Red Hat

650 tracked vulnerabilities.

CVE-2025-11537 MEDIUM
Keycloak Quarkus Server < 26.6.0 - Sensitive Header Exposure in Verbose Log Format
Feb 10, 2026
CVSS 5.0
EPSS 0.00
CVE-2025-14778 MEDIUM
Keycloak < 26.2.13 - Incorrect Privilege Assignment in UserManagedPermissionService
Feb 09, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-14831 MEDIUM
GnuTLS - Denial of Service
Feb 09, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-13881 LOW
Keycloak Services 26.5.0-26.5.1 - Unauthorized Sensitive Attribute Disclosure via UnmanagedAttributes Endpoint
Feb 02, 2026
CVSS 2.7
EPSS 0.00
CVE-2025-9820 MEDIUM
GnuTLS - Buffer Overflow
Jan 26, 2026
CVSS 4.0
EPSS 0.00
CVE-2025-9615 LOW
Red Hat Enterprise Linux 6-10 and OpenShift Container Platform 4 - Unauthorized File Access via NetworkManager
Jan 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-14969 MEDIUM
hibernate-reactive-core < 4.2.1 - Denial of Service via Premature HTTP Connection Closure
Jan 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-14525 MEDIUM
kubevirt - Denial of Service via Excessive Network Interface Reporting
Jan 26, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-14459 HIGH
KubeVirt CDI - Privilege Escalation
Jan 26, 2026
CVSS 8.5
EPSS 0.00
CVE-2025-11065 MEDIUM
github.com/go-viper/mapstructure/v2 - Info Disclosure
Jan 26, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-14083 LOW
Keycloak - Improper Access Control in Admin REST API
Jan 21, 2026
CVSS 2.7
EPSS 0.00
CVE-2025-14559 MEDIUM
Keycloak Services 26.5.0-26.5.1 - Unauthorized Token Issuance via Token Exchange Flow
Jan 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-14242 MEDIUM
Red Hat Enterprise Linux vsftpd - Denial of Service via Integer Overflow in STAT Command Parameter Parsing
Jan 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-12548 CRITICAL
Eclipse Che che-machine-exec - Unauthenticated Remote Command Execution
Jan 13, 2026
CVSS 9.0
EPSS 0.41
CVE-2025-14025 HIGH
Ansible Automation Platform - Privilege Escalation
Jan 08, 2026
CVSS 8.5
EPSS 0.00
CVE-2025-12543 CRITICAL
Undertow HTTP Server - Malformed Host Header Cache Poisoning
Jan 07, 2026
CVSS 9.6
EPSS 0.00
CVE-2025-11419 HIGH
Keycloak < 26.0.16 - Unauthenticated Denial of Service via TLS 1.2 Client-Initiated Renegotiation
Dec 23, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-14946 MEDIUM
libnbd Crafted URI - SSH Argument Injection Code Execution
Dec 19, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-14443 MEDIUM
OpenShift API Server Image References - Server-Side Request Forgery
Dec 16, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-14777 MEDIUM
Red Hat Build of Keycloak - Admin API Insecure Direct Object Reference
Dec 16, 2025
CVSS 6.0
EPSS 0.00
CVE-2025-11393 HIGH
Runtimes-Inventory-Rhel8-Operator - Privilege Escalation
Dec 15, 2025
CVSS 8.7
EPSS 0.00
CVE-2025-13888 CRITICAL
Red Hat OpenShift GitOps < 1.16.2 - Authenticated Privilege Escalation via ArgoCD Custom Resource Injection
Dec 15, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-14523 HIGH
Red Hat Enterprise Linux - HTTP Request Smuggling via Duplicate Host Header Handling
Dec 11, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-14512 MEDIUM
glib < 2.86.3 - Heap Buffer Overflow and Denial of Service via GIO escape_byte_string() Integer Overflow
Dec 11, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-14087 MEDIUM
GLib < 2.86.3 - Heap Corruption via GVariant Parser Buffer Underflow
Dec 10, 2025
CVSS 5.6
EPSS 0.00
Products
Red Hat Enterprise Linux 9 370 Red Hat Enterprise Linux 8 363 Red Hat Enterprise Linux 10 309 Red Hat Enterprise Linux 7 286 Red Hat Enterprise Linux 6 279 Red Hat OpenShift Container Platform 4 147 Red Hat Enterprise Linux 9.4 Extended Update Support 104 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 91 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 88 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 83 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 83 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 82 Red Hat Enterprise Linux 8.2 Advanced Update Support 81 Red Hat Enterprise Linux 7 Extended Lifecycle Support 65 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 64 Red Hat Hardened Images 62 Red Hat Enterprise Linux 9.2 Extended Update Support 60 Red Hat Build of Keycloak 59 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat Enterprise Linux 8.8 Extended Update Support 53 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 52 Red Hat JBoss Enterprise Application Platform Expansion Pack 50 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 49 Red Hat Single Sign-On 7 48 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 46 Red Hat build of Keycloak 26.4 41 Red Hat Enterprise Linux 8.4 Telecommunications Update Service 38 Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions 38 Red Hat OpenShift Container Platform 4.14 37 Red Hat OpenShift Container Platform 4.16 37
Quick Filters
Critical CVEs With Exploits In CISA KEV