Red Hat
917 tracked vulnerabilities.
CVE-2026-15584
HIGH
Pen Drive Powered BY Red Hat Lightspeed - Privilege Escalation
Jul 13, 2026
CVSS 7.5
CVE-2026-62147
MEDIUM
Tempo-operator: tempo operator: query rbac bypass
Jul 13, 2026
CVSS 6.5
CVE-2026-15574
HIGH
Vllm-orchestrator-gateway: vllm-orchestrator-gateway: authorization header and full chat payloads logged at hard-coded debug default
Jul 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-15143
CRITICAL
Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)
Jul 10, 2026
CVSS 9.3
EPSS 0.00
CVE-2026-15378
CRITICAL
Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)
Jul 10, 2026
CVSS 9.3
EPSS 0.00
CVE-2026-15028
LOW
Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header
Jul 10, 2026
CVSS 3.9
EPSS 0.00
CVE-2026-59692
HIGH
Gstreamer: gstreamer: dtls certificate subject dn stack buffer overflow in openssl_verify_callback
Jul 09, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-59691
HIGH
Gstreamer: gstreamer: rfbsrc/librfb hextile heap out-of-bounds write with 16bpp framebuffer
Jul 09, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-15154
MEDIUM
Guardrails-detectors: guardrails-detectors: unauthenticated regular-expression denial of service (redos) via detector_params.regex
Jul 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-15063
MEDIUM
Trustyai-service-operator: trustyai service operator: gorch port bypass when auth is enabled
Jul 08, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-15044
MEDIUM
Trustyai-service-operator: trustyai service operator: unauthenticated access to ai guardrails and orchestrator apis
Jul 08, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-15041
LOW
389-ds-base: 389-ds-base: non-constant-time comparison in pbkdf2-sha256 password verification
Jul 08, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-14969
MEDIUM
389-ds-base: 389-ds-base: static initialization vector in aes-cbc/3des-cbc attribute encryption
Jul 07, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-14935
LOW
Gstreamer: gstreamer: webrtcbin accepts remote sdp without a=fingerprint due to inverted presence check
Jul 07, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-14940
MEDIUM
389-ds-base: 389-ds-base: heap-buffer-overflow in dn normalization via quoted multivalued rdn
Jul 07, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-14476
HIGH
Sssd: sssd: gpo cache path traversal via unsanitized gpcfilesyspath allows kerberos authentication bypass
Jul 07, 2026
CVSS 8.0
EPSS 0.01
CVE-2026-14474
HIGH
Sssd: sssd: sudo ldap provider searches entire directory tree for sudorole objects by default, enabling privilege escalation
Jul 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-11610
HIGH
389-ds-base: 389-ds-base: heap buffer overflow in sasl_io_recv() via padded sasl unbind
Jul 07, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-58384
HIGH
Gimp: gimp: integer overflow in read_rle_channel()
Jul 07, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-59089
MEDIUM
Gimp: gimp: denial of service via integer overflow in playstation tim loader
Jul 06, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-58380
HIGH
Gimp: gimp: stack buffer overflow in pnmscanner_gettoken()
Jul 06, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-9165
HIGH
Stackrox: stackrox: unbounded graphql query depth allows authenticated denial of service
Jul 06, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-14781
MEDIUM
Keycloak-services: keycloak-services: oidc email_verified claim incorrectly applied to userinfo email
Jul 05, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-58379
HIGH
Gimp: gimp: heap buffer overflow in read_channel_data()
Jul 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-14615
MEDIUM
Keycloak-services: keycloak: fgap v2 parent group children endpoint bypasses per-child view permission filter
Jul 03, 2026
CVSS 4.3
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539
Red Hat Enterprise Linux 8 537
Red Hat Enterprise Linux 10 455
Red Hat Enterprise Linux 7 448
Red Hat Enterprise Linux 6 408
Red Hat OpenShift Container Platform 4 209
Red Hat In-Vehicle Operating System 1 195
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127
Red Hat Enterprise Linux 9.4 Extended Update Support 116
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95
Red Hat Hardened Images 95
Red Hat Enterprise Linux 7 Extended Lifecycle Support 94
Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92
Red Hat Enterprise Linux 8.2 Advanced Update Support 89
Red Hat Build of Keycloak 87
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83
Red Hat Enterprise Linux 9.6 Extended Update Support 70
Red Hat Enterprise Linux 10.0 Extended Update Support 68
Red Hat Enterprise Linux 9.2 Extended Update Support 67
Red Hat build of Keycloak 26.4 64
Red Hat Enterprise Linux 8.8 Extended Update Support 60
Red Hat JBoss Enterprise Application Platform 8 58
Red Hat JBoss Enterprise Application Platform Expansion Pack 58
Red Hat Single Sign-On 7 53
Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45
Quick Filters