Plugins Pipeline

At Tenable, we use a multitude of approaches to deliver the best possible coverage to our customers and use a number of factors to prioritize vulnerabilities. Browse upcoming plugins that the Tenable Research team is prioritizing by CVE, detection status or keyword search. Please note that this page does not represent an exhaustive list of plugins that Tenable Research intends to provide coverage for nor for which plugin coverage is provided.

Plugins are categorized into one of the following detection statuses:

Development: Tenable Research team is actively working on providing a detection.
Testing: The plugin is in the production build & release pipeline.
Released: The plugin has been published on the displayed date.

RSS Feeds

Title	CVEs	Updated	Status
[Web App Scanning] Adobe Experience Manager (AEM) Sling User Information Servlet Exposure		2025/11/28	testing
[Web App Scanning] Adobe Experience Manager (AEM) Custom Scripts Listing Detection		2025/11/28	testing
[Web App Scanning] Adobe Experience Manager (AEM) QueryBuilder Feed Servlet Detected		2025/11/27	testing
[Web App Scanning] Adobe Experience Manager (AEM) CRX Namespace Editor Panel Detected		2025/11/27	testing
WatchGuard Firebox Out-of-Bounds Write Vulnerability (CVE-2025-9242)	CVE-2025-9242	2025/11/27	development
[Web App Scanning] Sneeit Framework Plugin for WordPress < 8.4 Remote Code Execution	CVE-2025-6389	2025/11/27	testing
Critical Vulnerabilities in Fluent Bit (November 2025)	CVE-2025-12970, CVE-2025-12972, CVE-2025-12977, CVE-2025-12969, CVE-2025-12978	2025/11/26	development
[Web App Scanning] Adobe Experience Manager (AEM) Sling Login Panel Detected		2025/11/26	testing
Coverage for CVE-2025-6389 Wordpress Sneeit Framework vulnerability	CVE-2025-6389	2025/11/26	development
[Web App Scanning] Adobe Experience Manager (AEM) Login Panel Detected		2025/11/26	testing
[Web App Scanning] Adobe Experience Manager (AEM) CRX Package Manager Panel Detected		2025/11/26	testing
oracle_linux ELSA-2025-20928: ELSA-2025-20928: ipa security update (IMPORTANT)	CVE-2025-7493	2025/11/26	development
oracle_linux ELSA-2025-20958: ELSA-2025-20958: tigervnc security update (IMPORTANT)	CVE-2025-62230, CVE-2025-62229, CVE-2025-62231	2025/11/26	development
oracle_linux ELSA-2025-20936: ELSA-2025-20936: sqlite security update (IMPORTANT)	CVE-2025-6965	2025/11/26	development
oracle_linux ELSA-2025-20926: ELSA-2025-20926: redis security update (IMPORTANT)	CVE-2025-46817, CVE-2025-46819, CVE-2025-46818, CVE-2025-49844	2025/11/26	development
oracle_linux ELSA-2025-20954: ELSA-2025-20954: sssd security update (IMPORTANT)	CVE-2025-11561	2025/11/26	development
oracle_linux ELSA-2025-21280: ELSA-2025-21280: firefox security update (IMPORTANT)	CVE-2025-13014, CVE-2025-13015, CVE-2025-13018, CVE-2025-13020, CVE-2025-13016, CVE-2025-13012, CVE-2025-13013, CVE-2025-13017, CVE-2025-13019	2025/11/26	development
oracle_linux ELSA-2025-21255: ELSA-2025-21255: openssl security update (MODERATE)	CVE-2025-9230	2025/11/26	development
oracle_linux ELSA-2025-20957: ELSA-2025-20957: runc security update (IMPORTANT)	CVE-2025-31133, CVE-2025-52565, CVE-2025-52881	2025/11/26	development
