redhat

5,762 tracked vulnerabilities.

CVE-2026-15154 MEDIUM
Guardrails-detectors: guardrails-detectors: unauthenticated regular-expression denial of service (redos) via detector_params.regex
Jul 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-15041 LOW
389-ds-base: 389-ds-base: non-constant-time comparison in pbkdf2-sha256 password verification
Jul 08, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-14969 MEDIUM
389-ds-base: 389-ds-base: static initialization vector in aes-cbc/3des-cbc attribute encryption
Jul 07, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-14940 MEDIUM
389-ds-base: 389-ds-base: heap-buffer-overflow in dn normalization via quoted multivalued rdn
Jul 07, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-58384 HIGH
Gimp: gimp: integer overflow in read_rle_channel()
Jul 07, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-59089 MEDIUM
Gimp: gimp: denial of service via integer overflow in playstation tim loader
Jul 06, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-58380 HIGH
Gimp: gimp: stack buffer overflow in pnmscanner_gettoken()
Jul 06, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-5142 MEDIUM
Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-5138 MEDIUM
Foreman: foreman: information disclosure via improper validation of nested request parameters
Jul 01, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-5135 MEDIUM
Foreman: foreman: unauthorized modification of host configurations via broken access control
Jul 01, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-5136 HIGH
Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation
Jul 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-58016 HIGH
Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"
Jun 30, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-58015 MEDIUM
Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive
Jun 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-58014 HIGH
Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"
Jun 30, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-58013 MEDIUM
Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58012 MEDIUM
Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58011 MEDIUM
Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-58010 MEDIUM
Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4629 MEDIUM
Keycloak: keycloak: privilege escalation through hardcoded role mapper injection
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-14209 MEDIUM
Keycloak-admin-ui: keycloak-admin-ui: keycloak: admin ui extension brute-force-user endpoint bypasses fgapv2 user view restrictions
Jun 30, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-12388 MEDIUM
Keycloak-broker: keycloak: privilege escalation to realm administrator via improper authorization in identity provider mapper
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-13316 MEDIUM
Foreman: ssrf to cloud metada service through unvalidated test_url parameters in foreman config
Jun 30, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-12610 MEDIUM
Sssd: use-after-free crash in sssd' 'sssd_pam' process
Jun 30, 2026
CVSS 6.4
EPSS 0.00
CVE-2026-13757 MEDIUM
P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing
Jun 29, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-12856 HIGH
Red Hat OpenShift Dev Spaces vscode-java Javadoc Hover - Command Injection
Jun 29, 2026
CVSS 8.8
EPSS 0.00