redhat

5,762 tracked vulnerabilities.

CVE-2026-2443 MEDIUM
Red Hat Enterprise Linux - Out-of-bounds Read via HTTP Range Header Processing
Feb 13, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1709 CRITICAL
Keylime >=7.12.0 <7.12.2 - Unauthenticated Administrative Operations via TLS Authentication Bypass
Feb 06, 2026
CVSS 9.4
EPSS 0.05
CVE-2026-1801 MEDIUM
libsoup - HTTP Request Smuggling Information Disclosure
Feb 03, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1616 HIGH
Open Security Issue Management <v2025.9.0 - Path Traversal
Jan 29, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-1539 MEDIUM
libsoup - Proxy-Authorization Header Credential Disclosure
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1536 MEDIUM
Libsoup - HTTP Header Injection
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1467 MEDIUM
Libsoup - CRLF Injection
Jan 27, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-0992 LOW
Red Hat Enterprise Linux 6-10 - Denial of Service via XML Catalog Processing
Jan 15, 2026
CVSS 2.9
EPSS 0.00
CVE-2026-0990 MEDIUM
Red Hat Enterprise Linux 6-10 - Denial of Service via XML Catalog Delegate URI Recursion
Jan 15, 2026
CVSS 5.9
EPSS 0.01
CVE-2026-0989 LOW
Red Hat Enterprise Linux - Denial of Service via RelaxNG Parser Recursion
Jan 15, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-14243 MEDIUM
Mirror-registry: openshift mirror registry: user enumeration via authentication error messages
Apr 08, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-58713 MEDIUM
Rhpam: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57854 MEDIUM
Osus-operator: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57853 MEDIUM
Web-terminal: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57851 MEDIUM
Mce: privilege escalation via excessive /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57847 MEDIUM
Ansible-automation-platform: privilege escalation via excessive group writable /etc/passwd permissions
Apr 08, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-14821 HIGH
Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows
Apr 07, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-12805 HIGH
Llama-stack-k8s-operator: llama stack service exposed across namespaces due to missing networkpolicy
Mar 26, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-8766 MEDIUM
Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container
Mar 13, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-57849 MEDIUM
Fuse: privilege escalation via excessive /etc/passwd permissions
Mar 13, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-12801 MEDIUM
nfs-utils - Privilege Escalation
Mar 04, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-12150 LOW
Keycloak < 26.4.4 - Improper Verification of Cryptographic Signature via WebAuthn Attestation Bypass
Feb 27, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-9909 MEDIUM
Red Hat Ansible Automation Platform - Auth Bypass
Feb 27, 2026
CVSS 6.7
EPSS 0.00
CVE-2025-9908 MEDIUM
Red Hat Ansible Automation Platform - Info Disclosure
Feb 27, 2026
CVSS 6.7
EPSS 0.00
CVE-2025-9907 MEDIUM
Red Hat Ansible Automation Platform - Info Disclosure
Feb 27, 2026
CVSS 6.7
EPSS 0.00