oracle_linux ELSA-2025-21139: ELSA-2025-21139: python-kdcproxy security update (IMPORTANT)	CVE-2025-59089, CVE-2025-59088	2025/11/26	development
oracle_linux ELSA-2025-21110: ELSA-2025-21110: bind security update (IMPORTANT)	CVE-2025-40780, CVE-2025-40778	2025/11/26	development
oracle_linux ELSA-2025-20935: ELSA-2025-20935: squid security update (IMPORTANT)	CVE-2025-62168	2025/11/26	development
oracle_linux ELSA-2025-20956: ELSA-2025-20956: libtiff security update (IMPORTANT)	CVE-2025-8176, CVE-2025-9900	2025/11/26	development
oracle_linux ELSA-2025-20945: ELSA-2025-20945: vim security update (MODERATE)	CVE-2025-53906, CVE-2025-53905	2025/11/26	development
oracle_linux ELSA-2025-20909: ELSA-2025-20909: podman security update (IMPORTANT)	CVE-2025-47907, CVE-2025-9566	2025/11/26	development
oracle_linux ELSA-2025-20962: ELSA-2025-20962: pcs security update (IMPORTANT)	CVE-2025-59830, CVE-2025-61772, CVE-2025-61771, CVE-2025-61919, CVE-2025-61770	2025/11/26	development
oracle_linux ELSA-2025-20961: ELSA-2025-20961: xorg-x11-server security update (MODERATE)	CVE-2025-62230, CVE-2025-62229, CVE-2025-62231	2025/11/26	development
oracle_linux ELSA-2025-20963: ELSA-2025-20963: qt5-qt3d security update (MODERATE)	CVE-2025-11277	2025/11/26	development
oracle_linux ELSA-2025-20959: ELSA-2025-20959: libsoup security update (IMPORTANT)	CVE-2025-4945, CVE-2025-11021	2025/11/26	development
oracle_linux ELSA-2025-20943: ELSA-2025-20943: libssh security update (MODERATE)	CVE-2025-5318	2025/11/26	development
oracle_linux ELSA-2025-21916: ELSA-2025-21916: valkey security update (IMPORTANT)	CVE-2025-46817, CVE-2025-46819, CVE-2025-46818, CVE-2025-49844	2025/11/26	development
oracle_linux ELSA-2025-21926: ELSA-2025-21926: kernel security update (MODERATE)	CVE-2025-39843	2025/11/26	development
oracle_linux ELSA-2025-20922: ELSA-2025-20922: webkit2gtk3 security update (IMPORTANT)	CVE-2025-43356, CVE-2025-43342, CVE-2025-43368, CVE-2025-43343, CVE-2025-43272	2025/11/26	development
oracle_linux ELSA-2025-20960: ELSA-2025-20960: xorg-x11-server-Xwayland security update (MODERATE)	CVE-2025-62230, CVE-2025-62229, CVE-2025-62231	2025/11/26	development
ubuntu_linux USN-7884-1: Ubuntu 22.04 LTS / Ubuntu 24.04 LTS / Ubuntu 25.04 / Ubuntu 25.10 : OpenJDK 25 vulnerabilities (USN-7884-1)	CVE-2025-53057, CVE-2025-61748, CVE-2025-53066	2025/11/26	development
ubuntu_linux USN-7885-1: Ubuntu 20.04 LTS / Ubuntu 22.04 LTS / Ubuntu 24.04 LTS / Ubuntu 25.04 / Ubuntu 25.10 : OpenJDK 21 vulnerabilities (USN-7885-1)	CVE-2025-53057, CVE-2025-61748, CVE-2025-53066	2025/11/26	development
ubuntu_linux USN-7882-1: Ubuntu 18.04 LTS / Ubuntu 20.04 LTS / Ubuntu 22.04 LTS / Ubuntu 24.04 LTS / Ubuntu 25.04 / Ubuntu 25.10 : OpenJDK 11 vulnerabilities (USN-7882-1)	CVE-2025-53057, CVE-2025-53066	2025/11/26	development
ubuntu_linux USN-7881-1: Ubuntu 16.04 LTS / Ubuntu 18.04 LTS / Ubuntu 20.04 LTS / Ubuntu 22.04 LTS / Ubuntu 24.04 LTS / Ubuntu 25.04 / Ubuntu 25.10 : OpenJDK 8 vulnerabilities (USN-7881-1)	CVE-2025-53057, CVE-2025-53066	2025/11/26	development
ubuntu_linux USN-7883-1: Ubuntu 18.04 LTS / Ubuntu 20.04 LTS / Ubuntu 22.04 LTS / Ubuntu 24.04 LTS / Ubuntu 25.04 / Ubuntu 25.10 : OpenJDK 17 vulnerabilities (USN-7883-1)	CVE-2025-53057, CVE-2025-53066	2025/11/26	development
