/302008 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 302008 with High Severity

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6163 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6163-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 12, 2026 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : linux CVE ID : CVE-2023-53424 CVE-2024-26822 CVE-2024-57895 CVE-2025-22026 CVE-2025-23155 CVE-2025-37786 CVE-2025-37822 CVE-2025-37920 CVE-2025-38201 CVE-2025-38643 CVE-2025-39763 CVE-2025-40082 CVE-2025-40251 CVE-2025-68358 CVE-2025-71089 CVE-2025-71144 CVE-2025-71220 CVE-2025-71222 CVE-2025-71224 CVE-2025-71232 CVE-2025-71233 CVE-2025-71235 CVE-2025-71236 CVE-2025-71237 CVE-2025-71238 CVE-2026-23111 CVE-2026-23112 CVE-2026-23169 CVE-2026-23176 CVE-2026-23178 CVE-2026-23180 CVE-2026-23182 CVE-2026-23187 CVE-2026-23190 CVE-2026-23193 CVE-2026-23198 CVE-2026-23202 CVE-2026-23205 CVE-2026-23206 CVE-2026-23209 CVE-2026-23216 CVE-2026-23220 CVE-2026-23221 CVE-2026-23222 CVE-2026-23228 CVE-2026-23229 CVE-2026-23230 CVE-2026-23234 CVE-2026-23235 CVE-2026-23236 CVE-2026-23237 CVE-2026-23238

 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

 The Qualys Threat Research Unit (TRU) discovered several vulnerabilities in Apparmor. Details can be found in the Qualys advisory at https://www.qualys.com/2026/03/10/crack-armor.txt

 For the oldstable distribution (bookworm), these problems have been fixed in version 6.1.164-1.

 We recommend that you upgrade your linux packages.

 For the detailed security status of linux please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/linux

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the affs-modules-6.1.0-43-4kc-malta-di packages.

Read more at https://www.tenable.com/plugins/nessus/302008

]]> <![CDATA[Google Chrome < 146.0.7680.75 Vulnerability]]> https://www.tenable.com/plugins/nessus/302007 https://www.tenable.com/plugins/nessus/302007 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 302007 with High Severity

Synopsis

A web browser installed on the remote Windows host is affected by a vulnerability.

Description

The version of Google Chrome installed on the remote Windows host is prior to 146.0.7680.75. It is, therefore, affected by a vulnerability as referenced in the 2026_03_stable-channel-update-for-desktop_12 advisory.

 - Inappropriate implementation in V8. (CVE-2026-3910)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 146.0.7680.75 or later.

Read more at https://www.tenable.com/plugins/nessus/302007

]]> <![CDATA[Google Chrome < 146.0.7680.75 Vulnerability]]> https://www.tenable.com/plugins/nessus/302006 https://www.tenable.com/plugins/nessus/302006 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 302006 with High Severity

Synopsis

A web browser installed on the remote macOS host is affected by a vulnerability.

Description

The version of Google Chrome installed on the remote macOS host is prior to 146.0.7680.75. It is, therefore, affected by a vulnerability as referenced in the 2026_03_stable-channel-update-for-desktop_12 advisory.

 - Inappropriate implementation in V8. (CVE-2026-3910)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 146.0.7680.75 or later.

Read more at https://www.tenable.com/plugins/nessus/302006

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2808]]> https://www.tenable.com/plugins/nessus/302002 https://www.tenable.com/plugins/nessus/302002 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 302002 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5. (CVE-2026-2808)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/302002

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-28356 (deprecated)]]> https://www.tenable.com/plugins/nessus/301999 https://www.tenable.com/plugins/nessus/301999 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301999 with High Severity

Synopsis

This plugin has been deprecated.

Description

This plugin has been deprecated because all CVEs referenced were rejected.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/301999

]]> <![CDATA[EcoStruxure IT Data Center Expert <= 9.0 Use of Hard-coded Credentials (SEVD-2026-069-05)]]> https://www.tenable.com/plugins/nessus/301998 https://www.tenable.com/plugins/nessus/301998 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301998 with High Severity

Synopsis

The remote web server contains an application that is affected by a vulnerability.

Description

The version of EcoStruxure IT Data Center Expert installed on the remote host is 9.0 or prior. It is, therefore, affected by a vulnerability as referenced in the SEVD-2026-069-05 advisory.

 - Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default. (CVE-2025-13957)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to EcoStruxure IT Data Center Expert version 9.1 or later.

Read more at https://www.tenable.com/plugins/nessus/301998

]]> <![CDATA[Adobe Substance 3D Painter < 11.1.3 (APSB26-25)]]> https://www.tenable.com/plugins/nessus/301997 https://www.tenable.com/plugins/nessus/301997 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301997 with Medium Severity

Synopsis

The remote host is missing a security update.

Description

The version of Adobe Substance 3D Painter installed on the remote host is prior to 11.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-25 advisory.
 - Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-21363)
- Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
 (CVE-2026-21365)
- Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-27214)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Substance 3D Painter version 11.1.3 or later.

Read more at https://www.tenable.com/plugins/nessus/301997

]]> <![CDATA[Adobe Substance 3D Stager < 3.1.8 Multiple Vulnerabilities (APSB26-29)]]> https://www.tenable.com/plugins/nessus/301996 https://www.tenable.com/plugins/nessus/301996 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301996 with High Severity

Synopsis

The remote host is missing one or more security updates.

Description

The version of Adobe Substance 3D Stager installed on the remote host is prior to 3.1.8. It is, therefore, affected by an multiple vulnerabilities as referenced in the APSB26-29 advisory.

 - Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-27273)

 - Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-27277)

 - Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-27279)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Substance 3D Stager version 3.1.8 or later.

Read more at https://www.tenable.com/plugins/nessus/301996

]]> <![CDATA[CKEditor < 47.6.0 XSS]]> https://www.tenable.com/plugins/nessus/301995 https://www.tenable.com/plugins/nessus/301995 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301995 with Medium Severity

Synopsis

The remote web server may be affected by a cross site scripting vulnerability.

Description

The version of CKEditor included on the remote web host prior to 47.6.0. It may, therefore, be affected by a cross-site scripting (XSS) vulnerability.

- CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Prior to version 47.6.0, a cross-site scripting (XSS) vulnerability has been discovered in the General HTML Support feature. This vulnerability could be triggered by inserting specially crafted markup, leading to unauthorized JavaScript code execution, if the editor instance used an unsafe General HTML Support configuration. This issue has been patched in version 47.6.0. (CVE-2026-28343)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to CKEditor 47.6.0 or later.

Read more at https://www.tenable.com/plugins/nessus/301995

]]> <![CDATA[Microsoft ASP.NET Core DoS (March 2026)]]> https://www.tenable.com/plugins/nessus/301994 https://www.tenable.com/plugins/nessus/301994 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301994 with High Severity

Synopsis

The remote Windows host is affected by a denial of service vulnerability.

Description

The version of ASP.NET Core installed on the remote Windows host is 8.0.x prior to 8.0.25, 9.0.x prior to 9.0.14, or 10.0.x prior to 10.0.4. It is, therefore, affected by a denial of service vulnerability. A specially crafted message to a SignalR server can cause uncontrolled resource consumption, exhausting an internal buffer and leading to denial of service.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update ASP.NET Core to version 8.0.25, 9.0.14, 10.0.4 or later.

Read more at https://www.tenable.com/plugins/nessus/301994

]]> <![CDATA[RHEL 9 : .NET 9.0 (RHSA-2026:4456)]]> https://www.tenable.com/plugins/nessus/301985 https://www.tenable.com/plugins/nessus/301985 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301985 with High Severity

Synopsis

The remote Red Hat host is missing one or more security updates for .NET 9.0.

Description

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4456 advisory.

 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

 New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.115 and .NET Runtime 9.0.14.Security Fix(es):

 * .net: .NET: Denial of Service via out-of-bounds read (CVE-2026-26127)

 * asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (CVE-2026-26130)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL .NET 9.0 package based on the guidance in RHSA-2026:4456.

Read more at https://www.tenable.com/plugins/nessus/301985

]]> <![CDATA[NetApp ONTAP S3 Information Disclosure Vulnerability (NTAP-20260304-0001)]]> https://www.tenable.com/plugins/nessus/301982 https://www.tenable.com/plugins/nessus/301982 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301982 with Medium Severity

Synopsis

The remote host is affected by an Information Disclosure Vulnerability.

Description

The version of NetApp ONTAP running on the remote host is 9.12.1 prior to 9.12.1P20, 9.13.x prior to 9.13.1P19, 9.14.x prior to 9.14.1P16, 9.15.x prior to 9.15.1P16, 9.16.x prior to 9.16.1P8, 9.17.x prior to 9.17.1P1, or 9.18.x prior to 9.18.1. It is, therefore, affected by an Information Disclosure Vulnerability as detailed in the NTAP-20260304-0001 advisory.

 - ONTAP versions 9.12.1 and higher with S3 NAS buckets are susceptible to an information disclosure vulnerability.
 Successful exploit could allow an authenticated attacker to view a listing of the contents in a directory for which they lack permission. (CVE-2026-22052)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to NetApp ONTAP version 9.12.1P20, 9.13.1P19, 9.14.1P16, 9.15.1P16, 9.16.1P8, 9.17.1P1, 9.18.1, or later.

Read more at https://www.tenable.com/plugins/nessus/301982

]]> <![CDATA[Docker Desktop < 4.64.0 CLI Plugin Directory Privilege Escalation (CVE-2025-15558)]]> https://www.tenable.com/plugins/nessus/301978 https://www.tenable.com/plugins/nessus/301978 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301978 with High Severity

Synopsis

The remote Windows host has an application installed that is affected by a privilege escalation vulnerability.

Description

The version of Docker Desktop for Windows installed on the remote host is 4.34.x < 4.64.0. It is, therefore, affected by a privilege escalation vulnerability.

 - Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, allowing privilege escalation if the docker CLI is executed as a privileged user.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Docker Desktop version 4.64.0 or later.

Read more at https://www.tenable.com/plugins/nessus/301978

]]> <![CDATA[Apache ZooKeeper 3.9.x < 3.9.4 Improper Permission Check]]> https://www.tenable.com/plugins/nessus/301977 https://www.tenable.com/plugins/nessus/301977 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301977 with Medium Severity

Synopsis

The remote Apache ZooKeeper server is affected by an improper permission check vulnerability.

Description

The version of Apache ZooKeeper listening on the remote host is 3.9.x prior to 3.9.4. It is, therefore, affected by an improper permission check vulnerability:

 - Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore commands with insufficient permissions. The issue can be mitigated by disabling both commands (via admin.snapshot.enabled and admin.restore.enabled), disabling the whole AdminServer interface (via admin.enableServer), or ensuring that the root ACL does not provide open permissions. (CVE-2025-58457)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update to Apache ZooKeeper 3.9.4 or later.

