redhat
5,762 tracked vulnerabilities.
CVE-2026-9794
MEDIUM
Keycloak: keycloak: information disclosure via saml ecp endpoint
May 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-9793
MEDIUM
Keycloak: keycloak: security policy bypass in jwe-encrypted request object processing
May 28, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-9792
MEDIUM
Keycloak: keycloak: security restriction bypass allows unauthorized ropc token acquisition
May 28, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9791
MEDIUM
Keycloak-rhel9: organization data leak after feature disabled in keycloak
May 28, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-9704
MEDIUM
Keycloak: keycloak: privilege escalation due to oversized subject_token jwt
May 27, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-2340
MEDIUM
Samba: vfs_worm does not block directory modification
May 27, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-1933
HIGH
Samba: missing access check on reparse point operations
May 27, 2026
CVSS 7.1
EPSS 0.01
CVE-2026-9689
MEDIUM
Keycloak: org.keycloak.protocol.oidc: http parameter pollution in oidc redirect uri allows response parameter duplication - #ghi-604
May 27, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-3012
HIGH
Samba: group policy certificate enrollment uses http:// without validation
May 27, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-48864
HIGH
Libsolv: heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data
May 26, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-4480
CRITICAL
NUCLEI
Samba: samba: remote code execution in printing subsystem via unescaped job description
May 26, 2026
CVSS 9.0
EPSS 0.13
CVE-2026-9149
MEDIUM
Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file
May 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9150
MEDIUM
Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums
May 20, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-9087
MEDIUM
Keycloak: cross-session email verification proof not bound to upstream identity in first-broker-login
May 20, 2026
CVSS 6.4
EPSS 0.00
CVE-2026-9064
HIGH
Red Hat Directory Server - LDAP Controls Denial of Service
May 20, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-7571
HIGH
Keycloak: keycloak: access token disclosure and implicit flow bypass via forged client data
May 19, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-7507
HIGH
Org.keycloak/keycloak-services: session fixation in oidc login flow that can lead to account takeover
May 19, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-7504
HIGH
Org.keycloak/keycloak-services: open redirect when using wildcard valid redirect uris in keycloak
May 19, 2026
CVSS 8.1
EPSS 0.01
CVE-2026-7307
HIGH
Keycloak: keycloak: denial of service via specially crafted saml input
May 19, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-4630
MEDIUM
Keycloak: keycloak: unauthorized resource access and data modification via insecure direct object reference
May 19, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-37982
MEDIUM
Keycloak: org.keycloak.authentication: keycloak: unauthorized account takeover via webauthn token replay
May 19, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-37981
MEDIUM
Keycloak: org.keycloak.authorization: keycloak: information disclosure via broken access control in user lookup endpoint
May 19, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-37979
MEDIUM
Keycloak: keycloak: information disclosure via oidc token introspection endpoint audience bypass
May 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-37978
MEDIUM
Keycloak: org.keycloak.services: keycloak: information disclosure via evaluate-scopes admin api
May 19, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-8922
MEDIUM
Org.keycloak/keycloak-services: keycloak: org.keycloak.protocol.oidc: security flaw in org.keycloak/keycloak-services
May 19, 2026
CVSS 5.4
EPSS 0.00
Products
enterprise_linux_desktop 1,928
enterprise_linux_server 1,891
enterprise_linux 1,852
enterprise_linux_workstation 1,845
enterprise_linux_server_aus 1,059
enterprise_linux_eus 784
enterprise_linux_server_tus 768
enterprise_linux_server_eus 622
openshift_container_platform 313
jboss_enterprise_application_platform 242
satellite 232
linux 229
openstack 210
enterprise_linux_hpc_node 146
openshift 146
software_collections 137
virtualization 128
enterprise_linux_for_ibm_z_systems 113
enterprise_linux_for_power_little_endian 107
single_sign-on 107
keycloak 98
enterprise_linux_for_power_little_endian_eus 94
enterprise_linux_for_ibm_z_systems_eus 88
enterprise_linux_workstation_supplementary 86
enterprise_linux_desktop_supplementary 84
enterprise_linux_server_supplementary 84
virtualization_host 84
enterprise_linux_server_supplementary_eus 83
enterprise_linux_hpc_node_eus 81
fedora_core 77
Quick Filters