Nessus

This hub aggregates every CVE we track for Nessus. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Nessus.

• CVE-2025-36630Local Privilege Escalation8.4Jul 1, 2025
• CVE-2025-36625Log Poisoning in Nessus4.3Apr 18, 2025
• CVE-2025-24914Local Priviledge Escalation7.8Apr 18, 2025
• CVE-2024-3290Race Condition8.2May 17, 2024
• CVE-2024-3289When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for...7.8May 17, 2024
• CVE-2024-2390Local Privilege Escalation 7.8Mar 18, 2024
• CVE-2024-0971 A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content. 6.5Feb 6, 2024
• CVE-2024-0955Stored XSS vulnerability4.8Feb 6, 2024
• CVE-2023-6178 An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remo...6.8Nov 20, 2023
• CVE-2023-6062Arbitrary File Write6.8Nov 20, 2023
• CVE-2023-5847 Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.6.7Nov 1, 2023
• CVE-2023-3253Improper authorization in Nessus4.3Aug 29, 2023
• CVE-2023-3252Arbitrary File Write6.8Aug 29, 2023
• CVE-2023-3251Pass-back vulnerability in Nessus4.1Aug 29, 2023
• CVE-2023-2005Tenable Plugin Feed ID #202306261202 Fixes Privilege Escalation Vulnerability6.3Jun 26, 2023