VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device.
Privilege escalation and code execution via race condition. Red Hat rates this important (CVSS 8.5). Weakness: CWE-367.
Privilege escalation to administrator-level access via usergroup role assignment manipulation. Red Hat rates this important (CVSS 8.8). Weakness: CWE-266. Red Hat lists fixing advisory RHSA-2026:34366 with package foreman-0:3.14.0.17-1.el9sat, foreman-0:3.18.0.7-1.el9sat, foreman-0:3.12.0.17-1.el9sat, foreman-0:3.12.0.17-1.el8sat. Affected products named by the advisory: Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 8.
Authentication bypass via predictable session IDs. Red Hat rates this important (CVSS 7.4). Weakness: CWE-331.
Host-root command execution via unvalidated image config labels in CRI plugin. Red Hat rates this important (CVSS 8.8). Weakness: CWE-78. Red Hat lists fixing advisory RHSA-2026:37252 with package rhacm2/submariner-rhel9-operator:1782933193, multicluster-engine/assisted-service-8-rhel8:1783332008, trivy-main-0.72.0-0.1.hum1, multicluster-engine/assisted-service-9-rhel9:1783350355.
fix UAF due to unlocked ->mnt_ns read in may_decode_fh(). Red Hat rates this moderate (CVSS 7). Weakness: CWE-364.
Mitigate TLBI errata on various Arm CPUs. Red Hat rates this moderate (CVSS 7). Weakness: CWE-1037.
clear i_sends on setup unwind. Red Hat rates this moderate (CVSS 7). Weakness: CWE-825.
Heap corruption and Denial of Service via integer overflow in JSON parsing. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787.
Heap corruption via crafted JSON object key. Red Hat rates this important (CVSS 7.5). Weakness: CWE-131.
Use-After-Free in Oj::Doc Iterators via reentrant close. Red Hat rates this important (CVSS 7.8). Weakness: CWE-364.
Heap buffer overflow in exception serialization. Red Hat rates this important (CVSS 7.8). Weakness: CWE-787.
Denial of Service via deeply nested JSON input. Red Hat rates this important (CVSS 7.5). Weakness: CWE-120.
Remote code execution via deserialization vulnerability. Red Hat rates this important (CVSS 7.5). Weakness: CWE-502.
Arbitrary code execution through AppImage library loading vulnerability. Red Hat rates this important (CVSS 7.3). Weakness: CWE-427.
Denial of Service via malformed Wi-Fi 7 Multi-Link Operation association request. Red Hat rates this moderate (CVSS 7.1). Weakness: CWE-787.
Denial of Service via inefficient HTTP body processing. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-1046.
Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing a different connection to consume from another connection's temporary destination. This issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7, which fixes the issue.
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message property maps are unmarshaled without size validation which can trigger OOM and crash the broker. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM heap. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.