The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3341 advisory.

    The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-     ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI     concerns itself only with network connectivity of containers and removing allocated resources when the     container is deleted.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3443 advisory.

    Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can     contain strings, hashes, lists, sets and sorted sets.  You can run atomic operations on these types, like     appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection,     union and difference; or getting the member with highest ranking in a sorted set.  In order to achieve its     outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can     persist it either by dumping the dataset to disk every once in a while, or by appending each command to a     log.  Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first     synchronization, auto-reconnection on net split and so forth.  Other features include Transactions,     Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave     like a cache.  You can use Valkey from most programming languages also.

    Security Fix(es):

    * Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts     (CVE-2025-67733)

    * valkey: Valkey: Denial of Service via invalid clusterbus packet (CVE-2026-21863)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3358 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: Linux kernel: xHCI driver isochronous event handling race condition leading to data loss or UAF     (CVE-2025-37882)

    * kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (CVE-2025-37861)

    * kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation     (CVE-2025-38415)

    * kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing     (CVE-2025-39760)

    * kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial     of service (CVE-2023-53192)

    * kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length     (CVE-2025-39933)

    * kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of     service. (CVE-2025-40271)

    * kernel: Linux kernel Bluetooth: Denial of Service due to use-after-free in connection handling     (CVE-2023-53762)

    * kernel: Linux kernel ALSA USB audio driver: Buffer overflow leading to information disclosure and denial     of service (CVE-2025-40269)

    * kernel: ip6_vti: fix slab-use-after-free in decode_session6 (CVE-2023-53821)

    * kernel: ext4: fix use-after-free in ext4_orphan_cleanup (CVE-2022-50673)

    * kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CVE-2025-68349)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3340 advisory.

    The skopeo command lets you inspect images from container image registries, get images and image layers,     and use signatures to create and verify files.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3388 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: RDMA/core: Fix KASAN: slab-use-after-free Read in ib_register_device problem (CVE-2025-38022)

    * kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation     (CVE-2025-38415)

    * kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion (CVE-2025-38459)

    * kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing     (CVE-2025-39760)

    * kernel: nbd: fix incomplete validation of ioctl arg (CVE-2023-53513)

    * kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of     service. (CVE-2025-40271)

    * kernel: ip6_vti: fix slab-use-after-free in decode_session6 (CVE-2023-53821)

    * kernel: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (CVE-2023-53827)

    * kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (CVE-2022-50865)

    * kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation     (CVE-2026-23074)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3291 advisory.

    The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides     container runtime.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3268 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: RDMA/core: Fix KASAN: slab-use-after-free Read in ib_register_device problem (CVE-2025-38022)

    * kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation     (CVE-2025-38415)

    * kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion (CVE-2025-38459)

    * kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing     (CVE-2025-39760)

    * kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length     (CVE-2025-39933)

    * kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of     service. (CVE-2025-40271)

    * kernel: ip6_vti: fix slab-use-after-free in decode_session6 (CVE-2023-53821)

    * kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation     (CVE-2026-23074)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:3289 advisory.

    Collector with the supported components for a Red Hat build of OpenTelemetry

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2975 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.18.34. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2026:2977

    Security Fix(es):

    * runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and     procfs write redirects (CVE-2025-52881)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.18 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-     single/updating_clusters/index#updating-cluster-cli.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3339 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

    * firefox: Invalid pointer in the JavaScript Engine component (CVE-2026-2785)

    * firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8,     Firefox 148 and Thunderbird 148 (CVE-2026-2793)

    * firefox: Undefined behavior in the DOM: Core & HTML component (CVE-2026-2771)

    * firefox: Integer overflow in the Audio/Video component (CVE-2026-2774)

    * firefox: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External     Software (CVE-2026-2776)

    * firefox: Integer overflow in the Libraries component in NSS (CVE-2026-2781)

    * firefox: Use-after-free in the JavaScript Engine: JIT component (CVE-2026-2766)

    * firefox: Use-after-free in the Storage: IndexedDB component (CVE-2026-2769)

    * firefox: Use-after-free in the DOM: Window and Location component (CVE-2026-2787)

