The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. OpenNebula Community Edition (CE) before 7.0.0 and Enterprise Edition (EE) before 6.10.3 have a critical FireEdge race condition that can lead to full account takeover. By exploiting this, an unauthenticated attacker can obtain a valid JSON Web Token (JWT) belonging to a legitimate user without knowledge of their credentials. (CVE-2025-54955) Note that Nessus relies on the presence of the package as reported by the vendor. File data…Read More