VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
304 advisories across 32 monitored vendors.
Remote Code Execution via Prototype Pollution escalation. Red Hat rates this important (CVSS 9). Weakness: CWE-915. Affected package(s): openshift-service-mesh/kiali-rhel9:1776149682, openshift-service-mesh/kiali-ossmc-rhel9:1776151134, rhtas/rhtas-console-rhel9:1776672801, devspaces/dashboard-rhel9:1776795511, openshift-service-mesh/kiali-ossmc-rhel8:1776202125, rhoai/odh-mod-arch-gen-ai-rhel9:1778473763. Resolved in Red Hat advisory RHSA-2026:13826 — update the affected packages (`sudo dnf update`).
Reduced security of ECDSA authentication via missing digest size checks. Red Hat rates this critical (CVSS 10). Weakness: CWE-295. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Sandbox escape via use-after-free in PrivateAI. Red Hat rates this important (CVSS 9.6). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names. Red Hat rates this important (CVSS 9). Weakness: CWE-641. Affected package(s): openshift4/cloud-network-config-controller-rhel9:1780040126, openshift4/ose-agent-installer-utils-rhel9:1780044523, openshift4/ose-vsphere-csi-driver-rhel9-operator:1780040095, openshift4/ose-aws-cloud-controller-manager-rhel9:1780040386, openshift4/ose-aws-cluster-api-controllers-rhel9:1780040551, openshift4/ose-ironic-machine-os-downloader-rhel9:1780365576. Resolved in Red Hat advisory RHSA-2026:10704 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via crafted symlinks in sandbox-expose options. Red Hat rates this important (CVSS 9). Weakness: CWE-59. Affected package(s): flatpak. Resolved in Red Hat advisory RHSA-2026:21757 — update the affected packages (`sudo dnf update`).
Client authentication bypass in TLS 1.3 implementation. Red Hat rates this important (CVSS 9.1). Weakness: CWE-166. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Certificate validation bypass due to incorrect certificate matching. Red Hat rates this important (CVSS 9.1). Weakness: CWE-295. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Unauthenticated remote code execution due to SSH command-line argument injection. Red Hat rates this critical (CVSS 9.8). Weakness: CWE-78. Affected package(s): cockpit. Resolved in Red Hat advisory RHSA-2026:7383 — update the affected packages (`sudo dnf update`).
Use after free in V8. Red Hat rates this important (CVSS 9.6). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Media. Red Hat rates this important (CVSS 9.6). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Blink. Red Hat rates this important (CVSS 9.6). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Inappropriate implementation in V8. Red Hat rates this important (CVSS 9.6). Weakness: CWE-641. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Integer overflow in Skia. Red Hat rates this important (CVSS 9.6). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Out of bounds read and write in V8. Red Hat rates this important (CVSS 9.6). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Integer overflow in WebML. Red Hat rates this important (CVSS 9.6). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Authentication bypass and privilege escalation via OIDC userinfo cache key collision. Red Hat rates this important (CVSS 9.1). Weakness: CWE-222. Affected package(s): ansible-automation-platform, rhoai/odh-llama-stack-core-rhel9:1781826406, rhoai/odh-llama-stack-core-rhel9:1782310008. Resolved in Red Hat advisory RHSA-2026:28960 — update the affected packages (`sudo dnf update`).
Mbed TLS and TF-PSA-Crypto: Arbitrary code execution due to buffer overflow in FFDH key export. Red Hat rates this critical (CVSS 9.8). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Client impersonation during TLS 1.3 session resumption. Red Hat rates this critical (CVSS 10). Weakness: CWE-290. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Heap buffer overflow in GPU. Red Hat rates this important (CVSS 9.6). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Dawn. Red Hat rates this important (CVSS 9.6). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.