Tenable Core 2026 Release Notes
Tip: You can subscribe to receive alerts for Tenable documentation updates.
These release notes summarize updates made to Tenable Core in 2026. Downloading and applying the most recent version of the offline ISO image initiates these updates on your Tenable Core machine.
Tip: Tenable recommends applying all offline updates, in order, to your offline Tenable Core machine. Do not skip offline updates.
To update using the Tenable Core offline ISO image, see the documentation for your application:
- Tenable Core + Tenable Nessus
- Tenable Core + Tenable Network Monitor
- Tenable Core + Tenable Security Center
- Tenable Core + Tenable Web App Scanning
- Tenable Core + Tenable OT Security
- Tenable Core + Tenable OT Security Sensor
- Tenable Core + Tenable OT Security Enterprise Manager
- Tenable Core + Tenable Sensor Proxy
For more information about product updates, see the release notes for your application.
These release notes are listed in reverse chronological order.
Q1 2026
New Features and Changed Functionality
-
The remote storage user interface no longer displays the contents of current private key.
-
Fixed an issue where attempting to mount a severely corrupted offline ISO may hang the offline-ISO mounting script.
Update References
Oracle 8 Security Updates:
ELSA-2026-13577 Important kernel security update
ELSA-2026-13383 Important openssh security update
ELSA-2026-13285 Important libcap security update
ELSA-2026-11521 Important sudo security update
ELSA-2026-11509 Important vim security update
ELSA-2026-11349 Moderate libxml2 security update
ELSA-2026-11077 Important python3 security update
ELSA-2026-10741 Important gdk-pixbuf2 security update
ELSA-2026-9689 Important java-21-openjdk security update
ELSA-2026-8534 Important libarchive security update
ELSA-2026-8352 Important bind security update
ELSA-2026-7667 Important nghttp2 security update
ELSA-2026-6915 Important vim security update
ELSA-2026-6571 Moderate kernel security update
ELSA-2026-6473 Important python3 security update
ELSA-2026-6461 Important openssh security update
ELSA-2026-6436 Moderate rsync security update
ELSA-2026-6037 Moderate kernel security update
ELSA-2026-5588 Moderate python3 security update
ELSA-2026-5585 Moderate gnutls security update
ELSA-2026-4772 Moderate glibc security update
ELSA-2026-4728 Important libpng security update
ELSA-2026-4672 Important container-tools:rhel8 security update
ELSA-2026-4648 Moderate grub2 security update
ELSA-2026-4442 Moderate vim security update
ELSA-2026-4146 Important python-pyasn1 security update
ELSA-2026-3963 Important kernel security update
ELSA-2026-3938 Moderate nfs-utils security update
ELSA-2026-3428 Important container-tools:ol8 security update
ELSA-2026-3083 Important kernel security update
ELSA-2026-3042 Moderate openssl security update
ELSA-2026-2389 Important brotli security update
ELSA-2026-2264 Important kernel security update
ELSA-2026-2215 Important libsoup security update
ELSA-2026-2128 Moderate python3 security update
ELSA-2026-1852 Moderate util-linux security update
ELSA-2026-1254 Important python-urllib3 security update
ELSA-2026-1142 Important kernel security update
ELSA-2026-0991 Moderate glib2 security update
ELSA-2026-0928 Important java-21-openjdk security update
Oracle 8 Updates
ELBA-2026-50248 cloud-init bug fix update
ELBA-2026-50242 mdadm bug fix update
ELBA-2026-50235 kexec-tools bug fix update
