Red Hat

917 tracked vulnerabilities.

CVE-2026-50262 MEDIUM
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: out-of-bounds read/write in glx changedrawableattributes
Jun 05, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-50261 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in syncchangecounter()
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50260 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in freecounter()
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50259 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb setmap request via mapwidths indexing
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50258 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb key types due to unchecked shift levels
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50257 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in misyncdestroyfence()
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50256 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libxfont2 name length mismatch
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-11332 HIGH
Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-9088 LOW
Keycloak: keycloak: information disclosure due to user profile permission bypass
Jun 05, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-10843 HIGH
Cloud-credential-operator: cco mint-mode credentialsrequest manifests grant account-wide iam access beyond cluster scope on aws
Jun 04, 2026
CVSS 7.2
EPSS 0.00
CVE-2026-10840 HIGH
OpenShift Pipelines Operator - Authenticated Resource Write Access
Jun 04, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-10805 MEDIUM
Networkmanager: networkmanager: local privilege escalation via malformed mud urls in dhclient backend
Jun 04, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-1784 HIGH
Ose-cluster-ingress-operator: remote code execution through haproxy configuration injection
Jun 02, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-5419 LOW
gnutls - Observable Timing Discrepancy in PKCS#7 Padding Check
Jun 01, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-43958 HIGH
rrdtool rrdcached - Stack-based Buffer Overflow via Oversized CREATE Request
Jun 01, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-10118 HIGH
Poppler: integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplication
Jun 01, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-10533 MEDIUM
Red Hat OpenShift - ResourceQuota Bypass Event Flood Denial of Service
Jun 01, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-10517 MEDIUM
Clair: clair: unauthenticated ssrf via manifest layer uri enables internal network reconnaissance
Jun 01, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-10101 MEDIUM
Assisted-service: assisted-service: infraenv status leaks referenced pull-secret contents to namespace view users
May 29, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-46579 HIGH
Openshift/router: openshift/router: mtls client certificate spoofing via unstripped x-ssl-client headers on http frontend
May 29, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-42965 HIGH
Openshift/router: openshift/router: cloud metadata ssrf via fqdn-typed endpointslice bypasses destination validation
May 29, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-10078 LOW
Quay/config-tool: quay/config-tool: gitlab oauth client_secret exposed in url querystring
May 29, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-10052 MEDIUM
Quay/config-tool: quay/config-tool: ssrf via unfiltered ldap and smtp config validation endpoints
May 29, 2026
CVSS 4.1
EPSS 0.00
CVE-2026-6324 MEDIUM
Libsoup: libsoup: http request smuggling via unsigned to signed conversion error
May 29, 2026
CVSS 4.8
EPSS 0.01
CVE-2026-10028 MEDIUM
glib-networking GnuTLS Backend - Certificate Chain Denial of Service
May 28, 2026
CVSS 4.3
EPSS 0.00
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 455 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45