Red Hat

650 tracked vulnerabilities.

CVE-2026-3184 LOW
Util-linux: util-linux: access control bypass due to improper hostname canonicalization
Apr 03, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-2625 MEDIUM
Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification
Apr 03, 2026
CVSS 4.0
EPSS 0.00
CVE-2026-4636 HIGH
Keycloak UMA Policy - Unauthorized Resource Access
Apr 02, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-4634 HIGH
Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters
Apr 02, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4325 MEDIUM
Keycloak: keycloak: replay of action tokens via improper handling of single-use entries
Apr 02, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-4282 HIGH
Keycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flaw
Apr 02, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-3872 HIGH
Red Hat Keycloak 26.2 and 26.4 - redirect_uri Access Token Disclosure
Apr 02, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-35094 LOW
Libinput: libinput: information disclosure via dangling pointer in lua plugin handling
Apr 01, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-35093 HIGH
Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins
Apr 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-35092 HIGH
Corosync: corosync: denial of service via integer overflow in join message validation
Apr 01, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-35091 HIGH
Corosync: corosync: denial of service and information disclosure via crafted udp packet
Apr 01, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-5201 HIGH
Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image
Mar 31, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-5165 MEDIUM
Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset
Mar 30, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-5164 MEDIUM
Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request
Mar 30, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-5121 HIGH
Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing
Mar 30, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-5119 MEDIUM
Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment
Mar 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-28369 HIGH
Undertow: undertow: request smuggling via malformed http request headers
Mar 27, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-28368 HIGH
Undertow: undertow: request smuggling via inconsistent header parsing
Mar 27, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-28367 HIGH
Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator
Mar 27, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-4948 MEDIUM
Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization
Mar 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-2272 MEDIUM
Gimp: gimp: memory corruption due to integer overflow in ico file handling
Mar 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-2271 LOW
Gimp: gimp: denial of service via crafted psp image file
Mar 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-2239 LOW
Gimp: gimp: application crash (dos) via crafted psd file due to heap-buffer-overflow
Mar 26, 2026
CVSS 2.8
EPSS 0.00
CVE-2026-2100 MEDIUM
P11-kit: p11-kit: null dereference via c_derivekey with specific null parameters
Mar 26, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-0968 LOW
Libssh: libssh: denial of service due to malformed sftp message
Mar 26, 2026
CVSS 3.1
EPSS 0.00
Products
Red Hat Enterprise Linux 9 370 Red Hat Enterprise Linux 8 363 Red Hat Enterprise Linux 10 309 Red Hat Enterprise Linux 7 286 Red Hat Enterprise Linux 6 279 Red Hat OpenShift Container Platform 4 147 Red Hat Enterprise Linux 9.4 Extended Update Support 104 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 91 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 88 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 83 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 83 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 82 Red Hat Enterprise Linux 8.2 Advanced Update Support 81 Red Hat Enterprise Linux 7 Extended Lifecycle Support 65 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 64 Red Hat Hardened Images 62 Red Hat Enterprise Linux 9.2 Extended Update Support 60 Red Hat Build of Keycloak 59 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat Enterprise Linux 8.8 Extended Update Support 53 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 52 Red Hat JBoss Enterprise Application Platform Expansion Pack 50 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 49 Red Hat Single Sign-On 7 48 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 46 Red Hat build of Keycloak 26.4 41 Red Hat Enterprise Linux 8.4 Telecommunications Update Service 38 Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions 38 Red Hat OpenShift Container Platform 4.14 37 Red Hat OpenShift Container Platform 4.16 37
Quick Filters
Critical CVEs With Exploits In CISA KEV