Red Hat
917 tracked vulnerabilities.
CVE-2026-9149
MEDIUM
Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file
May 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9150
MEDIUM
Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums
May 20, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9087
MEDIUM
Keycloak: cross-session email verification proof not bound to upstream identity in first-broker-login
May 20, 2026
CVSS 6.4
EPSS 0.00
CVE-2026-9064
HIGH
Red Hat Directory Server - LDAP Controls Denial of Service
May 20, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-7571
HIGH
Keycloak: keycloak: access token disclosure and implicit flow bypass via forged client data
May 19, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-7507
HIGH
Org.keycloak/keycloak-services: session fixation in oidc login flow that can lead to account takeover
May 19, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-7504
HIGH
Org.keycloak/keycloak-services: open redirect when using wildcard valid redirect uris in keycloak
May 19, 2026
CVSS 8.1
EPSS 0.01
CVE-2026-7307
HIGH
Keycloak: keycloak: denial of service via specially crafted saml input
May 19, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-4630
MEDIUM
Keycloak: keycloak: unauthorized resource access and data modification via insecure direct object reference
May 19, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-37982
MEDIUM
Keycloak: org.keycloak.authentication: keycloak: unauthorized account takeover via webauthn token replay
May 19, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-37981
MEDIUM
Keycloak: org.keycloak.authorization: keycloak: information disclosure via broken access control in user lookup endpoint
May 19, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-37979
MEDIUM
Keycloak: keycloak: information disclosure via oidc token introspection endpoint audience bypass
May 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-37978
MEDIUM
Keycloak: org.keycloak.services: keycloak: information disclosure via evaluate-scopes admin api
May 19, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-8922
MEDIUM
Org.keycloak/keycloak-services: keycloak: org.keycloak.protocol.oidc: security flaw in org.keycloak/keycloak-services
May 19, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-8830
MEDIUM
Keycloak: org.keycloak/keycloak-services: keycloak: policy bypass during webauthn credential registration via client-side javascript manipulation
May 19, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-42009
HIGH
Gnutls: gnutls: denial of service via dtls packet reordering vulnerability
May 18, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-4802
HIGH
Cockpit: cockpit: arbitrary command execution via crafted links in system logs ui
May 11, 2026
CVSS 8.0
EPSS 0.01
CVE-2026-42011
HIGH
Gnutls: gnutls: security bypass due to incorrect name constraint handling
May 07, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-42010
HIGH
Gnutls: gnutls: authentication bypass via nul character in username
May 07, 2026
CVSS 7.1
EPSS 0.01
CVE-2026-6420
MEDIUM
Keylime: keylime: security bypass due to hardcoded tpm quote nonce
May 06, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-34956
MEDIUM
Openvswitch: open vswitch: denial of service via malformed ftp epasv command
May 05, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-34002
MEDIUM
X.Org X Server Xwayland - XKB Modifier Map Out-of-Bounds Read
May 05, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-34000
MEDIUM
X.Org X Server Xwayland - XKB Geometry Out-of-Bounds Read
May 05, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-6266
HIGH
Aap-controller: aap-gateway: account hijacking and unauthorized access via unverified email linking
May 04, 2026
CVSS 8.3
EPSS 0.00
CVE-2026-33846
HIGH
Gnutls: gnutls: denial of service via heap buffer overflow in dtls handshake fragment reassembly
May 04, 2026
CVSS 7.5
EPSS 0.01
Products
Red Hat Enterprise Linux 9 539
Red Hat Enterprise Linux 8 537
Red Hat Enterprise Linux 10 455
Red Hat Enterprise Linux 7 448
Red Hat Enterprise Linux 6 408
Red Hat OpenShift Container Platform 4 209
Red Hat In-Vehicle Operating System 1 195
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127
Red Hat Enterprise Linux 9.4 Extended Update Support 116
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95
Red Hat Hardened Images 95
Red Hat Enterprise Linux 7 Extended Lifecycle Support 94
Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93
Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92
Red Hat Enterprise Linux 8.2 Advanced Update Support 89
Red Hat Build of Keycloak 87
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83
Red Hat Enterprise Linux 9.6 Extended Update Support 70
Red Hat Enterprise Linux 10.0 Extended Update Support 68
Red Hat Enterprise Linux 9.2 Extended Update Support 67
Red Hat build of Keycloak 26.4 64
Red Hat Enterprise Linux 8.8 Extended Update Support 60
Red Hat JBoss Enterprise Application Platform 8 58
Red Hat JBoss Enterprise Application Platform Expansion Pack 58
Red Hat Single Sign-On 7 53
Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45
Quick Filters