The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5732 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: bpf: Don't use tnum_range on array range checking for poke descriptors (CVE-2022-49985)

    * kernel: sctp: avoid NULL dereference when chunk data buffer is missing (CVE-2025-40240)

    * kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5690 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: page_pool: Fix use-after-free in page_pool_recycle_in_ring (CVE-2025-38129)

    * kernel: Linux kernel: Use-after-free in BPF sockmap can lead to denial of service and privilege     escalation (CVE-2025-38154)

    * kernel: sctp: avoid NULL dereference when chunk data buffer is missing (CVE-2025-40240)

    * kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5693 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: bpf: Don't use tnum_range on array range checking for poke descriptors (CVE-2022-49985)

    * kernel: sctp: avoid NULL dereference when chunk data buffer is missing (CVE-2025-40240)

    * kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5727 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code     execution (CVE-2025-38024)

    * kernel: sctp: avoid NULL dereference when chunk data buffer is missing (CVE-2025-40240)

    * kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5689 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5692 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init (CVE-2025-38248)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5691 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code     execution (CVE-2025-38024)

    * kernel: RDMA/rxe: Fix incomplete state save in rxe_requester (CVE-2023-53539)

    * kernel: sctp: avoid NULL dereference when chunk data buffer is missing (CVE-2025-40240)

    * kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5640 advisory.

    MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld)     and many client programs and libraries.

    Security Fix(es):

    * mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21941)

    * mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21948)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2026) (CVE-2026-21936)

    * mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21968)

    * mysql: DDL unspecified vulnerability (CPU Jan 2026) (CVE-2026-21937)

    * mysql: Thread Pooling unspecified vulnerability (CPU Jan 2026) (CVE-2026-21964)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5511 advisory.

    389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the     Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5533 advisory.

    A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild     under the hood. Besides building images for local usage, it can also upload images directly to cloud.  It     is compatible with composer-cli and cockpit-composer clients.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5514 advisory.

    Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the     Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages     for server administration.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Directory Server 11.9 for RHEL 8     Release Notes linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5513 advisory.

    389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the     Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5512 advisory.

    Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the     Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages     for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3516 advisory.

    Mozilla Thunderbird is a standalone mail and newsgroup client.

    Security Fix(es):

    * libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

    * firefox: Invalid pointer in the JavaScript Engine component (CVE-2026-2785)

    * firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8,     Firefox 148 and Thunderbird 148 (CVE-2026-2793)

    * firefox: Undefined behavior in the DOM: Core & HTML component (CVE-2026-2771)

    * firefox: Integer overflow in the Audio/Video component (CVE-2026-2774)

    * firefox: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External     Software (CVE-2026-2776)

    * firefox: Integer overflow in the Libraries component in NSS (CVE-2026-2781)

    * firefox: Use-after-free in the JavaScript Engine: JIT component (CVE-2026-2766)

    * firefox: Use-after-free in the Storage: IndexedDB component (CVE-2026-2769)

    * firefox: Use-after-free in the DOM: Window and Location component (CVE-2026-2787)

    * firefox: Sandbox escape in the Storage: IndexedDB component (CVE-2026-2768)

    * firefox: Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component     (CVE-2026-2783)

    * firefox: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-2788)

    * firefox: Mitigation bypass in the DOM: Security component (CVE-2026-2784)

    * firefox: Incorrect boundary conditions in the Graphics: ImageLib component (CVE-2026-2759)

    * firefox: Integer overflow in the JavaScript: Standard Library component (CVE-2026-2762)

    * firefox: Sandbox escape in the Graphics: WebRender component (CVE-2026-2761)

    * firefox: Privilege escalation in the Messaging System component (CVE-2026-2777)

    * firefox: Same-origin policy bypass in the Networking: JAR component (CVE-2026-2790)

    * firefox: Mitigation bypass in the DOM: HTML Parser component (CVE-2026-2775)

    * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2763)

    * firefox: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and     Thunderbird 148 (CVE-2026-2792)

    * firefox: Incorrect boundary conditions in the Web Audio component (CVE-2026-2773)

    * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2786)

    * firefox: Use-after-free in the Graphics: ImageLib component (CVE-2026-2789)

    * firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Audio/Video component (CVE-2026-2757)

    * firefox: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component     (CVE-2026-2760)

    * firefox: Use-after-free in the Audio/Video: Playback component (CVE-2026-2772)

    * firefox: Incorrect boundary conditions in the Networking: JAR component (CVE-2026-2779)

    * firefox: Use-after-free in the JavaScript: WebAssembly component (CVE-2026-2767)

    * firefox: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component (CVE-2026-2764)

    * firefox: Privilege escalation in the Netmonitor component (CVE-2026-2782)

    * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2765)

    * firefox: Privilege escalation in the Netmonitor component (CVE-2026-2780)

    * firefox: Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component     (CVE-2026-2778)

    * firefox: Use-after-free in the JavaScript: GC component (CVE-2026-2758)

    * firefox: Mitigation bypass in the Networking: Cache component (CVE-2026-2791)

    * firefox: Use-after-free in the DOM: Bindings (WebIDL) component (CVE-2026-2770)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5581 advisory.

    nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency,     performance, and low memory usage.