ELBA-2026-50185 util-linux bug fix update
ELBA-2026-50166 systemd bug fix update
ELBA-2026-50158 kexec-tools bug fix update
ELBA-2026-50146 pcp bug fix update
ELBA-2026-50139 lvm2 bug fix update
ELBA-2026-50138 bcache-tools bug fix update
ELBA-2026-50137 mdadm bug fix update
ELBA-2026-50135 smartmontools bug fix update
ELBA-2026-50130 glibc bug fix update
ELBA-2026-50111 cloud-init bug fix update
ELBA-2026-50093 smartmontools bug fix update
ELBA-2026-13662 dbus bug fix and enhancement update
ELBA-2026-13659 device-mapper-multipath bug fix and enhancement update
ELBA-2026-13658 krb5 bug fix and enhancement update
ELBA-2026-13655 ksh bug fix and enhancement update
ELBA-2026-9743 systemd bug fix and enhancement update
ELBA-2026-8104 nvme-cli bug fix and enhancement update
ELBA-2026-8101 microcode_ctl bug fix and enhancement update
ELBA-2026-8100 sed bug fix and enhancement update
ELBA-2026-8099 linux-firmware bug fix and enhancement update
ELBA-2026-8095 nss bug fix and enhancement update
ELBA-2026-5586 coreutils bug fix and enhancement update
ELBA-2026-5583 curl bug fix and enhancement update
ELBA-2026-4904 cups bug fix and enhancement update
ELBA-2026-4902 tzdata bug fix and enhancement update
ELBA-2026-4829 sos bug fix and enhancement update
ELBA-2026-3661 systemd bug fix and enhancement update
ELBA-2026-3659 curl bug fix and enhancement update
ELBA-2026-3546 selinux-policy update
ELBA-2026-2424 virt:ol and virt-devel:ol bug fix and enhancement update
ELBA-2026-2416 sssd bug fix and enhancement update
ELBA-2026-2415 libselinux bug fix and enhancement update
ELBA-2026-2414 linux-firmware bug fix and enhancement update
ELBA-2026-2413 microcode_ctl bug fix and enhancement update
ELBA-2026-2411 kexec-tools bug fix and enhancement update
ELBA-2026-0886 lvm2 bug fix and enhancement update
ELBA-2026-0885 cockpit bug fix and enhancement update
ELBA-2026-0884 systemd bug fix and enhancement update
ELBA-2026-0883 os-prober bug fix and enhancement update
ELBA-2026-0860 open-vm-tools bug fix and enhancement update
ELBA-2026-0859 cloud-init bug fix and enhancement update
CVE References - Oracle 8
| Type | Reference |
|---|---|
| Oracle Linux 10 / 8 / 9 : java-21-openjdk (ELSA-2026-0928) |
CVE-2025-64720 |
| Oracle Linux 8 : glib2 (ELSA-2026-0991) |
CVE-2025-13601 |
| Oracle Linux 8 : gdk-pixbuf2 (ELSA-2026-10741) |
CVE-2026-5201 |
| Oracle Linux 8 : python3 (ELSA-2026-11077) |
CVE-2026-4786 |
| Oracle Linux 8 : libxml2 (ELSA-2026-11349) |
CVE-2025-9714 |
| Oracle Linux 8 : kernel (ELSA-2026-1142) |
CVE-2023-53673 |
| Oracle Linux 8 : vim (ELSA-2026-11509) |
CVE-2026-34982 |
| Oracle Linux 8 : sudo (ELSA-2026-11521) |
CVE-2026-35535 |
| Oracle Linux 8 : python-urllib3 (ELSA-2026-1254) |
CVE-2025-66418 |
| Oracle Linux 8 : libcap (ELSA-2026-13285) |
CVE-2026-4878 |
| Oracle Linux 8 : openssh (ELSA-2026-13383) |
CVE-2026-35385 |
| Oracle Linux 8 : kernel (ELSA-2026-13577) |
CVE-2024-41073 |
|
Oracle Linux 8 : util-linux (ELSA-2026-1852) |
CVE-2025-14104 |
|
Oracle Linux 8 : python3 (ELSA-2026-2128) |
CVE-2025-15366 |
| Oracle Linux 8 : libsoup (ELSA-2026-2215) |
CVE-2026-0719 |
| Oracle Linux 8 : kernel (ELSA-2026-2264) |
CVE-2022-50673 |
|
Oracle Linux 8 : brotli (ELSA-2026-2389) |
CVE-2025-6176 |
|
Oracle Linux 8 : openssl (ELSA-2026-3042) |
CVE-2025-69419 |
| Oracle Linux 8 : kernel (ELSA-2026-3083) |
CVE-2025-38129 |
| Oracle Linux 8 : container-tools:ol8 (ELSA-2026-3428) |
CVE-2024-24785 |
| Oracle Linux 8 : nfs-utils (ELSA-2026-3938) |
