redhat
5,762 tracked vulnerabilities.
CVE-2026-13601
HIGH
Yelp yelp-xsl - Host File Disclosure via Flatpak OpenURI
Jun 29, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-57966
MEDIUM
Spice-vdagent: path traversal in file transfer via unsanitized filename
Jun 29, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-57965
MEDIUM
Spice-vdagent: integer overflow in udscs_write() leading to heap buffer overflow
Jun 29, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-13595
MEDIUM
Util-linux: util-linux: heap use-after-free in libblkid nested partition probing
Jun 29, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-13434
MEDIUM
Red Hat OpenShift Virtualization KubeVirt - Multus Network Annotation Injection
Jun 26, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-13325
HIGH
Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces
Jun 26, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-13322
LOW
Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of service
Jun 26, 2026
CVSS 3.8
EPSS 0.00
CVE-2026-13318
MEDIUM
Virt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ip
Jun 26, 2026
CVSS 6.4
EPSS 0.00
CVE-2026-13218
MEDIUM
Kubevirt: kubevirt: symlink following in writetocachedfile allows host file overwrite from virt-launcher
Jun 26, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-13083
MEDIUM
Pen-drive: pen-drive: stored xss via unescaped cluster data in html report
Jun 26, 2026
CVSS 6.9
EPSS 0.00
CVE-2026-12993
MEDIUM
Apicurio/apicurio-registry: apicurio-registry: xml entity-expansion denial of service via internal dtd subset
Jun 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-12992
HIGH
Apicurio/apicurio-registry: apicurio-registry: ssrf via wsdl4j import dereference in wsdl full validation
Jun 25, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-12975
HIGH
Red Hat Apicurio Registry 3 - XML External Entity Server-Side Request Forgery
Jun 25, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-11800
HIGH
Org.keycloak:keycloak-services: keycloak: authentication bypass via jwt algorithm confusion
Jun 25, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-9800
HIGH
Keycloak: keycloak policy enforcer: authorization bypass via incorrect uri comparison
Jun 25, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-9799
MEDIUM
Keycloak: keycloak: unauthorized access to resources via uma permission ticket bypass
Jun 25, 2026
CVSS 4.6
EPSS 0.00
CVE-2026-9705
MEDIUM
Keycloak: keycloak: attacker can re-enable and take over disabled clients via registration access token
Jun 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9099
HIGH
Keycloak: group-admin escalation to realm-admin
Jun 25, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-9086
HIGH
Keycloak: keycloak: cross-site scripting (xss) via case-insensitive uri validation bypass
Jun 25, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-9083
MEDIUM
Keycloak: keycloak: information disclosure through arbitrary filesystem path probing
Jun 25, 2026
CVSS 4.9
EPSS 0.01
CVE-2026-53153
HIGH
mm/list_lru: drain before clearing xarray entry on reparent
Jun 25, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-53145
HIGH
drm/gem: Try to fix change_handle ioctl, attempt 4
Jun 25, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-13208
MEDIUM
Kubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts vmi identity from unauthenticated grpc request body
Jun 24, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-13201
HIGH
OpenShift Virtualization KubeVirt safepath - Host File Metadata Modification
Jun 24, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-9073
MEDIUM
Foreman-mcp-server: mcp server: insecure sensitive http header sanitization
Jun 23, 2026
CVSS 6.2
EPSS 0.00
Products
enterprise_linux_desktop 1,928
enterprise_linux_server 1,891
enterprise_linux 1,852
enterprise_linux_workstation 1,845
enterprise_linux_server_aus 1,059
enterprise_linux_eus 784
enterprise_linux_server_tus 768
enterprise_linux_server_eus 622
openshift_container_platform 313
jboss_enterprise_application_platform 242
satellite 232
linux 229
openstack 210
enterprise_linux_hpc_node 146
openshift 146
software_collections 137
virtualization 128
enterprise_linux_for_ibm_z_systems 113
enterprise_linux_for_power_little_endian 107
single_sign-on 107
keycloak 98
enterprise_linux_for_power_little_endian_eus 94
enterprise_linux_for_ibm_z_systems_eus 88
enterprise_linux_workstation_supplementary 86
enterprise_linux_desktop_supplementary 84
enterprise_linux_server_supplementary 84
virtualization_host 84
enterprise_linux_server_supplementary_eus 83
enterprise_linux_hpc_node_eus 81
fedora_core 77
Quick Filters