Read more at https://www.tenable.com/plugins/nessus/301977

]]> <![CDATA[Apache ZooKeeper 3.8.x < 3.8.6 / 3.9.x < 3.9.5 Multiple Vulnerabilities]]> https://www.tenable.com/plugins/nessus/301976 https://www.tenable.com/plugins/nessus/301976 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301976 with High Severity

Synopsis

The remote Apache ZooKeeper server is affected by multiple vulnerabilities.

Description

The version of Apache ZooKeeper listening on the remote host is 3.8.x prior to 3.8.6 or 3.9.x prior to 3.9.5. It is, therefore, affected by multiple vulnerabilities:

 - Improper handling of configuration values in ZKConfig allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging, rendering potential production systems affected by the issue.
 (CVE-2026-24308)

 - Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper servers or clients with a valid certificate for the PTR name. Note that an attacker must present a certificate which is trusted by ZKTrustManager, which makes the attack vector harder to exploit. (CVE-2026-24281)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update to Apache ZooKeeper 3.8.6 or 3.9.5 or later.

Read more at https://www.tenable.com/plugins/nessus/301976

]]> <![CDATA[Ingress-NGINX Controller < 1.13.8 / 1.14.x < 1.14.4 / 1.15.x < 1.15.0 Configuration Injection]]> https://www.tenable.com/plugins/nessus/301974 https://www.tenable.com/plugins/nessus/301974 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301974 with High Severity

Synopsis

The remote host is missing a security update.

Description

The version of Ingress-NGINX controller installed on the remote host is prior to 1.13.8, 1.14.4, or 1.15.0. It is, therefore, affected by a configuration injection vulnerability.

A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/rewrite-target` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note that in the default installation, the controller can access all Secrets cluster-wide.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Ingress-NGINX Controller 1.13.8, 1.14.4, 1.15.0, or later.

Read more at https://www.tenable.com/plugins/nessus/301974

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-23907]]> https://www.tenable.com/plugins/nessus/301969 https://www.tenable.com/plugins/nessus/301969 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301969 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. The ExtractEmbeddedFiles example contains a path traversal vulnerability (CWE-22) because the filename that is obtained from PDComplexFileSpecification.getFilename() is appended to the extraction path. Users who have copied this example into their production code should review it to ensure that the extraction path is acceptable. The example has been changed accordingly, now the initial path and the extraction paths are converted into canonical paths and it is verified that extraction path contains the initial path. The documentation has also been adjusted. (CVE-2026-23907)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301969

]]> <![CDATA[RHEL 8 : .NET 9.0 (RHSA-2026:4443)]]> https://www.tenable.com/plugins/nessus/301939 https://www.tenable.com/plugins/nessus/301939 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301939 with High Severity

Synopsis

The remote Red Hat host is missing one or more security updates for .NET 9.0.

Description

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4443 advisory.

 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

 New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.115 and .NET Runtime 9.0.14.Security Fix(es):

 * .net: .NET: Denial of Service via out-of-bounds read (CVE-2026-26127)

 * asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (CVE-2026-26130)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL .NET 9.0 package based on the guidance in RHSA-2026:4443.

Read more at https://www.tenable.com/plugins/nessus/301939

]]> <![CDATA[Google Chrome < 146.0.7680.71 Multiple Vulnerabilities]]> https://www.tenable.com/plugins/nessus/301924 https://www.tenable.com/plugins/nessus/301924 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301924 with Critical Severity

Synopsis

A web browser installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote macOS host is prior to 146.0.7680.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 2026_03_stable-channel-update-for-desktop_10 advisory.

 - Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3936)

 - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) (CVE-2026-3913)

 - Integer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3914)

 - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3915)

 - Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3916)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 146.0.7680.71 or later.

Read more at https://www.tenable.com/plugins/nessus/301924

]]> <![CDATA[Google Chrome < 146.0.7680.71 Multiple Vulnerabilities]]> https://www.tenable.com/plugins/nessus/301923 https://www.tenable.com/plugins/nessus/301923 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301923 with Critical Severity

Synopsis

A web browser installed on the remote Windows host is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote Windows host is prior to 146.0.7680.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 2026_03_stable-channel-update-for-desktop_10 advisory.

 - Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2026-3936)

 - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) (CVE-2026-3913)

 - Integer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3914)

 - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3915)

 - Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) (CVE-2026-3916)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 146.0.7680.71 or later.

Read more at https://www.tenable.com/plugins/nessus/301923

]]> <![CDATA[GitLab 8.14 < 18.7.6 / 18.8 < 18.8.6 / 18.9 < 18.9.2 (CVE-2026-1182)]]> https://www.tenable.com/plugins/nessus/301912 https://www.tenable.com/plugins/nessus/301912 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301912 with Medium Severity

Synopsis

The version of GitLab installed on the remote host is affected by a vulnerability.

Description

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances. (CVE-2026-1182)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to GitLab version 18.7.6, 18.8.6, 18.9.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301912

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-31870]]> https://www.tenable.com/plugins/nessus/301900 https://www.tenable.com/plugins/nessus/301900 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301900 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API (httplib::stream::Get, httplib::stream::Post, etc.), the library calls std::stoull() directly on the Content-Length header value received from the server with no input validation and no exception handling. std::stoull throws std::invalid_argument for non-numeric strings and std::out_of_range for values exceeding ULLONG_MAX. Since nothing catches these exceptions, the C++ runtime calls std::terminate(), which kills the process with SIGABRT. Any server the client connects to including servers reached via HTTP redirects, third-party APIs, or man-in-the-middle positions can crash the client application with a single HTTP response. No authentication is required. No interaction from the end user is required. The crash is deterministic and immediate. This vulnerability is fixed in 0.37.1.
 (CVE-2026-31870)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301900

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-31958]]> https://www.tenable.com/plugins/nessus/301899 https://www.tenable.com/plugins/nessus/301899 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301899 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the max_body_size setting (default 100MB). Since parsing occurs synchronously on the main thread, this creates the possibility of denial-of- service due to the cost of parsing very large multipart bodies with many parts. This vulnerability is fixed in 6.5.5. (CVE-2026-31958)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301899

]]> <![CDATA[Apple iOS < 16.7.15 Vulnerability (126646)]]> https://www.tenable.com/plugins/nessus/301894 https://www.tenable.com/plugins/nessus/301894 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301894 with High Severity

Synopsis

The version of Apple iOS running on the mobile device is affected by a vulnerability.

