Red Hat
917 tracked vulnerabilities.
CVE-2026-6494
MEDIUM
Aap-mcp-server: aap mcp server: log injection allows social engineering attacks via unsanitized input
Apr 17, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-6388
CRITICAL
Argocd-image-updater: argocd image updater: cross-namespace privilege escalation via insufficient namespace validation
Apr 15, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-6385
MEDIUM
Ffmpeg: ffmpeg: denial of service and potential arbitrary code execution via signed integer overflow in dvd subtitle parser
Apr 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6384
HIGH
Gimp: gimp: arbitrary code execution or denial of service via buffer overflow in gif image processing
Apr 15, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-40919
MEDIUM
Gimp: gimp: denial of service via specially crafted seattle filmworks file
Apr 15, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-40918
MEDIUM
Gimp: gimp: denial of service via crafted pvr image file
Apr 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-40917
MEDIUM
Gimp: gimp: application crashes or information disclosure via crafted icns image files
Apr 15, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-40916
MEDIUM
Gimp: gimp: denial of service due to stack buffer overflow in tim image loader
Apr 15, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-40915
MEDIUM
Gimp: gimp: heap buffer overflow due to integer overflow in fits image loader
Apr 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-6383
MEDIUM
Kubevirt: kubevirt: unauthorized subresource access due to improper rbac evaluation
Apr 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-6245
MEDIUM
Sssd: out-of-bounds read in the sssd
Apr 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-37980
MEDIUM
Org.keycloak.forms.login: keycloak: keycloak: arbitrary code execution via stored cross-site scripting (xss) in organization selection login page
Apr 14, 2026
CVSS 6.9
EPSS 0.00
CVE-2026-5483
HIGH
Odh-dashboard: odh dashboard kubernetes service account exposure
Apr 10, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-1584
HIGH
Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder
Apr 09, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-4878
MEDIUM
Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()
Apr 09, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-32591
MEDIUM
Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration
Apr 08, 2026
CVSS 5.2
EPSS 0.00
CVE-2026-32590
HIGH
Mirror-registry: remote code execution using pickle deserialization
Apr 08, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-32589
HIGH
Mirror-registry: quay: insecure direct object reference in blobupload
Apr 08, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-2377
MEDIUM
Mirror-registry: quay: quay: server-side request forgery via log export functionality
Apr 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4631
CRITICAL
NUCLEI
Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection
Apr 07, 2026
CVSS 9.8
EPSS 0.14
CVE-2026-5745
MEDIUM
Libarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive
Apr 07, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-4740
HIGH
Rhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validation
Apr 07, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-5704
MEDIUM
Tar: tar: hidden file injection via crafted archives
Apr 06, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-5673
MEDIUM
Libtheora: libtheora: denial of service or information disclosure via malformed avi file processing
Apr 06, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-37977
LOW
Keycloak: org.keycloak.protocol.oidc.grants.ciba: keycloak: information disclosure via cors header injection due to unvalidated jwt azp claim
Apr 06, 2026
CVSS 3.7
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539
Red Hat Enterprise Linux 8 537
Red Hat Enterprise Linux 10 455
Red Hat Enterprise Linux 7 448
Red Hat Enterprise Linux 6 408
Red Hat OpenShift Container Platform 4 209
Red Hat In-Vehicle Operating System 1 195
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127
Red Hat Enterprise Linux 9.4 Extended Update Support 116
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95
Red Hat Hardened Images 95
Red Hat Enterprise Linux 7 Extended Lifecycle Support 94
Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92
Red Hat Enterprise Linux 8.2 Advanced Update Support 89
Red Hat Build of Keycloak 87
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83
Red Hat Enterprise Linux 9.6 Extended Update Support 70
Red Hat Enterprise Linux 10.0 Extended Update Support 68
Red Hat Enterprise Linux 9.2 Extended Update Support 67
Red Hat build of Keycloak 26.4 64
Red Hat Enterprise Linux 8.8 Extended Update Support 60
Red Hat JBoss Enterprise Application Platform 8 58
Red Hat JBoss Enterprise Application Platform Expansion Pack 58
Red Hat Single Sign-On 7 53
Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45
Quick Filters