redhat
5,762 tracked vulnerabilities.
CVE-2026-2443
MEDIUM
Red Hat Enterprise Linux - Out-of-bounds Read via HTTP Range Header Processing
Feb 13, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1709
CRITICAL
Keylime >=7.12.0 <7.12.2 - Unauthenticated Administrative Operations via TLS Authentication Bypass
Feb 06, 2026
CVSS 9.4
EPSS 0.05
CVE-2026-1801
MEDIUM
libsoup - HTTP Request Smuggling Information Disclosure
Feb 03, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1616
HIGH
Open Security Issue Management <v2025.9.0 - Path Traversal
Jan 29, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-1539
MEDIUM
libsoup - Proxy-Authorization Header Credential Disclosure
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1536
MEDIUM
Libsoup - HTTP Header Injection
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1467
MEDIUM
Libsoup - CRLF Injection
Jan 27, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-0992
LOW
Red Hat Enterprise Linux 6-10 - Denial of Service via XML Catalog Processing
Jan 15, 2026
CVSS 2.9
EPSS 0.00
CVE-2026-0990
MEDIUM
Red Hat Enterprise Linux 6-10 - Denial of Service via XML Catalog Delegate URI Recursion
Jan 15, 2026
CVSS 5.9
EPSS 0.01
CVE-2026-0989
LOW
Red Hat Enterprise Linux - Denial of Service via RelaxNG Parser Recursion
Jan 15, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-14243
MEDIUM
Mirror-registry: openshift mirror registry: user enumeration via authentication error messages
Apr 08, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-58713
MEDIUM
Rhpam: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57854
MEDIUM
Osus-operator: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57853
MEDIUM
Web-terminal: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57851
MEDIUM
Mce: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57847
MEDIUM
Ansible-automation-platform: privilege escalation via excessive group writable /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-14821
HIGH
Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows
Apr 07, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-12805
HIGH
Llama-stack-k8s-operator: llama stack service exposed across namespaces due to missing networkpolicy
Mar 26, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-8766
MEDIUM
Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container
Mar 13, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57849
MEDIUM
Fuse: privilege escalation via excessive /etc/passwd permissions
Mar 13, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-12801
MEDIUM
nfs-utils - Privilege Escalation
Mar 04, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-12150
LOW
Keycloak < 26.4.4 - Improper Verification of Cryptographic Signature via WebAuthn Attestation Bypass
Feb 27, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-9909
MEDIUM
Red Hat Ansible Automation Platform - Auth Bypass
Feb 27, 2026
CVSS 6.7
EPSS 0.00
CVE-2025-9908
MEDIUM
Red Hat Ansible Automation Platform - Info Disclosure
Feb 27, 2026
CVSS 6.7
EPSS 0.00
CVE-2025-9907
MEDIUM
Red Hat Ansible Automation Platform - Info Disclosure
Feb 27, 2026
CVSS 6.7
EPSS 0.00
Products
enterprise_linux_desktop 1,928
enterprise_linux_server 1,891
enterprise_linux 1,852
enterprise_linux_workstation 1,845
enterprise_linux_server_aus 1,059
enterprise_linux_eus 784
enterprise_linux_server_tus 768
enterprise_linux_server_eus 622
openshift_container_platform 313
jboss_enterprise_application_platform 242
satellite 232
linux 229
openstack 210
enterprise_linux_hpc_node 146
openshift 146
software_collections 137
virtualization 128
enterprise_linux_for_ibm_z_systems 113
enterprise_linux_for_power_little_endian 107
single_sign-on 107
keycloak 98
enterprise_linux_for_power_little_endian_eus 94
enterprise_linux_for_ibm_z_systems_eus 88
enterprise_linux_workstation_supplementary 86
enterprise_linux_desktop_supplementary 84
enterprise_linux_server_supplementary 84
virtualization_host 84
enterprise_linux_server_supplementary_eus 83
enterprise_linux_hpc_node_eus 81
fedora_core 77
Quick Filters