redhat

5,618 tracked vulnerabilities.

CVE-2026-28369 HIGH
Undertow: undertow: request smuggling via malformed http request headers
Mar 27, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-28368 HIGH
Undertow: undertow: request smuggling via inconsistent header parsing
Mar 27, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-28367 HIGH
Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator
Mar 27, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-4948 MEDIUM
Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization
Mar 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-2272 MEDIUM
Gimp: gimp: memory corruption due to integer overflow in ico file handling
Mar 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-2239 LOW
Gimp: gimp: application crash (dos) via crafted psd file due to heap-buffer-overflow
Mar 26, 2026
CVSS 2.8
EPSS 0.00
CVE-2026-2100 MEDIUM
P11-kit: p11-kit: null dereference via c_derivekey with specific null parameters
Mar 26, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-0968 LOW
Libssh: libssh: denial of service due to malformed sftp message
Mar 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-0967 MEDIUM
Libssh: libssh: denial of service via inefficient regular expression processing
Mar 26, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-0966 HIGH
Libssh: buffer underflow in ssh_get_hexa() on invalid input
Mar 26, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-0965 LOW
Libssh: libssh: denial of service via improper configuration file handling
Mar 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-0964 MEDIUM
Libssh: improper sanitation of paths received from scp servers
Mar 26, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-2436 MEDIUM
Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake
Mar 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-3190 MEDIUM
Keycloak: keycloak: information disclosure via improper role enforcement in uma 2.0 protection api
Mar 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-3121 MEDIUM
Keycloak: org.keycloak/keycloak-services: keycloak: privilege escalation via manage-clients permission
Mar 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4897 MEDIUM
Polkit: polkit: denial of service via unbounded input processing through standard input
Mar 26, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-4874 LOW
Org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: keycloak: server-side request forgery via oidc token endpoint manipulation
Mar 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-4775 HIGH
Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing
Mar 24, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-3260 MEDIUM
Undertow: undertow: denial of service due to premature multipart/form-data parsing in get requests
Mar 24, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-1940 MEDIUM
Gstreamer: incomplete fix of cve-2026-1940
Mar 23, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-4647 MEDIUM
Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library
Mar 23, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-4633 LOW
Keycloak: keycloak: user enumeration via differential error messages
Mar 23, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-4628 MEDIUM
Keycloak: org.keycloak.authorization: keycloak: unauthorized resource modification due to improper access control
Mar 23, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-4426 MEDIUM
Libarchive: libarchive: denial of service via malformed iso file processing
Mar 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4424 HIGH
Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing
Mar 19, 2026
CVSS 7.5
EPSS 0.00
Products
enterprise_linux_desktop 1,928 enterprise_linux_server 1,891 enterprise_linux_workstation 1,845 enterprise_linux 1,780 enterprise_linux_server_aus 1,059 enterprise_linux_eus 780 enterprise_linux_server_tus 768 enterprise_linux_server_eus 622 openshift_container_platform 291 jboss_enterprise_application_platform 243 linux 229 satellite 222 openstack 210 enterprise_linux_hpc_node 146 openshift 146 software_collections 137 virtualization 128 enterprise_linux_for_ibm_z_systems 112 single_sign-on 108 enterprise_linux_for_power_little_endian 106 keycloak 98 enterprise_linux_for_power_little_endian_eus 93 enterprise_linux_for_ibm_z_systems_eus 87 enterprise_linux_workstation_supplementary 86 enterprise_linux_desktop_supplementary 84 enterprise_linux_server_supplementary 84 virtualization_host 84 enterprise_linux_server_supplementary_eus 83 enterprise_linux_hpc_node_eus 81 fedora_core 77
Quick Filters
Critical CVEs With Exploits In CISA KEV