    Security Fix(es):

    * nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections (CVE-2026-1642)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5578 advisory.

    Kernel-based Virtual Machine (KVM) offers a full virtualization solution forLinux on numerous hardware     platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual     machines using KVM.The packages also provide APIs for managing and interacting with the virtualized     systems.

    Security Fix(es):

    * qemu-kvm: VNC WebSocket handshake use-after-free (CVE-2025-11234)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5587 advisory.

    The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such     as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic     CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM     eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for     Cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token     implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon     (pkcsslotd) and general utilities.

    Security Fix(es):

    * openCryptoki: openCryptoki: Privilege Escalation or Data Exposure via Symlink Following (CVE-2026-23893)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5568 advisory.

    Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the     Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages     for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5569 advisory.

    Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the     Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages     for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5585 advisory.

    The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements     cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

    Security Fix(es):

    * gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function (CVE-2025-9820)

    * gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification     (CVE-2025-14831)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5603 advisory.

    The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such     as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic     CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM     eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for     Cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token     implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon     (pkcsslotd) and general utilities.

    Security Fix(es):

    * openCryptoki: openCryptoki: Privilege Escalation or Data Exposure via Symlink Following (CVE-2026-23893)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5602 advisory.

    Vim (Vi IMproved) is an updated and improved version of the vi editor.

    Security Fix(es):

    * vim: Vim: Arbitrary code execution via 'helpfile' option processing (CVE-2026-25749)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5597 advisory.

    389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the     Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5599 advisory.

    nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency,     performance, and low memory usage.

    Security Fix(es):

    * nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections (CVE-2026-1642)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5576 advisory.

    389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the     Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5588 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * python: cpython: URL parser allowed square brackets in domain names (CVE-2025-0938)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5580 advisory.

    MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld)     and many client programs and libraries.

    Security Fix(es):

    * mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21941)

    * mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21948)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2026) (CVE-2026-21936)

    * mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21968)

    * mysql: DDL unspecified vulnerability (CPU Jan 2026) (CVE-2026-21937)

    * mysql: Thread Pooling unspecified vulnerability (CPU Jan 2026) (CVE-2026-21964)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5544 advisory.

    A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild     under the hood. Besides building images for local usage, it can also upload images directly to cloud.  It     is compatible with composer-cli and cockpit-composer clients.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5598 advisory.

    389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the     Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5573 advisory.

    ImageMagick is an image display and manipulation tool for the X Window System that can read and write     multiple image formats.

    Security Fix(es):

    * ImageMagick: ImageMagick: Local File Disclosure via Path Traversal (CVE-2026-25965)

    * ImageMagick: Memory allocation with excessive without limits in the internal SVG decoder     (CVE-2026-25985)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5390 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5399 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * cpython: IMAP command injection in user-controlled commands (CVE-2025-15366)

    * cpython: POP3 command injection in user-controlled commands (CVE-2025-15367)

    * cpython: email header injection due to unquoted newlines (CVE-2026-1299)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5389 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5388 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5434 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5391 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5461 advisory.

    An image building service based on osbuild It is inspired by lorax-composer and exposes the same API. As     such, it is a drop-in replacement.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5445 advisory.

    Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can     contain strings, hashes, lists, sets and sorted sets.  You can run atomic operations on these types, like     appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection,     union and difference; or getting the member with highest ranking in a sorted set.  In order to achieve its     outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can     persist it either by dumping the dataset to disk every once in a while, or by appending each command to a     log.  Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first     synchronization, auto-reconnection on net split and so forth.  Other features include Transactions,     Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave     like a cache.  You can use Valkey from most programming languages also.

    Security Fix(es):

    * Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts     (CVE-2025-67733)

    * valkey: Valkey: Denial of Service via invalid clusterbus packet (CVE-2026-21863)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5393 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * cpython: IMAP command injection in user-controlled commands (CVE-2025-15366)

    * cpython: POP3 command injection in user-controlled commands (CVE-2025-15367)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5436 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5435 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5437 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5324 advisory.

    The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec,     commonly used with the WebM multimedia container file format.

    Security Fix(es):

    * libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5320 advisory.

    The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec,     commonly used with the WebM multimedia container file format.

    Security Fix(es):

    * libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:5326 advisory.

    The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec,     commonly used with the WebM multimedia container file format.

    Security Fix(es):

    * libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:5319 advisory.

    The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec,     commonly used with the WebM multimedia container file format.

    Security Fix(es):

    * libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5327 advisory.

