redhat
5,762 tracked vulnerabilities.
CVE-2026-40918
MEDIUM
Gimp: gimp: denial of service via crafted pvr image file
Apr 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-40917
MEDIUM
Gimp: gimp: application crashes or information disclosure via crafted icns image files
Apr 15, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-40916
MEDIUM
Gimp: gimp: denial of service due to stack buffer overflow in tim image loader
Apr 15, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-40915
MEDIUM
Gimp: gimp: heap buffer overflow due to integer overflow in fits image loader
Apr 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-37980
MEDIUM
Org.keycloak.forms.login: keycloak: keycloak: arbitrary code execution via stored cross-site scripting (xss) in organization selection login page
Apr 14, 2026
CVSS 6.9
EPSS 0.00
CVE-2026-1462
HIGH
Safe Mode Bypass in keras-team/keras
Apr 13, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-5483
HIGH
Odh-dashboard: odh dashboard kubernetes service account exposure
Apr 10, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-1584
HIGH
Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder
Apr 09, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-4878
MEDIUM
Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()
Apr 09, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-32591
MEDIUM
Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration
Apr 08, 2026
CVSS 5.2
EPSS 0.00
CVE-2026-32590
HIGH
Mirror-registry: remote code execution using pickle deserialization
Apr 08, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-32589
HIGH
Mirror-registry: quay: insecure direct object reference in blobupload
Apr 08, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-2377
MEDIUM
Mirror-registry: quay: quay: server-side request forgery via log export functionality
Apr 08, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-5745
MEDIUM
Libarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive
Apr 07, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-4740
HIGH
Rhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validation
Apr 07, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-5704
MEDIUM
Tar: tar: hidden file injection via crafted archives
Apr 06, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-5673
MEDIUM
Libtheora: libtheora: denial of service or information disclosure via malformed avi file processing
Apr 06, 2026
CVSS 5.6
EPSS 0.00
CVE-2026-37977
LOW
Keycloak: org.keycloak.protocol.oidc.grants.ciba: keycloak: information disclosure via cors header injection due to unvalidated jwt azp claim
Apr 06, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-3184
LOW
Util-linux: util-linux: access control bypass due to improper hostname canonicalization
Apr 03, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-2625
MEDIUM
Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification
Apr 03, 2026
CVSS 4.0
EPSS 0.00
CVE-2026-4636
HIGH
Keycloak UMA Policy - Unauthorized Resource Access
Apr 02, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-4634
HIGH
Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters
Apr 02, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-4325
MEDIUM
Keycloak: keycloak: replay of action tokens via improper handling of single-use entries
Apr 02, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-4282
HIGH
Keycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flaw
Apr 02, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-3872
HIGH
Red Hat Keycloak 26.2 and 26.4 - redirect_uri Access Token Disclosure
Apr 02, 2026
CVSS 7.3
EPSS 0.00
Products
enterprise_linux_desktop 1,928
enterprise_linux_server 1,891
enterprise_linux 1,852
enterprise_linux_workstation 1,845
enterprise_linux_server_aus 1,059
enterprise_linux_eus 784
enterprise_linux_server_tus 768
enterprise_linux_server_eus 622
openshift_container_platform 313
jboss_enterprise_application_platform 242
satellite 232
linux 229
openstack 210
enterprise_linux_hpc_node 146
openshift 146
software_collections 137
virtualization 128
enterprise_linux_for_ibm_z_systems 113
enterprise_linux_for_power_little_endian 107
single_sign-on 107
keycloak 98
enterprise_linux_for_power_little_endian_eus 94
enterprise_linux_for_ibm_z_systems_eus 88
enterprise_linux_workstation_supplementary 86
enterprise_linux_desktop_supplementary 84
enterprise_linux_server_supplementary 84
virtualization_host 84
enterprise_linux_server_supplementary_eus 83
enterprise_linux_hpc_node_eus 81
fedora_core 77
Quick Filters