Red Hat

919 tracked vulnerabilities.

CVE-2026-2092 HIGH
Keycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertions
Mar 18, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-4324 MEDIUM
Rubygem-katello: katello: denial of service and potential information disclosure via sql injection
Mar 17, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-4271 MEDIUM
Libsoup: libsoup: denial of service via use-after-free in http/2 server
Mar 17, 2026
CVSS 5.3
EPSS 0.01
CVE-2026-3634 LOW
Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header
Mar 17, 2026
CVSS 3.9
EPSS 0.00
CVE-2026-3633 LOW
Libsoup: libsoup: header and http request injection via crlf injection
Mar 17, 2026
CVSS 3.9
EPSS 0.00
CVE-2026-3632 LOW
Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames
Mar 17, 2026
CVSS 3.9
EPSS 0.00
CVE-2026-3442 MEDIUM
Red Hat Enterprise Linux 10 - Buffer Overflow
Mar 16, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-3441 MEDIUM
Binutils: gnu binutils: information disclosure via specially crafted xcoff object file
Mar 16, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-4111 HIGH
Red Hat Enterprise Linux - Denial of Service via RAR5 Archive Decompression Infinite Loop
Mar 13, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-4105 MEDIUM
Red Hat Enterprise Linux 10 - Improper Access Control via systemd-machined RegisterMachine D-Bus Method
Mar 13, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-3099 MEDIUM
Red Hat Enterprise Linux - Digest Authentication Nonce Reuse
Mar 12, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-2366 LOW
Red Hat build of Keycloak 26.4 - Authenticated Authorization Bypass in Admin API
Mar 12, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-3429 MEDIUM
Keycloak Account REST API - Privilege Escalation
Mar 11, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-3911 LOW
Keycloak - Authenticated Unauthorized User Attribute Exposure via UserResource Endpoint
Mar 11, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-3047 HIGH
Keycloak SAML Broker - Authentication Bypass via Disabled IdP-Initiated Client
Mar 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-3009 HIGH
Keycloak < 26.5.5 - Incorrect Authorization via Disabled Identity Provider Bypass
Mar 05, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-0980 HIGH
rubyipmi < 0.13.0 - Authenticated Remote Code Execution via BMC Username Injection
Feb 27, 2026
CVSS 8.3
EPSS 0.01
CVE-2026-28296 MEDIUM
GVfs FTP Backend - Command Injection
Feb 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-28295 MEDIUM
GVfs FTP Backend - Malicious FTP Server Port Scanning
Feb 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-3118 MEDIUM
Red Hat Developer Hub - Authenticated Denial of Service via Orchestrator Plugin GraphQL Query Injection
Feb 25, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-26104 MEDIUM
Red Hat Enterprise Linux - Unauthenticated LUKS Encryption Header Backup via udisks D-Bus Method
Feb 25, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-26103 HIGH
Red Hat Enterprise Linux - Unauthenticated Denial of Service via udisks LUKS Header Restoration
Feb 25, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-2243 MEDIUM
Red Hat Enterprise Linux 6-10 and OpenShift Container Platform 4 - Out-of-bounds Read via VMDK Image
Feb 19, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-2733 LOW
Keycloak - Improper Authorization via Docker v2 Authentication Endpoint
Feb 19, 2026
CVSS 3.8
EPSS 0.00
CVE-2026-0665 MEDIUM
Red Hat Enterprise Linux - Out-of-bounds Write via Xen Physdev Hypercall Interface
Feb 18, 2026
CVSS 6.5
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 456 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45