Red Hat

917 tracked vulnerabilities.

CVE-2026-11791 MEDIUM
389-ds-base: 389-ds-base: use-after-free in schema reload via attr_syntax_swap_ht()
Jun 18, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-12505 HIGH
Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall
Jun 18, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-12515 MEDIUM
Katello: missing repository authorization in content_uploads exposes cross-product content existence
Jun 17, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-12528 MEDIUM
389-ds-base: 389-ds-base: heap-buffer-overflows in __aclp__normalize_acltxt()
Jun 17, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-2604 MEDIUM
Evolution-data-server: evolution data server: arbitrary file deletion via inconsistent uri handling
Jun 17, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-12491 MEDIUM
Vllm: vllm: image exif rotation & png trns transparency not normalized, causing mismatch between model input and expectations
Jun 17, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-4367 MEDIUM
Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing
Jun 16, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-10649 HIGH
Pacemaker: pacemaker: denial of service via integer overflow in remote message decompression
Jun 16, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-12398 HIGH
Galaxy_ng: shell injection in legacy role import via unsanitized git ref names
Jun 16, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-42014 MEDIUM
Gnutls: fix use-after-free in gnutls_pkcs11_token_set_pin
Jun 16, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-1767 MEDIUM
GNOME localsearch MP3 Extractor - Heap Buffer Overflow
Jun 16, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-1766 MEDIUM
Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.
Jun 16, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-1765 MEDIUM
Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and potential information disclosure via crafted mp3 files
Jun 16, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-1764 MEDIUM
Localsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leads to denial of service or information disclosure when parsing mp3 files
Jun 16, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-53705 HIGH
Gstreamer1-plugins-good: gstreamer: heap buffer overflow in wavpack decoder via integer overflow
Jun 15, 2026
CVSS 7.6
EPSS 0.00
CVE-2026-53704 HIGH
Gstreamer1-plugins-ugly-free: gstreamer: out-of-bounds read in realmedia demuxer fileinfo metadata parser
Jun 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-53703 HIGH
Gstreamer1-plugins-ugly-free: gstreamer: out-of-bounds read in realmedia demuxer audio stream header parser
Jun 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-52722 HIGH
Gstreamer1-plugins-bad-free: gstreamer: signed integer overflow in vmnc decoder cursor payload handling
Jun 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-52721 MEDIUM
Gstreamer1-plugins-bad-free: gstreamer: multiple out-of-bounds reads in pcapparse ipv4/tcp header parsing
Jun 15, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-52720 HIGH
Gstreamer1-plugins-bad-free: gstreamer: heap buffer overflow via crafted vnc server rectangle in librfb
Jun 15, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-52719 HIGH
Gstreamer1-plugins-bad-free: gstreamer: out-of-bounds read via jpeg segment length validation in va decoder
Jun 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-52718 MEDIUM
Gstreamer1-plugins-bad-free: gstreamer: denial of service via av1 tile_list_obu parser byte/bit confusion
Jun 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-44188 MEDIUM
Ansible-lightspeed: ansible lightspeed: session hijacking and unauthorized data access due to insufficient session expiration
Jun 15, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-54231 MEDIUM
Abrt: unsanitized systemd journal content written to dump directory files enables content injection
Jun 13, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-54230 HIGH
Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites
Jun 13, 2026
CVSS 7.0
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 455 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45