Red Hat

917 tracked vulnerabilities.

CVE-2026-9804 HIGH
Kubevirt: kubevirt: vmexport directory symlink escape enables exporter pod file read
May 28, 2026
CVSS 7.7
EPSS 0.01
CVE-2026-4408 CRITICAL
Samba: remote code execution in samr
May 28, 2026
CVSS 9.0
EPSS 0.03
CVE-2026-44604 HIGH
Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command
May 28, 2026
CVSS 7.0
EPSS 0.01
CVE-2026-9803 MEDIUM
Keycloak: keycloak: denial of service via malformed authorization header
May 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-9802 MEDIUM
Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart
May 28, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-9801 MEDIUM
Keycloak: keycloak: denial of service via malformed ldap password policy response
May 28, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-9798 MEDIUM
Keycloak: keycloak: brute-force protection bypass in ciba flow
May 28, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-9796 MEDIUM
Keycloak: keycloak: privilege escalation via time-of-check to time-of-use (toctou) vulnerability
May 28, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9795 HIGH
Keycloak: keycloak: privilege escalation via improper scope mapping enforcement
May 28, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-9794 MEDIUM
Keycloak: keycloak: information disclosure via saml ecp endpoint
May 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-9793 MEDIUM
Keycloak: keycloak: security policy bypass in jwe-encrypted request object processing
May 28, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-9792 MEDIUM
Keycloak: keycloak: security restriction bypass allows unauthorized ropc token acquisition
May 28, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9791 MEDIUM
Keycloak-rhel9: organization data leak after feature disabled in keycloak
May 28, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-9704 MEDIUM
Keycloak: keycloak: privilege escalation due to oversized subject_token jwt
May 27, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-2340 MEDIUM
Samba: vfs_worm does not block directory modification
May 27, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-1933 HIGH
Samba: missing access check on reparse point operations
May 27, 2026
CVSS 7.1
EPSS 0.01
CVE-2026-9689 MEDIUM
Keycloak: org.keycloak.protocol.oidc: http parameter pollution in oidc redirect uri allows response parameter duplication - #ghi-604
May 27, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-3012 HIGH
Samba: group policy certificate enrollment uses http:// without validation
May 27, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-5260 HIGH
Gnutls: gnutls: information disclosure via heap overread in rsa key exchange
May 26, 2026
CVSS 8.2
EPSS 0.01
CVE-2026-42015 MEDIUM
Gnutls: gnutls: memory corruption due to off-by-one error in pkcs#12 bag handling
May 26, 2026
CVSS 5.3
EPSS 0.01
CVE-2026-42013 HIGH
Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name
May 26, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-42012 HIGH
Gnutls: gnutls: certificate validation bypass due to improper handling of uri and srv sans
May 26, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-48864 HIGH
Libsolv: heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data
May 26, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-4480 CRITICAL NUCLEI
Samba: samba: remote code execution in printing subsystem via unescaped job description
May 26, 2026
CVSS 9.0
EPSS 0.13
CVE-2026-7374 CRITICAL
Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability
May 26, 2026
CVSS 9.9
EPSS 0.01
Products
Red Hat Enterprise Linux 9 539 Red Hat Enterprise Linux 8 537 Red Hat Enterprise Linux 10 455 Red Hat Enterprise Linux 7 448 Red Hat Enterprise Linux 6 408 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45