CGI abuses Family for Nessus

IDNameSeverity
327419Mattermost Server 10.11.x < 10.11.20 / 11.6.x < 11.6.5 / 11.7.x < 11.7.2 Incorrect Authorization (MMSA-2026-00653)
medium
327418Mattermost Server 10.11.x < 10.11.20 / 11.6.x < 11.6.5 / 11.7.x < 11.7.3 Multiple Vulnerabilities (MMSA-2026-00658, MMSA-2026-00676, MMSA-2026-00680, MMSA-2026-00683, MMSA-2026-00688, MMSA-2026-00689, MMSA-2026-00690)
medium
327097Drupal 10.6.x < 10.6.13 / 11.3.x < 11.3.14 / 11.4.x < 11.4.4 Multiple Vulnerabilities (drupal-2026-07-15)
medium
327054Splunk Enterprise 9.3.0 < 9.3.14, 9.4.0 < 9.4.13, 10.0.0 < 10.0.8, 10.2.0 < 10.2.5, 10.4.0 < 10.4.1 (SVD-2026-0703)
high
327044Splunk Enterprise 9.4.0 < 9.4.13, 10.0.0 < 10.0.8, 10.2.0 < 10.2.5, 10.4.0 < 10.4.1 (SVD-2026-0704)
medium
327043Splunk Universal Forwarder 9.4.0 < 9.4.13, 10.0.0 < 10.0.8, 10.2.0 < 10.2.5, 10.4 < 10.4.1 (SVD-2026-0706)
high
327042Splunk Enterprise 9.4.0 < 9.4.13, 10.0.0 < 10.0.8, 10.2.0 < 10.2.5, 10.4.0 < 10.4.1 (SVD-2026-0702)
high
327020SonicWall SMA 1000 Series <= 12.4.3-03434 / 12.5.x <= 12.5.0-02800 Multiple Vulnerabilities (SNWLID-2026-0008)
critical
326285Kibana 8.x < 8.19.17 / 9.x < 9.3.6 / 9.4.x < 9.4.3 DoS (ESA-2026-45)
medium
326284Kibana 7.x < 7.17.15 / 8.x < 8.11.1 Log Injection (ESA-2026-53)
high
326283Kibana 8.x < 8.16.3 / 8.17.x < 8.17.2 Authorization Bypass (ESA-2026-51)
medium
326282Kibana 8.x < 8.19.15 / 9.x < 9.3.4 DoS (ESA-2026-49)
medium
326281Kibana 8.x < 8.18.9 / 8.19.x < 8.19.6 / 9.0.x < 9.0.8 / 9.1.x < 9.1.6 Information Disclosure (ESA-2026-50)
medium
325895ArcGIS Server <= 12.0 Multiple Vulnerabilities (Security 2026 Update 2)
critical
325832GitLab 13.11 < 18.11.7 / 19.0 < 19.0.4 / 19.1 < 19.1.2 (CVE-2026-6896)
medium
325831GitLab 18.2 < 18.11.7 / 19.0 < 19.0.4 / 19.1 < 19.1.2 (CVE-2026-6352)
low
325830GitLab 18.9 < 18.11.7 / 19.0 < 19.0.4 / 19.1 < 19.1.2 (CVE-2026-8472)
medium
325829GitLab 9.5 < 18.11.7 / 19.0 < 19.0.4 / 19.1 < 19.1.2 (CVE-2026-11827)
medium
325818GitLab 9.1 < 18.11.7 / 19.0 < 19.0.4 / 19.1 < 19.1.2 (CVE-2026-7492)
medium
325817GitLab 16.10 < 18.11.7 / 19.0 < 19.0.4 / 19.1 < 19.1.2 (CVE-2026-13151)
medium
325816GitLab 15.7 < 18.11.7 / 19.0 < 19.0.4 / 19.1 < 19.1.2 (CVE-2026-13320)
medium
325694PHP 8.4.x < 8.4.23
medium
325647BeyondTrust Remote Support (RS) <= 24.3.1 Command Injection (BT24-11)
high
325646BeyondTrust Remote Support (RS) < 25.3.3 Multiple Vulnerabilities (BT26-03)
critical
325645BeyondTrust Privileged Remote Access (PRA) < 25.3.3 Multiple Vulnerabilities (BT26-03)
critical
325458Joomla 4.0.x < 5.4.7 / 6.0.x < 6.1.2 Joomla 6.1.2 & 5.4.7 Security & Bugfix Release (5955-joomla-6-1-2-5-4-7-security-bugfix-release)
medium
324980PHP 8.3.x < 8.3.32 Multiple Vulnerabilities
medium
324979PHP 8.5.x < 8.5.8
medium
324978PHP 8.2.x < 8.2.32
medium
324976Fortinet FortiOS / FortiProxy Authentication Bypass via WebSocket (CVE-2024-55591, CVE-2025-24472)
critical
324953Apache ActiveMQ < 5.19.8 / 6.x < 6.2.7 Multiple Vulnerabilities
high
324952Apache ActiveMQ 5.19.7 < 5.19.8 / 6.2.6 < 6.2.7 DoS
high
324949NetScaler ADC and NetScaler Gateway Multiple Vulnerabilities (CTX696604)
high
322983Unraid < 7.3.0 Multiple Command Injection Vulnerabilities (ZDI-26-385 / ZDI-26-386)
high
322756ManageEngine ADSelfService Plus < Build 6529 Account Takeover (CVE-2026-11374)
critical
322750GitLab 19.1 < 19.1.1 (CVE-2026-12053)
high
322749GitLab 16.4 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-10086)
medium
322748GitLab 18.6 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-5309)
medium
322747GitLab 17.9 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-0934)
low
322746GitLab 14.8 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-1606)
medium
322745GitLab 8.3 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-12635)
low
322744GitLab 13.6 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-5796)
medium
322743GitLab 9.3 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-8330)
medium
322742GitLab 17.5 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-2238)
medium
322741GitLab 18.6 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-3176)
low
322740GitLab 17.11 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-5952)
medium
322739GitLab 13.11 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-11379)
medium
322738GitLab 18.10 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-10712)
medium
322478Jenkins plugins Multiple Vulnerabilities (2026-06-24)
medium
322411Zimbra Collaboration Server < 8.8.15 Patch 7 Server-Side Request Forgery Vulnerability
critical