Description

The version of Apple iOS running on the mobile device is prior to 16.7.15. It is, therefore, affected by a vulnerability.

Solution

Upgrade to Apple iOS version 16.7.15 or later

Read more at https://www.tenable.com/plugins/nessus/301894

]]> <![CDATA[FreeBSD : curl -- Multiple vulnerabilties (1933737d-1d46-11f1-81da-8447094a420f)]]> https://www.tenable.com/plugins/nessus/301882 https://www.tenable.com/plugins/nessus/301882 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301882 with Medium Severity

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1933737d-1d46-11f1-81da-8447094a420f advisory.

 The curl project reports:

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Read more at https://www.tenable.com/plugins/nessus/301882

]]> <![CDATA[GitLab 14.4 < 18.7.6 / 18.8 < 18.8.6 / 18.9 < 18.9.2 (CVE-2026-1663)]]> https://www.tenable.com/plugins/nessus/301879 https://www.tenable.com/plugins/nessus/301879 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301879 with Medium Severity

Synopsis

The version of GitLab installed on the remote host is affected by a vulnerability.

Description

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with group import permissions to create labels in private projects due to improper authorization validation in the group import process under certain circumstances. (CVE-2026-1663)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to GitLab version 18.7.6, 18.8.6, 18.9.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301879

]]> <![CDATA[GitLab 8.11 < 18.7.6 / 18.8 < 18.8.6 / 18.9 < 18.9.2 (CVE-2026-3848)]]> https://www.tenable.com/plugins/nessus/301877 https://www.tenable.com/plugins/nessus/301877 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301877 with Medium Severity

Synopsis

The version of GitLab installed on the remote host is affected by a vulnerability.

Description

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to make unintended internal requests through proxy environments under certain conditions due to improper input validation in import functionality. (CVE-2026-3848)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to GitLab version 18.7.6, 18.8.6, 18.9.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301877

]]> <![CDATA[GitLab 12.6 < 18.7.6 / 18.8 < 18.8.6 / 18.9 < 18.9.2 (CVE-2026-1732)]]> https://www.tenable.com/plugins/nessus/301876 https://www.tenable.com/plugins/nessus/301876 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301876 with Medium Severity

Synopsis

The version of GitLab installed on the remote host is affected by a vulnerability.

Description

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose confidential issue titles due to improper filtering under certain circumstances. (CVE-2026-1732)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to GitLab version 18.7.6, 18.8.6, 18.9.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301876

]]> <![CDATA[Splunk Enterprise 9.3.0 < 9.3.10, 9.4.0 < 9.4.9, 10.0.0 < 10.0.4 (SVD-2026-0302)]]> https://www.tenable.com/plugins/nessus/301874 https://www.tenable.com/plugins/nessus/301874 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301874 with High Severity

Synopsis

An application running on a remote web server host is affected by a vulnerability

Description

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0302 advisory.

 - In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.0.2503.12, 10.1.2507.16, and 9.3.2411.124, a user who holds a role that contains the high-privilege capability `edit_cmd` could execute arbitrary shell commands using the `unarchive_cmd` parameter for the `/splunkd/__upload/indexing/preview` REST endpoint. (CVE-2026-20163)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade Splunk Enterprise to versions 10.2.0, 10.0.4, 9.4.9, 9.3.10, or higher.Splunk is actively monitoring and patching Splunk Cloud Platform instances.

Read more at https://www.tenable.com/plugins/nessus/301874

]]> <![CDATA[GitLab 1.0 < 18.7.6 / 18.8 < 18.8.6 / 18.9 < 18.9.2 (CVE-2026-1230)]]> https://www.tenable.com/plugins/nessus/301863 https://www.tenable.com/plugins/nessus/301863 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301863 with Medium Severity

Synopsis

The version of GitLab installed on the remote host is affected by a vulnerability.

Description

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 1.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause repository downloads to contain different code than displayed in the web interface due to incorrect validation of branch references under certain circumstances. (CVE-2026-1230)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to GitLab version 18.7.6, 18.8.6, 18.9.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301863

]]> <![CDATA[GitLab 18.9 < 18.9.2 (CVE-2026-1069)]]> https://www.tenable.com/plugins/nessus/301862 https://www.tenable.com/plugins/nessus/301862 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301862 with High Severity

Synopsis

The version of GitLab installed on the remote host is affected by a vulnerability.

Description

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2...
 (CVE-2026-1069)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to GitLab version 18.9.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301862

]]> <![CDATA[GitLab 15.6 < 18.7.6 / 18.8 < 18.8.6 / 18.9 < 18.9.2 (CVE-2026-0602)]]> https://www.tenable.com/plugins/nessus/301861 https://www.tenable.com/plugins/nessus/301861 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301861 with Medium Severity

Synopsis

The version of GitLab installed on the remote host is affected by a vulnerability.