    * firefox: Sandbox escape in the Storage: IndexedDB component (CVE-2026-2768)

    * firefox: Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component     (CVE-2026-2783)

    * firefox: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-2788)

    * firefox: Mitigation bypass in the DOM: Security component (CVE-2026-2784)

    * firefox: Incorrect boundary conditions in the Graphics: ImageLib component (CVE-2026-2759)

    * firefox: Integer overflow in the JavaScript: Standard Library component (CVE-2026-2762)

    * firefox: Sandbox escape in the Graphics: WebRender component (CVE-2026-2761)

    * firefox: Privilege escalation in the Messaging System component (CVE-2026-2777)

    * firefox: Same-origin policy bypass in the Networking: JAR component (CVE-2026-2790)

    * firefox: Mitigation bypass in the DOM: HTML Parser component (CVE-2026-2775)

    * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2763)

    * firefox: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and     Thunderbird 148 (CVE-2026-2792)

    * firefox: Incorrect boundary conditions in the Web Audio component (CVE-2026-2773)

    * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2786)

    * firefox: Use-after-free in the Graphics: ImageLib component (CVE-2026-2789)

    * firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Audio/Video component (CVE-2026-2757)

    * firefox: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component     (CVE-2026-2760)

    * firefox: Use-after-free in the Audio/Video: Playback component (CVE-2026-2772)

    * firefox: Incorrect boundary conditions in the Networking: JAR component (CVE-2026-2779)

    * firefox: Use-after-free in the JavaScript: WebAssembly component (CVE-2026-2767)

    * firefox: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component (CVE-2026-2764)

    * firefox: Privilege escalation in the Netmonitor component (CVE-2026-2782)

    * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2765)

    * firefox: Privilege escalation in the Netmonitor component (CVE-2026-2780)

    * firefox: Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component     (CVE-2026-2778)

    * firefox: Use-after-free in the JavaScript: GC component (CVE-2026-2758)

    * firefox: Mitigation bypass in the Networking: Cache component (CVE-2026-2791)

    * firefox: Use-after-free in the DOM: Bindings (WebIDL) component (CVE-2026-2770)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3361 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

    * firefox: Invalid pointer in the JavaScript Engine component (CVE-2026-2785)

    * firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8,     Firefox 148 and Thunderbird 148 (CVE-2026-2793)

    * firefox: Undefined behavior in the DOM: Core & HTML component (CVE-2026-2771)

    * firefox: Integer overflow in the Audio/Video component (CVE-2026-2774)

    * firefox: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External     Software (CVE-2026-2776)

    * firefox: Integer overflow in the Libraries component in NSS (CVE-2026-2781)

    * firefox: Use-after-free in the JavaScript Engine: JIT component (CVE-2026-2766)

    * firefox: Use-after-free in the Storage: IndexedDB component (CVE-2026-2769)

    * firefox: Use-after-free in the DOM: Window and Location component (CVE-2026-2787)

    * firefox: Sandbox escape in the Storage: IndexedDB component (CVE-2026-2768)

    * firefox: Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component     (CVE-2026-2783)

    * firefox: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-2788)

    * firefox: Mitigation bypass in the DOM: Security component (CVE-2026-2784)

    * firefox: Incorrect boundary conditions in the Graphics: ImageLib component (CVE-2026-2759)

    * firefox: Integer overflow in the JavaScript: Standard Library component (CVE-2026-2762)

    * firefox: Sandbox escape in the Graphics: WebRender component (CVE-2026-2761)

    * firefox: Privilege escalation in the Messaging System component (CVE-2026-2777)

    * firefox: Same-origin policy bypass in the Networking: JAR component (CVE-2026-2790)

    * firefox: Mitigation bypass in the DOM: HTML Parser component (CVE-2026-2775)

    * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2763)

    * firefox: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and     Thunderbird 148 (CVE-2026-2792)

    * firefox: Incorrect boundary conditions in the Web Audio component (CVE-2026-2773)

    * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2786)

    * firefox: Use-after-free in the Graphics: ImageLib component (CVE-2026-2789)

    * firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Audio/Video component (CVE-2026-2757)

