Red Hat

919 tracked vulnerabilities.

CVE-2026-1180 MEDIUM
Keycloak - Server-Side Request Forgery via OpenID Connect Dynamic Client Registration
Jan 20, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-0992 LOW
Red Hat Enterprise Linux 6-10 - Denial of Service via XML Catalog Processing
Jan 15, 2026
CVSS 2.9
EPSS 0.00
CVE-2026-0990 MEDIUM
Red Hat Enterprise Linux 6-10 - Denial of Service via XML Catalog Delegate URI Recursion
Jan 15, 2026
CVSS 5.9
EPSS 0.01
CVE-2026-0989 LOW
Red Hat Enterprise Linux - Denial of Service via RelaxNG Parser Recursion
Jan 15, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-0976 LOW
Keycloak - Path Filter Bypass via RFC-Compliant Matrix Parameters
Jan 15, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-0716 MEDIUM
Red Hat Enterprise Linux 10 - Memory Corruption in libsoup WebSocket Frame Processing
Jan 13, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-0719 HIGH
Red Hat Enterprise Linux - Stack-based Buffer Overflow in libsoup NTLM Authentication
Jan 08, 2026
CVSS 8.6
EPSS 0.01
CVE-2026-0707 MEDIUM
Keycloak - Authorization Bypass via Non-Standard Bearer Token Parsing
Jan 08, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-12799 MEDIUM
Jastow: jastow cross-site scripting attack due to unsanitized uri
Jul 07, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-66286 MEDIUM
Webkitgtk: authorization bypass through webpage::send-request signal handler
Apr 23, 2026
CVSS 4.7
EPSS 0.00
CVE-2025-13763 MEDIUM
Libopensc: opensc: multiple uses of uninitialized variable
Apr 23, 2026
CVSS 5.7
EPSS 0.00
CVE-2025-14243 MEDIUM
Mirror-registry: openshift mirror registry: user enumeration via authentication error messages
Apr 08, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-58713 MEDIUM
Rhpam: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57854 MEDIUM
Osus-operator: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57853 MEDIUM
Web-terminal: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57851 MEDIUM
Mce: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57847 MEDIUM
Ansible-automation-platform: privilege escalation via excessive group writable /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-14821 HIGH
Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows
Apr 07, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-12805 HIGH
Llama-stack-k8s-operator: llama stack service exposed across namespaces due to missing networkpolicy
Mar 26, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-8766 MEDIUM
Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container
Mar 13, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57849 MEDIUM
Fuse: privilege escalation via excessive /etc/passwd permissions
Mar 13, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-12801 MEDIUM
nfs-utils - Privilege Escalation
Mar 04, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-10990 HIGH
REXML - Regular Expression Denial of Service via Hex Numeric Character Reference Parsing
Feb 27, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-9572 MEDIUM
Foreman 1.22.0-3.16.1 - Incorrect Authorization via GraphQL API
Feb 27, 2026
CVSS 5.0
EPSS 0.00
CVE-2025-13327 MEDIUM
uv - Code Injection
Feb 27, 2026
CVSS 6.3
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 456 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45