CVE-2025-12801 |
| Oracle Linux 8 : kernel (ELSA-2026-3963) |
CVE-2025-71085 |
| Oracle Linux 8 : python-pyasn1 (ELSA-2026-4146) |
CVE-2026-23490 |
| Oracle Linux 8 : vim (ELSA-2026-4442) |
CVE-2026-25749 |
| Oracle Linux 8 : grub2 (ELSA-2026-4648) |
CVE-2025-61662 |
| Oracle Linux 8 : container-tools:rhel8 (ELSA-2026-4672) |
CVE-2025-61726 |
| Oracle Linux 8 : libpng (ELSA-2026-4728) |
CVE-2026-22695 |
| Oracle Linux 8 : glibc (ELSA-2026-4772) |
CVE-2025-15281 |
| Oracle Linux 8 : gnutls (ELSA-2026-5585) |
CVE-2025-14831 |
| Oracle Linux 8 : python3 (ELSA-2026-5588) |
CVE-2025-0938 |
| Oracle Linux 8 : kernel (ELSA-2026-6037) |
CVE-2025-38180 |
| Oracle Linux 8 : rsync (ELSA-2026-6436) |
CVE-2025-10158 |
| Oracle Linux 8 : openssh (ELSA-2026-6461) |
CVE-2026-3497 |
| Oracle Linux 8 : python3 (ELSA-2026-6473) |
CVE-2026-4519 |
| Oracle Linux 8 : kernel (ELSA-2026-6571) |
CVE-2024-26984 |
| Oracle Linux 8 : vim (ELSA-2026-6915) |
CVE-2026-28417 |
| Oracle Linux 8 : nghttp2 (ELSA-2026-7667) |
CVE-2026-27135 |
| Oracle Linux 8 : bind (ELSA-2026-8352) |
CVE-2026-1519 |
| Oracle Linux 8 : libarchive (ELSA-2026-8534) |
CVE-2026-4424 |
| Oracle Linux 10 / 8 / 9 : java-21-openjdk (ELSA-2026-9689) |
CVE-2026-22007 |
Q4 2025
Bug Fixes
-
Changes to automatic backup preferences are now applied immediately. Previously, they had no effect until a reboot or a systemctl daemon-reload was run.
-
Fixed a bug where the updates page of the webui failed to show that updates were running if they were running before the page was loaded.
Update References
Oracle 8 Security Updates:
ELSA-2025-25743 Moderate linux-firmware security update
ELSA-2025-23543 Important container-tools:rhel8 security update
ELSA-2025-23481 Moderate openssh security update
ELSA-2025-23383 Moderate curl security update
ELSA-2025-23382 Moderate binutils security update
ELSA-2025-23086 Moderate luksmeta security update
ELSA-2025-22801 Moderate kernel security update
ELSA-2025-22388 Moderate kernel security update
ELSA-2025-22063 Moderate cups security update
ELSA-2025-21977 Moderate libssh security update
ELSA-2025-21776 Important expat security update
ELSA-2025-21232 Important container-tools:rhel8 security update
ELSA-2025-20034-0 Important libtiff security update
ELSA-2025-19931 Moderate kernel security update
ELSA-2025-19835 Important bind security update
ELSA-2025-19714 Important libsoup security update
ELSA-2025-19610 Important sssd security update
ELSA-2025-19447 Moderate kernel security update
ELSA-2025-19276 Important libtiff security update
ELSA-2025-19102 Moderate kernel security update
ELSA-2025-18824 Moderate java-21-openjdk security update
ELSA-2025-18297 Moderate kernel security update
ELSA-2026-0753 Important container-tools:rhel8 security update
ELSA-2026-0750 Important net-snmp security update
ELSA-2026-0728 Important gnupg2 security update
ELSA-2026-0596 Moderate cups security update
ELSA-2026-0444 Important kernel security update
ELSA-2026-0421 Important libsoup security update
ELSA-2026-0337 Moderate openssl security update
ELSA-2026-0241 Important libpng security update
Oracle 8 Updates
ELBA-2026-50003 pcp bug fix update
ELBA-2026-0369 openscap bug fix and enhancement update
ELBA-2026-0138 sos bug fix and enhancement update
ELBA-2025-28064 systemd bug fix update
ELBA-2025-28046 pcp bug fix update
ELBA-2025-28004 systemd bug fix update
ELBA-2025-25765 pcp bug fix update
ELBA-2025-25748 kexec-tools bug fix update