    * firefox: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component     (CVE-2026-2760)

    * firefox: Use-after-free in the Audio/Video: Playback component (CVE-2026-2772)

    * firefox: Incorrect boundary conditions in the Networking: JAR component (CVE-2026-2779)

    * firefox: Use-after-free in the JavaScript: WebAssembly component (CVE-2026-2767)

    * firefox: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component (CVE-2026-2764)

    * firefox: Privilege escalation in the Netmonitor component (CVE-2026-2782)

    * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2765)

    * firefox: Privilege escalation in the Netmonitor component (CVE-2026-2780)

    * firefox: Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component     (CVE-2026-2778)

    * firefox: Use-after-free in the JavaScript: GC component (CVE-2026-2758)

    * firefox: Mitigation bypass in the Networking: Cache component (CVE-2026-2791)

    * firefox: Use-after-free in the DOM: Bindings (WebIDL) component (CVE-2026-2770)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3359 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID (CVE-2026-23490)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3297 advisory.

    The buildah package provides a tool for facilitating building OCI container images. Among other things,     buildah enables you to: Create a working container, either from scratch or using an image as a starting     point; Create an image, either from a working container or using the instructions in a Dockerfile; Build     both Docker and OCI images.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3334 advisory.

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
    The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

    Security Fix(es):

    * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22855)

    * freerdp: FreeRDP global-buffer-overflow (CVE-2026-22858)

    * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22859)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3275 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: Kernel: Double free vulnerability in exFAT filesystem can lead to denial of service     (CVE-2025-38206)

    * kernel: drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (CVE-2025-40096)

    * kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (CVE-2025-40168)

    * kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CVE-2025-68800)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3298 advisory.

    The buildah package provides a tool for facilitating building OCI container images. Among other things,     buildah enables you to: Create a working container, either from scratch or using an image as a starting     point; Create an image, either from a working container or using the instructions in a Dockerfile; Build     both Docker and OCI images.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:3288 advisory.

    Collector with the supported components for a Red Hat build of OpenTelemetry

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3293 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: RDMA/core: Fix KASAN: slab-use-after-free Read in ib_register_device problem (CVE-2025-38022)

    * kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation     (CVE-2025-38415)

    * kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing     (CVE-2025-39760)

    * kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length     (CVE-2025-39933)

    * kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of     service. (CVE-2025-40271)

    * kernel: Linux kernel ALSA USB audio driver: Buffer overflow leading to information disclosure and denial     of service (CVE-2025-40269)

    * kernel: ip6_vti: fix slab-use-after-free in decode_session6 (CVE-2023-53821)

    * kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CVE-2025-68349)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3188 advisory.

    Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB &     OpenTSDB.

    Security Fix(es):

    * golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip     (CVE-2025-61728)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3192 advisory.

    The golang packages provide the Go programming language compiler.

    Security Fix(es):

    * golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip     (CVE-2025-61728)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * cmd/cgo: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3193 advisory.

    The golang packages provide the Go programming language compiler.

    Security Fix(es):

    * golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip     (CVE-2025-61728)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * cmd/cgo: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3187 advisory.

    The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries     and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

    Security Fix(es):

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3220 advisory.

    The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can     encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and     automated mechanism for serializing structured data.

    Security Fix(es):

    * python: protobuf: Protobuf: Denial of Service due to recursion depth bypass (CVE-2026-0994)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3164 advisory.

    EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual     Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.

    Security Fix(es):

    * edk2: Out-of-bounds read & write in RFC 3211 KEK Unwrap [rhel-9.4.z] (CVE-2025-9230)

    For more details about the security issue(s), including the impact, a CVSS     score, acknowledgments, and other related information, refer to the CVE page(s)     listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3124 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: Linux kernel: Data corruption and system instability due to improper io_uring/net buffer     handling (CVE-2025-38730)

    * kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing     (CVE-2025-39760)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3189 advisory.

    389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the     Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

    Security Fix(es):

    * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow     (CVE-2025-14905)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3165 advisory.

    Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of     architectures. The qemu-kvm packages provide the user-space component for running virtual machines that     use KVM.

