redhat
5,762 tracked vulnerabilities.
CVE-2026-15154
MEDIUM
Guardrails-detectors: guardrails-detectors: unauthenticated regular-expression denial of service (redos) via detector_params.regex
Jul 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-15041
LOW
389-ds-base: 389-ds-base: non-constant-time comparison in pbkdf2-sha256 password verification
Jul 08, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-14969
MEDIUM
389-ds-base: 389-ds-base: static initialization vector in aes-cbc/3des-cbc attribute encryption
Jul 07, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-14940
MEDIUM
389-ds-base: 389-ds-base: heap-buffer-overflow in dn normalization via quoted multivalued rdn
Jul 07, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-58384
HIGH
Gimp: gimp: integer overflow in read_rle_channel()
Jul 07, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-59089
MEDIUM
Gimp: gimp: denial of service via integer overflow in playstation tim loader
Jul 06, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-58380
HIGH
Gimp: gimp: stack buffer overflow in pnmscanner_gettoken()
Jul 06, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-5142
MEDIUM
Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-5138
MEDIUM
Foreman: foreman: information disclosure via improper validation of nested request parameters
Jul 01, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-5135
MEDIUM
Foreman: foreman: unauthorized modification of host configurations via broken access control
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-5136
HIGH
Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation
Jul 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-58016
HIGH
Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"
Jun 30, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-58015
MEDIUM
Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive
Jun 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-58014
HIGH
Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"
Jun 30, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-58013
MEDIUM
Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58012
MEDIUM
Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58011
MEDIUM
Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58010
MEDIUM
Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4629
MEDIUM
Keycloak: keycloak: privilege escalation through hardcoded role mapper injection
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-14209
MEDIUM
Keycloak-admin-ui: keycloak-admin-ui: keycloak: admin ui extension brute-force-user endpoint bypasses fgapv2 user view restrictions
Jun 30, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-12388
MEDIUM
Keycloak-broker: keycloak: privilege escalation to realm administrator via improper authorization in identity provider mapper
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-13316
MEDIUM
Foreman: ssrf to cloud metada service through unvalidated test_url parameters in foreman config
Jun 30, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-12610
MEDIUM
Sssd: use-after-free crash in sssd' 'sssd_pam' process
Jun 30, 2026
CVSS 6.4
EPSS 0.00
CVE-2026-13757
MEDIUM
P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing
Jun 29, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-12856
HIGH
Red Hat OpenShift Dev Spaces vscode-java Javadoc Hover - Command Injection
Jun 29, 2026
CVSS 8.8
EPSS 0.00
Products
enterprise_linux_desktop 1,928
enterprise_linux_server 1,891
enterprise_linux 1,852
enterprise_linux_workstation 1,845
enterprise_linux_server_aus 1,059
enterprise_linux_eus 784
enterprise_linux_server_tus 768
enterprise_linux_server_eus 622
openshift_container_platform 313
jboss_enterprise_application_platform 242
satellite 232
linux 229
openstack 210
enterprise_linux_hpc_node 146
openshift 146
software_collections 137
virtualization 128
enterprise_linux_for_ibm_z_systems 113
enterprise_linux_for_power_little_endian 107
single_sign-on 107
keycloak 98
enterprise_linux_for_power_little_endian_eus 94
enterprise_linux_for_ibm_z_systems_eus 88
enterprise_linux_workstation_supplementary 86
enterprise_linux_desktop_supplementary 84
enterprise_linux_server_supplementary 84
virtualization_host 84
enterprise_linux_server_supplementary_eus 83
enterprise_linux_hpc_node_eus 81
fedora_core 77
Quick Filters