ELBA-2025-25728 sos bug fix update
ELBA-2025-23464 tzdata bug fix and enhancement update
ELBA-2025-23387 dracut bug fix and enhancement update
ELBA-2025-23385 util-linux bug fix and enhancement update
ELBA-2025-23384 sudo bug fix and enhancement update
ELBA-2025-23381 net-snmp bug fix and enhancement update
ELBA-2025-23380 coreutils bug fix and enhancement update
ELBA-2025-23379 shadow-utils bug fix and enhancement update
ELBA-2025-23378 pam bug fix and enhancement update
ELBA-2025-23377 iscsi-initiator-utils bug fix and enhancement update
ELBA-2025-23376 findutils bug fix and enhancement update
ELBA-2025-23363 rest bug fix and enhancement update
ELBA-2025-22795 glibc bug fix and enhancement update
ELBA-2025-20720 systemd bug fix update
ELBA-2025-20717 kexec-tools bug fix update
ELBA-2025-19576 plymouth bug fix and enhancement update
ELBA-2025-19575 libdmx bug fix and enhancement update
ELBA-2025-19571 ksh bug fix and enhancement update
ELBA-2025-19559 initscripts bug fix and enhancement update
ELBA-2025-19557 glib2 bug fix and enhancement update
ELBA-2025-19556 systemd bug fix and enhancement update
ELBA-2025-19555 microcode_ctl bug fix and enhancement update
ELBA-2025-19554 mdadm bug fix and enhancement update
ELBA-2025-19558 linux-firmware bug fix and enhancement update
ELBA-2025-19289 ca-certificates bug fix and enhancement update
ELBA-2025-17417 linux-firmware bug fix and enhancement update
CVE References - Oracle 8
| Type | Reference |
|---|---|
| Oracle Linux 8 : kernel (ELSA-2025-18297) |
CVE-2023-53373 |
| Oracle Linux 10 / 8 / 9 : java-21-openjdk (ELSA-2025-18824) |
CVE-2025-53057 |
| Oracle Linux 8 : kernel (ELSA-2025-19102) |
CVE-2022-50386 |
| Oracle Linux 8 : libtiff (ELSA-2025-19276) |
CVE-2025-9900 |
| Oracle Linux 8 : kernel (ELSA-2025-19447) |
CVE-2023-53226 |
|
Oracle Linux 8 : sssd (ELSA-2025-19610) |
CVE-2025-11561 |
|
Oracle Linux 8 : libsoup (ELSA-2025-19714) |
CVE-2025-11021 |
| Oracle Linux 8 : bind (ELSA-2025-19835) |
CVE-2025-40778 |
| Oracle Linux 8 : kernel (ELSA-2025-19931) |
CVE-2022-50367 |
|
Oracle Linux 8 : ELSA-2025-20034-0: / libtiff (ELSA-2025-200340) |
CVE-2025-8176 |
|
Oracle Linux 8 : container-tools:rhel8 (ELSA-2025-21232) |
CVE-2025-31133 |
| Oracle Linux 8 : expat (ELSA-2025-21776) |
CVE-2025-59375 |
| Oracle Linux 8 : libssh (ELSA-2025-21977) |
CVE-2025-5372 |
| Oracle Linux 8 : cups (ELSA-2025-22063) |
CVE-2025-58364 |
| Oracle Linux 8 : kernel (ELSA-2025-22388) |
CVE-2023-53513 |
| Oracle Linux 8 : kernel (ELSA-2025-22801) |
CVE-2022-50543 |
| Oracle Linux 8 : luksmeta (ELSA-2025-23086) |
CVE-2025-11568 |
| Oracle Linux 8 : binutils (ELSA-2025-23382) |
CVE-2025-11083 |
| Oracle Linux 8 : curl (ELSA-2025-23383) |
CVE-2025-9086 |
| Oracle Linux 8 : openssh (ELSA-2025-23481) |
CVE-2025-61984 |
| Oracle Linux 8 : container-tools:rhel8 (ELSA-2025-23543) |
CVE-2025-52881 |
| Oracle Linux 8 : linux-firmware (ELSA-2025-25743) |
CVE-2025-62626 |
| Oracle Linux 8 : libpng (ELSA-2026-0241) |
CVE-2025-64720 |
| Oracle Linux 8 : openssl (ELSA-2026-0337) |
CVE-2025-9230 |
| Oracle Linux 8 : libsoup (ELSA-2026-0421) |
CVE-2025-14523 |
| Oracle Linux 8 : kernel (ELSA-2026-0444) |
CVE-2025-39993 |
| Oracle Linux 8 : cups (ELSA-2026-0596) |
CVE-2025-58436 |
| Oracle Linux 8 : gnupg2 (ELSA-2026-0728) |
CVE-2025-68973 |
| Oracle Linux 8 : net-snmp (ELSA-2026-0750) |
CVE-2025-68615 |
| Oracle Linux 8 : container-tools:rhel8 (ELSA-2026-0753) |
CVE-2025-47913 |