Red Hat
919 tracked vulnerabilities.
CVE-2026-5673
MEDIUM
Libtheora: libtheora: denial of service or information disclosure via malformed avi file processing
Apr 06, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-37977
LOW
Keycloak: org.keycloak.protocol.oidc.grants.ciba: keycloak: information disclosure via cors header injection due to unvalidated jwt azp claim
Apr 06, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-3184
LOW
Util-linux: util-linux: access control bypass due to improper hostname canonicalization
Apr 03, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-2625
MEDIUM
Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification
Apr 03, 2026
CVSS 4.0
EPSS 0.00
CVE-2026-4636
HIGH
Keycloak UMA Policy - Unauthorized Resource Access
Apr 02, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-4634
HIGH
Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters
Apr 02, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-4325
MEDIUM
Keycloak: keycloak: replay of action tokens via improper handling of single-use entries
Apr 02, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-4282
HIGH
Keycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flaw
Apr 02, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-3872
HIGH
Red Hat Keycloak 26.2 and 26.4 - redirect_uri Access Token Disclosure
Apr 02, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-35094
LOW
Libinput: libinput: information disclosure via dangling pointer in lua plugin handling
Apr 01, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-35093
HIGH
Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins
Apr 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-35092
HIGH
Corosync: corosync: denial of service via integer overflow in join message validation
Apr 01, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-35091
HIGH
Corosync: corosync: denial of service and information disclosure via crafted udp packet
Apr 01, 2026
CVSS 8.2
EPSS 0.01
CVE-2026-5201
HIGH
Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image
Mar 31, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-5165
MEDIUM
Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset
Mar 30, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-5164
MEDIUM
Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request
Mar 30, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-5121
HIGH
Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing
Mar 30, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-5119
MEDIUM
Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment
Mar 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-28369
HIGH
Undertow: undertow: request smuggling via malformed http request headers
Mar 27, 2026
CVSS 8.7
EPSS 0.01
CVE-2026-28368
HIGH
Undertow: undertow: request smuggling via inconsistent header parsing
Mar 27, 2026
CVSS 8.7
EPSS 0.01
CVE-2026-28367
HIGH
Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator
Mar 27, 2026
CVSS 8.7
EPSS 0.01
CVE-2026-4948
MEDIUM
Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization
Mar 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-2272
MEDIUM
Gimp: gimp: memory corruption due to integer overflow in ico file handling
Mar 26, 2026
CVSS 4.3
EPSS 0.01
CVE-2026-2271
LOW
Gimp: gimp: denial of service via crafted psp image file
Mar 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-2239
LOW
Gimp: gimp: application crash (dos) via crafted psd file due to heap-buffer-overflow
Mar 26, 2026
CVSS 2.8
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539
Red Hat Enterprise Linux 8 537
Red Hat Enterprise Linux 10 456
Red Hat Enterprise Linux 7 448
Red Hat Enterprise Linux 6 408
Red Hat OpenShift Container Platform 4 209
Red Hat In-Vehicle Operating System 1 195
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127
Red Hat Enterprise Linux 9.4 Extended Update Support 116
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95
Red Hat Hardened Images 95
Red Hat Enterprise Linux 7 Extended Lifecycle Support 94
Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92
Red Hat Enterprise Linux 8.2 Advanced Update Support 89
Red Hat Build of Keycloak 87
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83
Red Hat Enterprise Linux 9.6 Extended Update Support 70
Red Hat Enterprise Linux 10.0 Extended Update Support 68
Red Hat Enterprise Linux 9.2 Extended Update Support 67
Red Hat build of Keycloak 26.4 64
Red Hat Enterprise Linux 8.8 Extended Update Support 60
Red Hat JBoss Enterprise Application Platform 8 58
Red Hat JBoss Enterprise Application Platform Expansion Pack 58
Red Hat Single Sign-On 7 53
Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45
Quick Filters