    A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild     under the hood. Besides building images for local usage, it can also upload images directly to cloud.  It     is compatible with composer-cli and cockpit-composer clients.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:5323 advisory.

    The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec,     commonly used with the WebM multimedia container file format.

    Security Fix(es):

    * libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5196 advisory.

    389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the     Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5226 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * cpython: IMAP command injection in user-controlled commands (CVE-2025-15366)

    * cpython: POP3 command injection in user-controlled commands (CVE-2025-15367)

    * cpython: email header injection due to unquoted newlines (CVE-2026-1299)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Severity
303567	RHEL 9 : kernel-rt (RHSA-2026:5732)	high
303566	RHEL 9 : kernel-rt (RHSA-2026:5690)	high
303565	RHEL 9 : kernel (RHSA-2026:5693)	high
303564	RHEL 8 : kernel (RHSA-2026:5727)	high
303563	RHEL 8 : kernel (RHSA-2026:5689)	high
303562	RHEL 9 : kernel (RHSA-2026:5692)	high
303561	RHEL 8 : kernel (RHSA-2026:5691)	high
303493	RHEL 9 : mysql:8.4 (RHSA-2026:5640)	medium
303447	RHEL 8 : 389-ds:1.4 (RHSA-2026:5511)	high
303446	RHEL 9 : osbuild-composer (RHSA-2026:5533)	high
303445	RHEL 8 : redhat-ds:11 (RHSA-2026:5514)	high
303444	RHEL 8 : 389-ds:1.4 (RHSA-2026:5513)	high
303443	RHEL 8 : redhat-ds:11 (RHSA-2026:5512)	high
303442	RHEL 9 : thunderbird (RHSA-2026:3516)	critical
303427	RHEL 8 : nginx:1.24 (RHSA-2026:5581)	high
303426	RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2026:5578)	high
303425	RHEL 8 : opencryptoki (RHSA-2026:5587)	medium
303424	RHEL 8 : redhat-ds:11 (RHSA-2026:5568)	high
303423	RHEL 9 : redhat-ds:12 (RHSA-2026:5569)	high
303422	RHEL 8 : gnutls (RHSA-2026:5585)	medium
303421	RHEL 9 : opencryptoki (RHSA-2026:5603)	medium
303420	RHEL 9 : vim (RHSA-2026:5602)	medium
303419	RHEL 9 : 389-ds-base (RHSA-2026:5597)	high
303418	RHEL 9 : nginx (RHSA-2026:5599)	high
303417	RHEL 8 : 389-ds:1.4 (RHSA-2026:5576)	high
303416	RHEL 8 : python3 (RHSA-2026:5588)	medium
303415	RHEL 8 : mysql:8.0 (RHSA-2026:5580)	medium
303414	RHEL 9 : osbuild-composer (RHSA-2026:5544)	high
303413	RHEL 9 : 389-ds-base (RHSA-2026:5598)	high
303412	RHEL 7 : ImageMagick (RHSA-2026:5573)	high
303373	RHEL 9 : gimp (RHSA-2026:5390)	high
303372	RHEL 9 : python3.12 (RHSA-2026:5399)	medium
303371	RHEL 9 : gimp (RHSA-2026:5389)	high
303370	RHEL 9 : gimp (RHSA-2026:5388)	high
303369	RHEL 8 : gimp:2.8 (RHSA-2026:5434)	high
303368	RHEL 9 : gimp (RHSA-2026:5391)	high
303367	RHEL 8 : osbuild-composer (RHSA-2026:5461)	high
303366	RHEL 10 : valkey (RHSA-2026:5445)	high
303365	RHEL 7 : python (RHSA-2026:5393)	medium
303364	RHEL 8 : gimp:2.8 (RHSA-2026:5436)	high
303363	RHEL 8 : gimp:2.8 (RHSA-2026:5435)	high
303362	RHEL 8 : gimp:2.8 (RHSA-2026:5437)	high
303350	RHEL 9 : libvpx (RHSA-2026:5324)	high
303349	RHEL 7 : libvpx (RHSA-2026:5320)	high
303348	RHEL 9 : libvpx (RHSA-2026:5326)	high
303347	RHEL 9 : libvpx (RHSA-2026:5319)	high
303346	RHEL 9 : osbuild-composer (RHSA-2026:5327)	high
303345	RHEL 8 : libvpx (RHSA-2026:5323)	high
303337	RHEL 8 : 389-ds:1.4 (RHSA-2026:5196)	high
303336	RHEL 9 : python3.9 (RHSA-2026:5226)	medium

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

high

high

high

high

high

high

high

medium

high

high

high

high

high

critical

high

high

medium

high

high

medium

medium

medium

high

high

high

medium

medium

high

high

high

high

medium

high

high

high

high

high

high

medium

high

high

high

high

high

high

high

high

high

high

medium