Description

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

 - Authentication Bypass Using an Alternate Path or Channel in GitLab (CVE-2026-0602)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to GitLab version 18.7.6, 18.8.6, 18.9.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301861

]]> <![CDATA[Zabbix 6.0.x < 6.0.41 / 7.0.x < 7.0.18 / 7.4.x < 7.4.2 Unauthorized Object Creation (ZBX-27567)]]> https://www.tenable.com/plugins/nessus/301859 https://www.tenable.com/plugins/nessus/301859 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301859 with Medium Severity

Synopsis

A web application running on the remote host is affected by an authorization bypass vulnerability.

Description

The version of Zabbix installed on the remote host is affected by an authorization bypass vulnerability. An authenticated low-privilege user (User role) possessing template and host write permissions can exploit the configuration.import API to create unauthorized objects, despite the User role typically lacking authority to create or modify templates and hosts.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Zabbix version 6.0.41, 7.0.18, 7.4.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301859

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3784]]> https://www.tenable.com/plugins/nessus/301855 https://www.tenable.com/plugins/nessus/301855 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301855 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection. (CVE-2026-3784)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301855

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3805]]> https://www.tenable.com/plugins/nessus/301854 https://www.tenable.com/plugins/nessus/301854 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301854 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory. (CVE-2026-3805)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301854

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-26130 (deprecated)]]> https://www.tenable.com/plugins/nessus/301853 https://www.tenable.com/plugins/nessus/301853 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301853 with High Severity

Synopsis

This plugin has been deprecated.

Description

This plugin has been deprecated because all CVEs referenced were rejected.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/301853

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-26127 (deprecated)]]> https://www.tenable.com/plugins/nessus/301852 https://www.tenable.com/plugins/nessus/301852 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301852 with High Severity

Synopsis

This plugin has been deprecated.

Description

This plugin has been deprecated because all CVEs referenced were rejected.

Solution

null

Read more at https://www.tenable.com/plugins/nessus/301852

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-3783]]> https://www.tenable.com/plugins/nessus/301851 https://www.tenable.com/plugins/nessus/301851 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301851 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with either of the `machine` or `default` keywords, curl would pass on the bearer token set for the first host also to the second one. (CVE-2026-3783)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301851

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-28292]]> https://www.tenable.com/plugins/nessus/301850 https://www.tenable.com/plugins/nessus/301850 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301850 with Critical Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - `simple-git`, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes (CVE-2022-25860 and CVE-2022-25912) and achieve full remote code execution on the host machine. Version 3.23.0 contains an updated fix for the vulnerability. (CVE-2026-28292)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301850

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-1965]]> https://www.tenable.com/plugins/nessus/301847 https://www.tenable.com/plugins/nessus/301847 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301847 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criterion must first be met. Due to a logical error in the code, a request that was issued by an application could wrongfully reuse an existing connection to the same server that was authenticated using different credentials. One underlying reason being that Negotiate sometimes authenticates *connections* and not *requests*, contrary to how HTTP is designed to work. An application that allows Negotiate authentication to a server (that responds wanting Negotiate) with `user1:password1` and then does another operation to the same server also using Negotiate but with `user2:password2` (while the previous connection is still alive) - the second request wrongly reused the same connection and since it then sees that the Negotiate negotiation is already made, it just sends the request over that connection thinking it uses the user2 credentials when it is in fact still using the connection authenticated for user1... The set of authentication methods to use is set with `CURLOPT_HTTPAUTH`. Applications can disable libcurl's reuse of connections and thus mitigate this problem, by using one of the following libcurl options to alter how connections are or are not reused: `CURLOPT_FRESH_CONNECT`, `CURLOPT_MAXCONNECTS` and `CURLMOPT_MAX_HOST_CONNECTIONS` (if using the curl_multi API). (CVE-2026-1965)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301847

]]> <![CDATA[openSUSE 15 Security Update : python-Markdown (SUSE-SU-2026:0846-1)]]> https://www.tenable.com/plugins/nessus/301810 https://www.tenable.com/plugins/nessus/301810 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301810 with Medium Severity

Synopsis

The remote openSUSE host is missing a security update.

Description

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:0846-1 advisory.

 This update for python-Markdown fixes the following issue:

 - CVE-2025-69534: incomplete markup declaration in raw HTML can crash applications that process untrusted Markdown (bsc#1259256).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected python311-Markdown package.

Read more at https://www.tenable.com/plugins/nessus/301810

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-2436]]> https://www.tenable.com/plugins/nessus/301794 https://www.tenable.com/plugins/nessus/301794 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301794 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Debian Linux - libsoup2.4 - None libsoup3 - None Red Hat Enterprise Linux - libsoup: libsoup: Denial of Service via use-after-free in SoupServer during TLS handshake Ubuntu Linux - [Unknown description] (CVE-2026-2436)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301794

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-23240]]> https://www.tenable.com/plugins/nessus/301793 https://www.tenable.com/plugins/nessus/301793 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301793 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - tls: Fix race condition in tls_sw_cancel_work_tx() This issue was discovered during a code audit. After cancel_delayed_work_sync() is called from tls_sk_proto_close(), tx_work_handler() can still be scheduled from paths such as the Delayed ACK handler or ksoftirqd. As a result, the tx_work_handler() worker may dereference a freed TLS object. The following is a simple race scenario: cpu0 cpu1 tls_sk_proto_close() tls_sw_cancel_work_tx() tls_write_space() tls_sw_write_space() if (!test_and_set_bit(BIT_TX_SCHEDULED, &tx_ctx->tx_bitmask)) set_bit(BIT_TX_SCHEDULED, &ctx->tx_bitmask);
 cancel_delayed_work_sync(&ctx->tx_work.work); schedule_delayed_work(&tx_ctx->tx_work.work, 0); To prevent this race condition, cancel_delayed_work_sync() is replaced with disable_delayed_work_sync().
 (CVE-2026-23240)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301793