    Security Fix(es):

    * qemu-kvm: VNC WebSocket handshake use-after-free (CVE-2025-11234)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2994 advisory.

    Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This     software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under     Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update     experience.

    This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 3 serves as a     replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 2, and includes bug     fixes and enhancements, which are documented in the Release Notes linked to in the References section.

    Security Fix(es):

    * openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap [jbcs-httpd-2.4] (CVE-2025-9230)
    * jbcs-httpd24-httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... [jbcs-     httpd-2.4] (CVE-2025-58098)
    * jbcs-httpd24-httpd: Apache HTTP Server: mod_md (ACME), unintended retry intervals [jbcs-httpd-2.4]     (CVE-2025-55753)
    * jbcs-httpd24-httpd: Apache HTTP Server: CGI environment variable override [jbcs-httpd-2.4]     (CVE-2025-65082)
    * jbcs-httpd24-httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo [jbcs-     httpd-2.4] (CVE-2025-66200)
    * openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 (CVE-2025-69419)

    A Red Hat Security Bulletin which addresses further details about this flaw is available in the References     section.

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3092 advisory.

    HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables      driverless support for USB devices capable of using IPP-over-USB protocol.

    Security Fix(es):

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3097 advisory.

    The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can     encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and     automated mechanism for serializing structured data.

    Security Fix(es):

    * python: protobuf: Protobuf: Denial of Service due to recursion depth bypass (CVE-2026-0994)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3088 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (CVE-2025-37861)

    * kernel: Linux kernel io_uring: Local privilege escalation, information disclosure, or denial of service     via use-after-free (CVE-2025-38106)

    * kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation     (CVE-2025-38415)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3110 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: page_pool: Fix use-after-free in page_pool_recycle_in_ring (CVE-2025-38129)

    * kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init (CVE-2025-38248)

    * kernel: smc: Fix use-after-free in __pnet_find_base_ndev() (CVE-2025-40064)

    * kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CVE-2025-68800)

    * kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation     (CVE-2026-23074)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3094 advisory.

    The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can     encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and     automated mechanism for serializing structured data.

    Security Fix(es):

    * python: protobuf: Protobuf: Denial of Service due to recursion depth bypass (CVE-2026-0994)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3083 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: page_pool: Fix use-after-free in page_pool_recycle_in_ring (CVE-2025-38129)

    * kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init (CVE-2025-38248)

    * kernel: smc: Fix use-after-free in __pnet_find_base_ndev() (CVE-2025-40064)

    * kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CVE-2025-68800)

    * kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation     (CVE-2026-23074)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3059 advisory.

    The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can     encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and     automated mechanism for serializing structured data.

    Security Fix(es):

    * python: protobuf: Protobuf: Denial of Service due to recursion depth bypass (CVE-2026-0994)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3077 advisory.

    Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of     architectures. The qemu-kvm packages provide the user-space component for running virtual machines that     use KVM.

    Security Fix(es):

    * qemu-kvm: VNC WebSocket handshake use-after-free (CVE-2025-11234)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3066 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: page_pool: Fix use-after-free in page_pool_recycle_in_ring (CVE-2025-38129)

    * kernel: Kernel: Double free vulnerability in exFAT filesystem can lead to denial of service     (CVE-2025-38206)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3095 advisory.

    The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can     encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and     automated mechanism for serializing structured data.

    Security Fix(es):

    * python: protobuf: Protobuf: Denial of Service due to recursion depth bypass (CVE-2026-0994)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3068 advisory.

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
    The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

    Security Fix(es):

    * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22855)

    * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22853)

    * freerdp: FreeRDP global-buffer-overflow (CVE-2026-22858)

    * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22859)

    * freerdp: FreeRDP: Denial of Service via use after free in ecam_channel_write (CVE-2026-24678)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3078 advisory.

    Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB &     OpenTSDB.

    Security Fix(es):

    * grafana/grafana/pkg/services/dashboards: Grafana Dashboard Permissions Scope Bypass Enables     Cross?Dashboard Privilege Escalation (CVE-2026-21721)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3058 advisory.

    ImageMagick is an image display and manipulation tool for the X Window System that can read and write     multiple image formats.

