Red Hat

917 tracked vulnerabilities.

CVE-2026-14614 MEDIUM
Keycloak-services: keycloak-services: fgap v2 client scope assignment bypass via clientresource
Jul 03, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-14613 MEDIUM
Keycloak-services: keycloak-services: keycloak: fgap v2 role groups endpoint discloses hidden group metadata without group view permission
Jul 03, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-14612 MEDIUM
FreeIPA ipa-otpd OAuth2 Device Authorization - Denial of Service
Jul 03, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-14544 CRITICAL
HPLIP hpcups - Integer Overflow Remote Code Execution
Jul 03, 2026
CVSS 9.8
EPSS 0.01
CVE-2026-58381 MEDIUM
Gimp: gimp: double-free in read_layer_block()
Jul 02, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-5142 MEDIUM
Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-5138 MEDIUM
Foreman: foreman: information disclosure via improper validation of nested request parameters
Jul 01, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-5135 MEDIUM
Foreman: foreman: unauthorized modification of host configurations via broken access control
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-23537 CRITICAL
Feast: unauthenticated arbitrary file write
Jul 01, 2026
CVSS 9.1
EPSS 0.01
CVE-2026-14330 MEDIUM
Pipewire: pulse server alloca stack overflow
Jul 01, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-14324 MEDIUM
Pipewire: raop rtsp null deref
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-5136 HIGH
Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation
Jul 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-14258 MEDIUM
Dhcpcd: dhcpcd infinite loop and out-of-bounds read via zero-length ipv6 nd option in router advertisement handling
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58016 HIGH
Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"
Jun 30, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-58015 MEDIUM
Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive
Jun 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-58014 HIGH
Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"
Jun 30, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-58013 MEDIUM
Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58012 MEDIUM
Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58011 MEDIUM
Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58010 MEDIUM
Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4629 MEDIUM
Keycloak: keycloak: privilege escalation through hardcoded role mapper injection
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-14209 MEDIUM
Keycloak-admin-ui: keycloak-admin-ui: keycloak: admin ui extension brute-force-user endpoint bypasses fgapv2 user view restrictions
Jun 30, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-12388 MEDIUM
Keycloak-broker: keycloak: privilege escalation to realm administrator via improper authorization in identity provider mapper
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-13316 MEDIUM
Foreman: ssrf to cloud metada service through unvalidated test_url parameters in foreman config
Jun 30, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-12610 MEDIUM
Sssd: use-after-free crash in sssd' 'sssd_pam' process
Jun 30, 2026
CVSS 6.4
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 455 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45