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-31812]]> https://www.tenable.com/plugins/nessus/301791 https://www.tenable.com/plugins/nessus/301791 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301791 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quic_transport_parameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap(), so truncated encodings cause Err(UnexpectedEnd) and panic. This is reachable over the network with a single packet and no prior trust or authentication. This vulnerability is fixed in 0.11.14.
 (CVE-2026-31812)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301791

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-23868]]> https://www.tenable.com/plugins/nessus/301790 https://www.tenable.com/plugins/nessus/301790 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301790 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible. (CVE-2026-23868)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301790

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-23239]]> https://www.tenable.com/plugins/nessus/301785 https://www.tenable.com/plugins/nessus/301785 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301785 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - espintcp: Fix race condition in espintcp_close() This issue was discovered during a code audit. After cancel_work_sync() is called from espintcp_close(), espintcp_tx_work() can still be scheduled from paths such as the Delayed ACK handler or ksoftirqd. As a result, the espintcp_tx_work() worker may dereference a freed espintcp ctx or sk. The following is a simple race scenario: cpu0 cpu1 espintcp_close() cancel_work_sync(&ctx->work); espintcp_write_space() schedule_work(&ctx->work); To prevent this race condition, cancel_work_sync() is replaced with disable_work_sync(). (CVE-2026-23239)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301785

]]> <![CDATA[Mozilla Firefox < 148.0.2]]> https://www.tenable.com/plugins/nessus/301761 https://www.tenable.com/plugins/nessus/301761 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301761 with High Severity

Synopsis

A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.

Description

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 148.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-19 advisory.

 - Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
 (CVE-2026-3847)

 - Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android. This vulnerability affects Firefox < 148.0.2. (CVE-2026-3845)

 - Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox < 148.0.2. (CVE-2026-3846)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Mozilla Firefox version 148.0.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301761

]]> <![CDATA[Mozilla Firefox < 148.0.2]]> https://www.tenable.com/plugins/nessus/301760 https://www.tenable.com/plugins/nessus/301760 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301760 with High Severity

Synopsis

A web browser installed on the remote Windows host is affected by multiple vulnerabilities.

Description

The version of Firefox installed on the remote Windows host is prior to 148.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-19 advisory.

 - Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
 (CVE-2026-3847)

 - Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android. This vulnerability affects Firefox < 148.0.2. (CVE-2026-3845)

 - Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox < 148.0.2. (CVE-2026-3846)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Mozilla Firefox version 148.0.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301760

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2026-28688]]> https://www.tenable.com/plugins/nessus/301749 https://www.tenable.com/plugins/nessus/301749 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301749 with Medium Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing MSL so the write capability has been removed. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. (CVE-2026-28688)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301749

]]> <![CDATA[Fortinet FortiAnalyzer Privilege escalation using undocumented CLI command (FG-IR-26-081)]]> https://www.tenable.com/plugins/nessus/301727 https://www.tenable.com/plugins/nessus/301727 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301727 with High Severity

Synopsis

Fortinet Firewall is affected by a privilege escalation.

Description

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-081 advisory.

 - A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command. (CVE-2025-48418)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

For 6.4.x, see vendor advisory. For 7.0.x, upgrade to FortiAnalyzer version 7.0.15 or later. For 7.2.x, upgrade to FortiAnalyzer version 7.2.11 or later. For 7.4.x, upgrade to FortiAnalyzer version 7.4.8 or later. For 7.6.x, upgrade to FortiAnalyzer version 7.6.4 or later.

Read more at https://www.tenable.com/plugins/nessus/301727

]]> <![CDATA[Fortinet FortiManager Privilege escalation using undocumented CLI command (FG-IR-26-081)]]> https://www.tenable.com/plugins/nessus/301726 https://www.tenable.com/plugins/nessus/301726 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301726 with High Severity

Synopsis

Fortinet Firewall is affected by a privilege escalation.

Description

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-081 advisory.

 - A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command. (CVE-2025-48418)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

For 6.4.x, see vendor advisory. For 7.0.x, upgrade to FortiManager version 7.0.15 or later. For 7.2.x, upgrade to FortiManager version 7.2.11 or later. For 7.4.x, upgrade to FortiManager version 7.4.8 or later. For 7.6.x, upgrade to FortiManager version 7.6.4 or later.

Read more at https://www.tenable.com/plugins/nessus/301726

]]> <![CDATA[Fortinet FortiAnalyzer sqli (FG-IR-26-095)]]> https://www.tenable.com/plugins/nessus/301723 https://www.tenable.com/plugins/nessus/301723 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301723 with High Severity

Synopsis

Remote host is affected by a sqli vulnerability.

Description

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-095 advisory.

 - An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigData 7.6.0, FortiAnalyzer-BigData 7.4.0 through 7.4.4, FortiAnalyzer-BigData 7.2 all versions, FortiAnalyzer-BigData 7.0 all versions, FortiAnalyzer-BigData 6.4 all versions, FortiAnalyzer-BigData 6.2 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.
 (CVE-2025-49784)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

For 6.4.x / 7.0.x / 7.2.x, see vendor advisory. For 7.4.x, upgrade to FortiAnalyzer version 7.4.8 or later. For 7.6.x, upgrade to FortiAnalyzer version 7.6.5 or later.

