Red Hat

650 tracked vulnerabilities.

CVE-2026-6494 MEDIUM
Aap-mcp-server: aap mcp server: log injection allows social engineering attacks via unsanitized input
Apr 17, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-6388 CRITICAL
Argocd-image-updater: argocd image updater: cross-namespace privilege escalation via insufficient namespace validation
Apr 15, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-6385 MEDIUM
Ffmpeg: ffmpeg: denial of service and potential arbitrary code execution via signed integer overflow in dvd subtitle parser
Apr 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6384 HIGH
Gimp: gimp: arbitrary code execution or denial of service via buffer overflow in gif image processing
Apr 15, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-40919 MEDIUM
Gimp: gimp: denial of service via specially crafted seattle filmworks file
Apr 15, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-40918 MEDIUM
Gimp: gimp: denial of service via crafted pvr image file
Apr 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-40917 MEDIUM
Gimp: gimp: application crashes or information disclosure via crafted icns image files
Apr 15, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-40916 MEDIUM
Gimp: gimp: denial of service due to stack buffer overflow in tim image loader
Apr 15, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-40915 MEDIUM
Gimp: gimp: heap buffer overflow due to integer overflow in fits image loader
Apr 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-6383 MEDIUM
Kubevirt: kubevirt: unauthorized subresource access due to improper rbac evaluation
Apr 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-6245 MEDIUM
Sssd: out-of-bounds read in the sssd
Apr 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-37980 MEDIUM
Org.keycloak.forms.login: keycloak: keycloak: arbitrary code execution via stored cross-site scripting (xss) in organization selection login page
Apr 14, 2026
CVSS 6.9
EPSS 0.00
CVE-2026-5483 HIGH
Odh-dashboard: odh dashboard kubernetes service account exposure
Apr 10, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-1584 HIGH
Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder
Apr 09, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4878 MEDIUM
Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()
Apr 09, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-32591 MEDIUM
Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration
Apr 08, 2026
CVSS 5.2
EPSS 0.00
CVE-2026-32590 HIGH
Mirror-registry: remote code execution using pickle deserialization
Apr 08, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-32589 HIGH
Mirror-registry: quay: insecure direct object reference in blobupload
Apr 08, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-2377 MEDIUM
Mirror-registry: quay: quay: server-side request forgery via log export functionality
Apr 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4631 CRITICAL NUCLEI
Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection
Apr 07, 2026
CVSS 9.8
EPSS 0.30
CVE-2026-5745 MEDIUM
Libarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive
Apr 07, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-4740 HIGH
Rhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validation
Apr 07, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-5704 MEDIUM
Tar: tar: hidden file injection via crafted archives
Apr 06, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-5673 MEDIUM
Libtheora: libtheora: denial of service or information disclosure via malformed avi file processing
Apr 06, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-37977 LOW
Keycloak: org.keycloak.protocol.oidc.grants.ciba: keycloak: information disclosure via cors header injection due to unvalidated jwt azp claim
Apr 06, 2026
CVSS 3.7
EPSS 0.00
Products
Red Hat Enterprise Linux 9 370 Red Hat Enterprise Linux 8 363 Red Hat Enterprise Linux 10 309 Red Hat Enterprise Linux 7 286 Red Hat Enterprise Linux 6 279 Red Hat OpenShift Container Platform 4 147 Red Hat Enterprise Linux 9.4 Extended Update Support 104 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 91 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 88 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 83 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 83 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 82 Red Hat Enterprise Linux 8.2 Advanced Update Support 81 Red Hat Enterprise Linux 7 Extended Lifecycle Support 65 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 64 Red Hat Hardened Images 62 Red Hat Enterprise Linux 9.2 Extended Update Support 60 Red Hat Build of Keycloak 59 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat Enterprise Linux 8.8 Extended Update Support 53 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 52 Red Hat JBoss Enterprise Application Platform Expansion Pack 50 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 49 Red Hat Single Sign-On 7 48 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 46 Red Hat build of Keycloak 26.4 41 Red Hat Enterprise Linux 8.4 Telecommunications Update Service 38 Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions 38 Red Hat OpenShift Container Platform 4.14 37 Red Hat OpenShift Container Platform 4.16 37
Quick Filters
Critical CVEs With Exploits In CISA KEV