VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1577 advisories across 32 monitored vendors.
Erlang OTP ssh: Information disclosure via SFTP REALPATH handler. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-204. Red Hat lists fixing advisory RHSA-2026:35998 with package erlang27-main-27.3.4.14-1.hum1.
DPoP verifier accepts malformed proof with private key material. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-358.
Server-Side Request Forgery allows unauthorized internal network access. Red Hat rates this moderate (CVSS 5.8). Weakness: CWE-918.
Request smuggling via re-parsing of Content-Length header. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-444. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
use chan timer to close channels in cleanup_listen(). Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-413.
File store write outside working directory via symlink traversal. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-22.
Cookie injection allows planting cookies for unrelated domains. Red Hat rates this moderate (CVSS 4). Weakness: CWE-346.
containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service (DoS) condition. When creating a container from this image, memory exhaustion occurs, leading to an Out Of Memory (OOM) kill of the containerd process. This renders the container runtime API unavailable and can disrupt clients such as the Docker Engine or Kubernetes control-plane components. This issue has been fixed in versions 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2.
Heap buffer overwrite via incorrect argument handling in JP2 encoder. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-787.
Denial of Service via invalid arguments to connected-components option. Red Hat rates this moderate (CVSS 4.7). Weakness: CWE-835.
Denial of Service via crafted image in MVG decoder. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-787.
Heap buffer overflow in MVG decoder allows out-of-bounds write. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-787.
Denial of Service via crafted 8BIM profile. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-825.
Information disclosure vulnerability in MNG decoder. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-908.
Information disclosure via overly permissive file permissions. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-277.
Denial of Service via integer overflow in XCF decoder. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-125.
Unauthorized file access due to missing policy checks in concatenate operation. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-1220.
Arbitrary host file read via symlink following in CRI checkpoint restore. Red Hat rates this important (CVSS 6.5). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:15862 with package syft-main-1.46.0-0.1.hum1, grype-main-0.115.0-0.1.hum1, trivy-main-0.69.3-1.2.hum1.
Arbitrary code execution via CRI checkpoint image tag poisoning. Red Hat rates this moderate (CVSS 6.7). Weakness: CWE-1289. Red Hat lists fixing advisory RHSA-2026:35111 with package trivy-main-0.72.0-0.1.hum1.
Denial of Service via maliciously crafted image leading to unbounded group parsing. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-770. Red Hat lists fixing advisory RHSA-2026:35111 with package syft-main-1.46.0-0.1.hum1, trivy-main-0.72.0-0.1.hum1, kubernetes1-35-main-1.35.6-1.hum1, grype-main-0.115.0-0.1.hum1.