Read more at https://www.tenable.com/plugins/nessus/301723

]]> <![CDATA[Adobe Illustrator < 29.8.5 / 30.0 < 30.2 Multiple Vulnerabilities (APSB26-18)]]> https://www.tenable.com/plugins/nessus/301722 https://www.tenable.com/plugins/nessus/301722 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301722 with High Severity

Synopsis

The Adobe Illustrator instance installed on the remote host is affected by multiple vulnerabilities.

Description

The version of Adobe Illustrator installed on the remote Windows host is prior to 29.8.5, 30.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-18 advisory.

 - Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-21362, CVE-2026-27272)

 - Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-21333)

 - Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-27271)

 - Illustrator versions 29.8.4, 30.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-27267)

 - Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-27268, CVE-2026-27270)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Illustrator version 29.8.5, 30.2 or later.

Read more at https://www.tenable.com/plugins/nessus/301722

]]> <![CDATA[Fortinet FortiManager Lack of TLS Certificate Validation during initial SSO Authentication (FG-IR-26-078)]]> https://www.tenable.com/plugins/nessus/301718 https://www.tenable.com/plugins/nessus/301718 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301718 with Medium Severity

Synopsis

Fortinet Firewall is missing one or more security-related updates.

Description

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-078 advisory.

 - A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to view confidential information via a man in the middle [MiTM] attack.
 (CVE-2025-68482)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

For 6.4.x / 7.0.x / 7.2.x, see vendor advisory. For 7.4.x, upgrade to FortiManager version 7.4.9 or later. For 7.6.x, upgrade to FortiManager version 7.6.5 or later.

Read more at https://www.tenable.com/plugins/nessus/301718

]]> <![CDATA[Fortinet FortiAnalyzer Lack of TLS Certificate Validation during initial SSO Authentication (FG-IR-26-078)]]> https://www.tenable.com/plugins/nessus/301717 https://www.tenable.com/plugins/nessus/301717 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301717 with Medium Severity

Synopsis

Fortinet Firewall is missing one or more security-related updates.

Description

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-078 advisory.

 - A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to view confidential information via a man in the middle [MiTM] attack.
 (CVE-2025-68482)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

For 6.4.x / 7.0.x / 7.2.x, see vendor advisory. For 7.4.x, upgrade to FortiAnalyzer version 7.4.9 or later. For 7.6.x, upgrade to FortiAnalyzer version 7.6.5 or later.

Read more at https://www.tenable.com/plugins/nessus/301717

]]> <![CDATA[Adobe Premiere Pro < 25.6 Arbitrary code execution (APSB26-28) (macOS)]]> https://www.tenable.com/plugins/nessus/301714 https://www.tenable.com/plugins/nessus/301714 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301714 with High Severity

Synopsis

The Adobe Premiere Pro instance installed on the remote host is affected by an arbitrary code execution vulnerability.

Description

The version of Adobe Premiere Pro installed on the remote macOS host is prior to 25.6. It is, therefore, affected by a vulnerability as referenced in the APSB26-28 advisory.

 - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2026-27269)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Premiere Pro version 25.6 or later.

Read more at https://www.tenable.com/plugins/nessus/301714

]]> <![CDATA[Adobe Premiere Pro < 25.6 Arbitrary code execution (APSB26-28)]]> https://www.tenable.com/plugins/nessus/301713 https://www.tenable.com/plugins/nessus/301713 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301713 with High Severity

Synopsis

The Adobe Premiere Pro instance installed on the remote host is affected by an arbitrary code execution vulnerability.

Description

The version of Adobe Premiere Pro installed on the remote Windows host is prior to 25.6. It is, therefore, affected by a vulnerability as referenced in the APSB26-28 advisory.

 - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2026-27269)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Premiere Pro version 25.6 or later.

Read more at https://www.tenable.com/plugins/nessus/301713

]]> <![CDATA[Adobe Acrobat < 24.001.30356 / 25.001.21288 Multiple Vulnerabilities (APSB26-26) (macOS)]]> https://www.tenable.com/plugins/nessus/301712 https://www.tenable.com/plugins/nessus/301712 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301712 with High Severity

Synopsis

The version of Adobe Acrobat installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 24.001.30356 or 25.001.21288. It is, therefore, affected by multiple vulnerabilities.

 - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.
 Exploitation of this issue requires user interaction in that a victim must open a malicious file.
 (CVE-2026-27220, CVE-2026-27278)

 - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by an Improper Certificate Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to spoof the identity of a signer. Exploitation of this issue requires user interaction. (CVE-2026-27221)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Acrobat version 24.001.30356 / 25.001.21288 or later.

Read more at https://www.tenable.com/plugins/nessus/301712

]]> <![CDATA[Adobe Reader < 25.001.21288 Multiple Vulnerabilities (APSB26-26) (macOS)]]> https://www.tenable.com/plugins/nessus/301711 https://www.tenable.com/plugins/nessus/301711 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301711 with High Severity

Synopsis

The version of Adobe Reader installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Adobe Reader installed on the remote macOS host is a version prior to 25.001.21288. It is, therefore, affected by multiple vulnerabilities.

 - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.
 Exploitation of this issue requires user interaction in that a victim must open a malicious file.
 (CVE-2026-27220, CVE-2026-27278)

 - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by an Improper Certificate Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to spoof the identity of a signer. Exploitation of this issue requires user interaction. (CVE-2026-27221)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Reader version 25.001.21288 or later.

