redhat

5,762 tracked vulnerabilities.

CVE-2026-11788 MEDIUM
389-ds-base: 389-ds-base: null pointer dereference in deref control plugin ber parser
Jun 09, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-11787 MEDIUM
389-ds-base: 389-ds-base: heap buffer over-read in ldap_utf8prev() via str2simple filter parsing
Jun 09, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-11786 LOW
389-ds-base: 389-ds-base: heap out-of-bounds read in ldif parser str2entry_state_information_from_type()
Jun 09, 2026
CVSS 1.9
EPSS 0.00
CVE-2026-11785 MEDIUM
389 Directory Server SSO Token Handler - Authenticated Information Disclosure
Jun 09, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-11611 MEDIUM
389-ds-base: 389-ds-base: content sync plugin unbounded queue growth and race conditions
Jun 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-50264 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: out-of-bounds heap write in dri2 drigetbuffers/drigetbufferswithformat
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50263 MEDIUM
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free information disclosure in createsaverwindow()
Jun 05, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-50262 MEDIUM
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: out-of-bounds read/write in glx changedrawableattributes
Jun 05, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-50261 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in syncchangecounter()
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50260 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in freecounter()
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50259 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb setmap request via mapwidths indexing
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50258 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb key types due to unchecked shift levels
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50257 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in misyncdestroyfence()
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-50256 HIGH
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libxfont2 name length mismatch
Jun 05, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-1784 HIGH
Ose-cluster-ingress-operator: remote code execution through haproxy configuration injection
Jun 02, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-10533 MEDIUM
Red Hat OpenShift - ResourceQuota Bypass Event Flood Denial of Service
Jun 01, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-46579 HIGH
Openshift/router: openshift/router: mtls client certificate spoofing via unstripped x-ssl-client headers on http frontend
May 29, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-42965 HIGH
Openshift/router: openshift/router: cloud metadata ssrf via fqdn-typed endpointslice bypasses destination validation
May 29, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-4408 CRITICAL
Samba: remote code execution in samr
May 28, 2026
CVSS 9.0
EPSS 0.03
CVE-2026-9803 MEDIUM
Keycloak: keycloak: denial of service via malformed authorization header
May 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-9802 MEDIUM
Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart
May 28, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-9801 MEDIUM
Keycloak: keycloak: denial of service via malformed ldap password policy response
May 28, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-9798 MEDIUM
Keycloak: keycloak: brute-force protection bypass in ciba flow
May 28, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-9796 MEDIUM
Keycloak: keycloak: privilege escalation via time-of-check to time-of-use (toctou) vulnerability
May 28, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9795 HIGH
Keycloak: keycloak: privilege escalation via improper scope mapping enforcement
May 28, 2026
CVSS 7.3
EPSS 0.00