Red Hat

917 tracked vulnerabilities.

CVE-2026-15584 HIGH
Pen Drive Powered BY Red Hat Lightspeed - Privilege Escalation
Jul 13, 2026
CVSS 7.5
CVE-2026-62147 MEDIUM
Tempo-operator: tempo operator: query rbac bypass
Jul 13, 2026
CVSS 6.5
CVE-2026-15574 HIGH
Vllm-orchestrator-gateway: vllm-orchestrator-gateway: authorization header and full chat payloads logged at hard-coded debug default
Jul 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-15143 CRITICAL
Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)
Jul 10, 2026
CVSS 9.3
EPSS 0.00
CVE-2026-15378 CRITICAL
Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)
Jul 10, 2026
CVSS 9.3
EPSS 0.00
CVE-2026-15028 LOW
Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header
Jul 10, 2026
CVSS 3.9
EPSS 0.00
CVE-2026-59692 HIGH
Gstreamer: gstreamer: dtls certificate subject dn stack buffer overflow in openssl_verify_callback
Jul 09, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-59691 HIGH
Gstreamer: gstreamer: rfbsrc/librfb hextile heap out-of-bounds write with 16bpp framebuffer
Jul 09, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-15154 MEDIUM
Guardrails-detectors: guardrails-detectors: unauthenticated regular-expression denial of service (redos) via detector_params.regex
Jul 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-15063 MEDIUM
Trustyai-service-operator: trustyai service operator: gorch port bypass when auth is enabled
Jul 08, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-15044 MEDIUM
Trustyai-service-operator: trustyai service operator: unauthenticated access to ai guardrails and orchestrator apis
Jul 08, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-15041 LOW
389-ds-base: 389-ds-base: non-constant-time comparison in pbkdf2-sha256 password verification
Jul 08, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-14969 MEDIUM
389-ds-base: 389-ds-base: static initialization vector in aes-cbc/3des-cbc attribute encryption
Jul 07, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-14935 LOW
Gstreamer: gstreamer: webrtcbin accepts remote sdp without a=fingerprint due to inverted presence check
Jul 07, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-14940 MEDIUM
389-ds-base: 389-ds-base: heap-buffer-overflow in dn normalization via quoted multivalued rdn
Jul 07, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-14476 HIGH
Sssd: sssd: gpo cache path traversal via unsanitized gpcfilesyspath allows kerberos authentication bypass
Jul 07, 2026
CVSS 8.0
EPSS 0.01
CVE-2026-14474 HIGH
Sssd: sssd: sudo ldap provider searches entire directory tree for sudorole objects by default, enabling privilege escalation
Jul 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-11610 HIGH
389-ds-base: 389-ds-base: heap buffer overflow in sasl_io_recv() via padded sasl unbind
Jul 07, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-58384 HIGH
Gimp: gimp: integer overflow in read_rle_channel()
Jul 07, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-59089 MEDIUM
Gimp: gimp: denial of service via integer overflow in playstation tim loader
Jul 06, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-58380 HIGH
Gimp: gimp: stack buffer overflow in pnmscanner_gettoken()
Jul 06, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-9165 HIGH
Stackrox: stackrox: unbounded graphql query depth allows authenticated denial of service
Jul 06, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-14781 MEDIUM
Keycloak-services: keycloak-services: oidc email_verified claim incorrectly applied to userinfo email
Jul 05, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-58379 HIGH
Gimp: gimp: heap buffer overflow in read_channel_data()
Jul 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-14615 MEDIUM
Keycloak-services: keycloak: fgap v2 parent group children endpoint bypasses per-child view permission filter
Jul 03, 2026
CVSS 4.3
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 455 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45