ubuntu_linux USN-7889-1: Ubuntu 22.04 LTS / Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7889-1)	CVE-2025-38227, CVE-2025-38616, CVE-2025-21729, CVE-2025-38678	2025/11/26	development
redhat RHSA-2025:22167: RHSA-2025:22167: tigervnc security update (Important)	CVE-2025-62230, CVE-2025-62229, CVE-2025-62231	2025/11/26	development
redhat RHSA-2025:22163: RHSA-2025:22163: libxml2 security update (Moderate)	CVE-2025-9714	2025/11/26	development
redhat RHSA-2025:22175: RHSA-2025:22175: expat security update (Important)	CVE-2025-59375	2025/11/26	development
redhat RHSA-2025:22162: RHSA-2025:22162: libxml2 security update (Moderate)	CVE-2025-9714	2025/11/26	development
redhat RHSA-2025:22168: RHSA-2025:22168: bind9.16 security update (Important)	CVE-2025-40780, CVE-2025-40778, CVE-2021-25220	2025/11/26	development
[Web App Scanning] GFI KerioControl < 9.4.5 HTTP Response Splitting	CVE-2024-52875	2025/11/26	testing
atlassian_confluence CONFSERVER-101479: Path Traversal Third-Party Dependency in Confluence Data Center and Server - CVE-2023-42282	CVE-2025-48387	2025/11/20	development
atlassian_confluence CONFSERVER-101477: DoS (Denial of Service) Third-Party Dependency in Confluence Data Center and Server - CVE-2024-37890	CVE-2022-31129, CVE-2024-25710, CVE-2025-48387, CVE-2025-55163, CVE-2022-46175, CVE-2021-23337, CVE-2024-38819, CVE-2025-48734, CVE-2024-22259, CVE-2025-22235, CVE-2022-24772, CVE-2024-4068, CVE-2025-22166, CVE-2025-22228, CVE-2021-3807, CVE-2023-42282, CVE-2024-45296, CVE-2024-38999, CVE-2020-8203, CVE-2024-45590, CVE-2023-52428, CVE-2022-38900, CVE-2022-24785, CVE-2016-1000027, CVE-2021-33587, CVE-2025-41248, CVE-2023-26159, CVE-2024-37890, CVE-2025-48976, CVE-2024-21538, CVE-2022-24771, CVE-2024-29415, CVE-2020-28471, CVE-2021-3803, CVE-2023-45133	2025/11/20	development
atlassian_confluence CONFSERVER-101488: SSRF (Server-Side Request Forgery) Third-Party Dependency in Confluence Data Center and Server - CVE-2023-42282	CVE-2022-31129, CVE-2024-25710, CVE-2025-48387, CVE-2025-55163, CVE-2022-46175, CVE-2021-23337, CVE-2024-38819, CVE-2025-48734, CVE-2024-22259, CVE-2025-22235, CVE-2022-24772, CVE-2024-4068, CVE-2025-22166, CVE-2025-22228, CVE-2021-3807, CVE-2023-42282, CVE-2024-45296, CVE-2024-38999, CVE-2020-8203, CVE-2024-45590, CVE-2023-52428, CVE-2022-38900, CVE-2022-24785, CVE-2016-1000027, CVE-2021-33587, CVE-2025-41248, CVE-2023-26159, CVE-2024-37890, CVE-2025-48976, CVE-2024-21538, CVE-2022-24771, CVE-2024-29415, CVE-2020-28471, CVE-2021-3803, CVE-2023-45133	2025/11/20	development
atlassian_confluence CONFSERVER-101485: Improper Authorization Third-Party Dependency in Confluence Data Center and Server - CVE-2025-41248	CVE-2022-31129, CVE-2024-25710, CVE-2025-48387, CVE-2025-55163, CVE-2022-46175, CVE-2021-23337, CVE-2024-38819, CVE-2025-48734, CVE-2024-22259, CVE-2025-22235, CVE-2022-24772, CVE-2024-4068, CVE-2025-22166, CVE-2025-22228, CVE-2021-3807, CVE-2023-42282, CVE-2024-45296, CVE-2024-38999, CVE-2020-8203, CVE-2024-45590, CVE-2023-52428, CVE-2022-38900, CVE-2022-24785, CVE-2016-1000027, CVE-2021-33587, CVE-2025-41248, CVE-2023-26159, CVE-2024-37890, CVE-2025-48976, CVE-2024-21538, CVE-2022-24771, CVE-2024-29415, CVE-2020-28471, CVE-2021-3803, CVE-2023-45133	2025/11/20	development