Read more at https://www.tenable.com/plugins/nessus/301711

]]> <![CDATA[Adobe Acrobat < 24.001.30356 / 25.001.21288 Multiple Vulnerabilities (APSB26-26)]]> https://www.tenable.com/plugins/nessus/301710 https://www.tenable.com/plugins/nessus/301710 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301710 with High Severity

Synopsis

The version of Adobe Acrobat installed on the remote Windows host is affected by multiple vulnerabilities.

Description

The version of Adobe Acrobat installed on the remote Windows host is a version prior to 24.001.30356 or 25.001.21288. It is, therefore, affected by multiple vulnerabilities.

 - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.
 Exploitation of this issue requires user interaction in that a victim must open a malicious file.
 (CVE-2026-27220, CVE-2026-27278)

 - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by an Improper Certificate Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to spoof the identity of a signer. Exploitation of this issue requires user interaction. (CVE-2026-27221)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Acrobat version 24.001.30356 / 25.001.21288 or later.

Read more at https://www.tenable.com/plugins/nessus/301710

]]> <![CDATA[Adobe Reader < 25.001.21288 Multiple Vulnerabilities (APSB26-26)]]> https://www.tenable.com/plugins/nessus/301709 https://www.tenable.com/plugins/nessus/301709 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301709 with High Severity

Synopsis

The version of Adobe Reader installed on the remote Windows host is affected by multiple vulnerabilities.

Description

The version of Adobe Reader installed on the remote Windows host is a version prior to 25.001.21288. It is, therefore, affected by multiple vulnerabilities.

 - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.
 Exploitation of this issue requires user interaction in that a victim must open a malicious file.
 (CVE-2026-27220, CVE-2026-27278)

 - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by an Improper Certificate Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to spoof the identity of a signer. Exploitation of this issue requires user interaction. (CVE-2026-27221)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Reader version 25.001.21288 or later.

Read more at https://www.tenable.com/plugins/nessus/301709

]]> <![CDATA[Linux Distros Unpatched Vulnerability : CVE-2025-13350]]> https://www.tenable.com/plugins/nessus/301707 https://www.tenable.com/plugins/nessus/301707 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301707 with High Severity

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 (af_unix: Don't call skb_get() for OOB skb). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_skb() as if OOB SKBs held two references; on Ubuntu Linux 6.8 (Noble Numbat) kernel tree, they have only the queue reference, so the buffer is freed while still reachable and subsequent queue walks dereference freed memory, yielding a reliable local privilege escalation (LPE) caused by a use-after-free (UAF). Ubuntu builds that have already taken the new GC stack from commit 4090fa373f0e, and mainline Linux kernels shipping that infrastructure are unaffected because they no longer execute the legacy collector path. This issue affects Ubuntu Linux from 6.8.0-56.58 before 6.8.0-84.84. (CVE-2025-13350)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Read more at https://www.tenable.com/plugins/nessus/301707

]]> <![CDATA[Zoom Workplace < 6.6.11 Vulnerability (ZSB-26002)]]> https://www.tenable.com/plugins/nessus/301701 https://www.tenable.com/plugins/nessus/301701 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301701 with High Severity

Synopsis

The remote host has an application installed that is affected by a vulnerability.

Description

The version of Zoom Workplace installed on the remote host is prior to 6.6.11. It is, therefore, affected by a vulnerability as referenced in the ZSB-26002 advisory.

 - Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download. (CVE-2026-30900)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Zoom Client for Meetings 6.6.11 or later.

Read more at https://www.tenable.com/plugins/nessus/301701

]]> <![CDATA[Zoom Workplace VDI Client 6.6 < 6.6.11 Vulnerability (ZSB-26002)]]> https://www.tenable.com/plugins/nessus/301700 https://www.tenable.com/plugins/nessus/301700 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301700 with High Severity

Synopsis

The remote host has an application installed that is affected by a vulnerability.

Description

The version of Zoom Workplace VDI Client installed on the remote host is between 6.6 and 6.6.11. It is, therefore, affected by a vulnerability as referenced in the ZSB-26002 advisory.

 - Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download. (CVE-2026-30900)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Zoom VDI Meeting Client 6.6.11 or later.

Read more at https://www.tenable.com/plugins/nessus/301700

]]> <![CDATA[Zoom Workplace < 6.6.0 Vulnerability (ZSB-26004)]]> https://www.tenable.com/plugins/nessus/301681 https://www.tenable.com/plugins/nessus/301681 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301681 with High Severity

Synopsis

The remote host has an application installed that is affected by a vulnerability.

Description

The version of Zoom Workplace installed on the remote host is prior to 6.6.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-26004 advisory.

 - Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download. (CVE-2026-30902)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Zoom Client for Meetings 6.6.0 or later.

Read more at https://www.tenable.com/plugins/nessus/301681

]]> <![CDATA[Zoom Workplace VDI Client < 6.4.15 Vulnerability (ZSB-26004)]]> https://www.tenable.com/plugins/nessus/301680 https://www.tenable.com/plugins/nessus/301680 Fri, 13 Mar 2026 00:00:00 GMT Nessus Plugin ID 301680 with High Severity

Synopsis

The remote host has an application installed that is affected by a vulnerability.

Description

The version of Zoom Workplace VDI Client installed on the remote host is prior to 6.4.15. It is, therefore, affected by a vulnerability as referenced in the ZSB-26004 advisory.

 - Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download. (CVE-2026-30902)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Zoom VDI Meeting Client 6.4.15 or later.

Read more at https://www.tenable.com/plugins/nessus/301680

]]>