    Security Fix(es):

    * ImageMagick: ImageMagick vulnerable to denial of service via integer overflow in BMP decoder on 32-bit     systems (CVE-2025-62171)

    * ImageMagick: ImageMagick: Arbitrary code execution via a crafted XBM image file (CVE-2026-23876)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:3053 advisory.

    Butane translates human-readable Butane Configs into machine-readable Ignition configs for provisioning     operating systems that use Ignition.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3067 advisory.

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
    The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

    Security Fix(es):

    * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22855)

    * freerdp: FreeRDP global-buffer-overflow (CVE-2026-22858)

    * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22859)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3039 advisory.

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
    The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

    Security Fix(es):

    * freerdp: FreeRDP: Heap buffer overflow leading to denial of service and potential code execution from a     malicious server. (CVE-2026-23530)

    * freerdp: FreeRDP: Denial of Service and potential code execution via use-after-free vulnerability     (CVE-2026-23884)

    * freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution     (CVE-2026-23533)

    * freerdp: FreeRDP: Heap buffer overflow via crafted RDPGFX surface updates leads to denial of service and     potential code execution. (CVE-2026-23531)

    * freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow     (CVE-2026-23532)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2746 advisory.

    Red Hat build of MicroShift is Red Hat's light-weight Kubernetes     orchestration solution designed for edge device deployments and is built     from the edge capabilities of Red Hat OpenShift Container Platform.
    MicroShift is an application that is deployed on top of Red Hat Enterprise     Linux devices at the edge, providing an efficient way to operate     single-node clusters in these low-resource environments.

    This advisory contains the RPM packages for Red Hat build of MicroShift     4.17.49. Read the following advisory for the container images for this     release:

    https://access.redhat.com/errata/RHSA-2026:2672

    Security Fix(es):

    * github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service     due to large single-line payload (CVE-2025-65637)

    All Red Hat build of MicroShift 4.17 users are advised to use these updated     packages and images when they are available in the RPM repository.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:3031 advisory.

    The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG     (Portable Network Graphics) image format files. This version should be used only if you are unable to use     the current version of libpng.

    Security Fix(es):

    * libpng: LIBPNG has a heap buffer overflow in png_set_quantize (CVE-2026-25646)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3034 advisory.

    MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating and validating credentials.
    It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to     authenticate the UID and GID of another local or remote process within a group of hosts having common     users and groups. These hosts form a security realm that is defined by a shared cryptographic key. Clients     within this security realm can create and validate credentials without the use of root privileges,     reserved ports, or platform-specific methods.

    Security Fix(es):

    * MUNGE: MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery     (CVE-2026-25506)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3040 advisory.

    The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries     and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

    Security Fix(es):

    * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate     (CVE-2025-61729)

    * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

    * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3033 advisory.

    MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating and validating credentials.
    It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to     authenticate the UID and GID of another local or remote process within a group of hosts having common     users and groups. These hosts form a security realm that is defined by a shared cryptographic key. Clients     within this security realm can create and validate credentials without the use of root privileges,     reserved ports, or platform-specific methods.

    Security Fix(es):

    * MUNGE: MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery     (CVE-2026-25506)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3037 advisory.

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
    The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

    Security Fix(es):

    * freerdp: FreeRDP: Heap buffer overflow leading to denial of service and potential code execution from a     malicious server. (CVE-2026-23530)

    * freerdp: FreeRDP: Denial of Service and potential code execution via use-after-free vulnerability     (CVE-2026-23884)

    * freerdp: FreeRDP: Arbitrary code execution and denial of service via malicious server (CVE-2026-23883)

    * freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution     (CVE-2026-23533)

    * freerdp: FreeRDP: Heap buffer overflow via crafted RDPGFX surface updates leads to denial of service and     potential code execution. (CVE-2026-23531)

    * freerdp: FreeRDP: Arbitrary code execution and denial of service via client-side heap buffer overflow     (CVE-2026-23534)

    * freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow     (CVE-2026-23532)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Severity
300044	RHEL 9 : containernetworking-plugins (RHSA-2026:3341)	critical
300011	RHEL 10 : valkey (RHSA-2026:3443)	high
300007	RHEL 9 : kernel-rt (RHSA-2026:3358)	high
300006	RHEL 9 : skopeo (RHSA-2026:3340)	critical
300005	RHEL 8 : kernel (RHSA-2026:3388)	high
299993	RHEL 9 : runc (RHSA-2026:3291)	critical
299992	RHEL 8 : kernel (RHSA-2026:3268)	high
299991	RHEL 9 : opentelemetry-collector (RHSA-2026:3289)	high
299990	RHEL 9 : OpenShift Container Platform 4.18.34 (RHSA-2026:2975)	high
299984	RHEL 9 : firefox (RHSA-2026:3339)	critical
299964	RHEL 10 : firefox (RHSA-2026:3361)	critical
299963	RHEL 9 : python-pyasn1 (RHSA-2026:3359)	high
299962	RHEL 10 : buildah (RHSA-2026:3297)	critical
299961	RHEL 8 : freerdp (RHSA-2026:3334)	medium
299933	RHEL 10 : kernel (RHSA-2026:3275)	high
299930	RHEL 9 : buildah (RHSA-2026:3298)	critical
299929	RHEL 10 : opentelemetry-collector (RHSA-2026:3288)	high
299928	RHEL 9 : kernel (RHSA-2026:3293)	high
299887	RHEL 8 : grafana (RHSA-2026:3188)	critical
299886	RHEL 10 : golang (RHSA-2026:3192)	critical
299885	RHEL 9 : golang (RHSA-2026:3193)	critical
299884	RHEL 8 : grafana-pcp (RHSA-2026:3187)	critical
299883	RHEL 9 : protobuf (RHSA-2026:3220)	high
299859	RHEL 9 : edk2 (RHSA-2026:3164)	high
299858	RHEL 10 : kernel (RHSA-2026:3124)	high
299857	RHEL 9 : 389-ds-base (RHSA-2026:3189)	high
299856	RHEL 9 : qemu-kvm (RHSA-2026:3165)	high
299848	RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP3 (RHSA-2026:2994)	high
299819	RHEL 10 : golang-github-openprinting-ipp-usb (RHSA-2026:3092)	critical
299818	RHEL 9 : protobuf (RHSA-2026:3097)	high
299817	RHEL 9 : kernel (RHSA-2026:3088)	high
299816	RHEL 8 : kernel-rt (RHSA-2026:3110)	high
299815	RHEL 10 : protobuf (RHSA-2026:3094)	high
299790	RHEL 8 : kernel (RHSA-2026:3083)	high
299789	RHEL 9 : protobuf (RHSA-2026:3059)	high
299788	RHEL 9 : qemu-kvm (RHSA-2026:3077)	high
299787	RHEL 9 : kernel (RHSA-2026:3066)	high
299786	RHEL 9 : protobuf (RHSA-2026:3095)	high
299785	RHEL 10 : freerdp (RHSA-2026:3068)	high
299784	RHEL 10 : grafana (RHSA-2026:3078)	high
299783	RHEL 7 : ImageMagick (RHSA-2026:3058)	critical
299782	RHEL 9 : butane (RHSA-2026:3053)	high
299772	RHEL 9 : freerdp (RHSA-2026:3067)	medium
299771	RHEL 8 : freerdp (RHSA-2026:3039)	high
299770	RHEL 9 : Red Hat build of MicroShift 4.17.49 (RHSA-2026:2746)	high
299769	RHEL 9 : libpng15 (RHSA-2026:3031)	high
299768	RHEL 9 : munge (RHSA-2026:3034)	high
299767	RHEL 9 : grafana-pcp (RHSA-2026:3040)	critical
299766	RHEL 10 : munge (RHSA-2026:3033)	high
299765	RHEL 9 : freerdp (RHSA-2026:3037)	high

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

critical

high

high

critical

high

critical

high

high

high

critical

critical

high

critical

medium

high

critical

high

high

critical

critical

critical

critical

high

high

high

high

high

high

critical

high

high

high

high

high

high

high

high

high

high

high

critical

high

medium

high

high

high

high

critical

high

high