Red Hat

917 tracked vulnerabilities.

CVE-2026-13201 HIGH
OpenShift Virtualization KubeVirt safepath - Host File Metadata Modification
Jun 24, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-9073 MEDIUM
Foreman-mcp-server: mcp server: insecure sensitive http header sanitization
Jun 23, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-12892 MEDIUM
GStreamer gst-plugins-bad H.264 Parser - Out-of-Bounds Read
Jun 23, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-12891 MEDIUM
GStreamer gst-plugins-bad H.266 Parser - Out-of-Bounds Read
Jun 23, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-12112 HIGH
Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse
Jun 23, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-11820 MEDIUM
Ansible community.general nexmo - API Credentials Exposed in GET URL
Jun 23, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-11819 MEDIUM
Community.general: community.general keyring_info — os keyring passphrase returned in plaintext
Jun 23, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-11807 CRITICAL
Eda-server: websocket missing authorization allows credential theft via activation_id spoofing
Jun 23, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-12969 MEDIUM
Dnsmasq: dnsmasq: out-of-bounds read in find_soa() due to missing extrabytes validation
Jun 23, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-10609 MEDIUM
Openshift/cluster-logging-operator: cluster logging operator creates and forwards serviceaccount tokens without verifying clf creator authorization
Jun 23, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-55655 MEDIUM
Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions
Jun 23, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-55654 LOW
Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination
Jun 23, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-55653 MEDIUM
Red Hat Enterprise Linux OpenSSH DH-GEX Client - Double Free Denial of Service
Jun 23, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-12725 MEDIUM
Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies
Jun 22, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-12549 MEDIUM
libsoup SoupServer - Range Suffix Overflow Regression
Jun 22, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-54100 HIGH
Windows-machine-config-operator: windows-machine-config-operator: ssh host key not verified enables credential theft
Jun 22, 2026
CVSS 8.3
EPSS 0.00
CVE-2026-54099 HIGH
Red Hat OpenShift WMCO WICD CSR - Cluster-Admin Privilege Escalation
Jun 22, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-12726 MEDIUM
Awx: automation-controller: awx: github webhook second-order ssrf via unvalidated statuses_url exfiltrates pat credential
Jun 19, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-56211 HIGH
Libaom: libaom: remote code execution via svc layer context handling with attacker-controlled frames
Jun 19, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-56210 HIGH
Libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id
Jun 19, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-56209 HIGH
Libaom: libaom: arbitrary address write via svc layer context oob and cyclic refresh map pointer hijack
Jun 19, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-56208 HIGH
Libaom: libaom: heap buffer overflow in av1 encoder first-pass stats buffer via lap mode
Jun 19, 2026
CVSS 7.6
EPSS 0.00
CVE-2026-3196 MEDIUM
Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation
Jun 19, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-3195 HIGH
QEMU virtio-snd - Heap Buffer Overflow
Jun 19, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-12706 MEDIUM
Ffmpeg: ffmpeg: heap use-after-free read in rasc decoder decode_move()
Jun 19, 2026
CVSS 6.5
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 455 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45