VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
pnpm is a package manager. An attacker who contributes a malicious patch file via a pull request can write attacker-controlled content to or delete arbitrary files on the filesystem during pnpm install, as the user running the install. The diff --git header paths containing ../../ sequences traverse out of the package directory, and the traversal is difficult to catch in code review because patch file diff headers are opaque to most reviewers. This vulnerability is fixed in 10.34.0 and 11.4.0. A flaw was found in pnpm. During the pnpm install process, the patch application pipeline fails to validate file paths extracted from these patch files. This allows the attacker to write or delete arbitrary files on the filesystem, potentially leading to arbitrary code execution or privilege escalation on the system where pnpm install is executed. This is due to insufficient path validation within the patch application pipeline, allowing directory traversal and potentially leading to arbitrary code execution or privilege escalation on the system where the installation is performed. Red Hat severity: Important — CVSS 7.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H). Weakness: CWE-22. Affected Red Hat products: Red Hat Build of Keycloak.
pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's tarball extraction worker skips integrity verification when the integrity field is absent from the lockfile resolution. This vulnerability is fixed in 10.34.0 and 11.4.0. This can lead to the execution of arbitrary code or other malicious activities on the system. This poses a significant risk in environments where both lockfile modification and registry control are possible, leading to potential arbitrary code execution. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H). Weakness: CWE-494. Affected Red Hat products: Red Hat Build of Keycloak. Red Hat lists Red Hat AMQ Broker 7; Red Hat JBoss Enterprise Application Platform 8; Red Hat JBoss Enterprise Application Platform Expansion Pack as not affected. Red Hat does not currently list a fixing RHSA for this CVE.
Unauthorized file modification via crafted package manifest. Red Hat rates this important (CVSS 7.1). Weakness: CWE-22.
pnpm is a package manager. Before the patch, direct pnpm execution trusted an already resolved packageManagerDependencies entry when the committed env lockfile contained matching pnpm and @pnpm/exe versions. This vulnerability is fixed in 10.34.2 and 11.5.3. This can cause pnpm to install and execute attacker-controlled code during automatic version switching. This can lead to the execution of attacker-controlled code when pnpm is used to install dependencies from such a repository, posing a significant supply chain risk. Red Hat severity: Important — CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Weakness: CWE-502. Affected Red Hat products: Red Hat Build of Keycloak. Red Hat lists Red Hat AMQ Broker 7; Red Hat JBoss Enterprise Application Platform 8; Red Hat JBoss Enterprise Application Platform Expansion Pack as not affected. Red Hat does not currently list a fixing RHSA for this CVE.
pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can install configDependencies declared in pnpm-workspace.yaml before command dispatch. Before the patch, a repository could declare pacquet or @pnpm/pacquet as a config dependency and pnpm treated that repository-controlled dependency as an install-engine opt-in. During install, pnpm resolved a platform-specific @pacquet/<platform>-<arch>/pacquet binary from node_modules/.pnpm-config/<packageName> and spawned it as the developer or CI user. This vulnerability is fixed in 10.34.2 and 11.5.3. A remote attacker could exploit this vulnerability by crafting a malicious repository that declares a configDependency in its pnpm-workspace.yaml file. When a user installs packages from this repository, pnpm improperly treats the declared dependency as an install-engine opt-in, leading to the execution of a malicious binary. This allows for arbitrary code execution on the system of the developer or continuous integration (CI) user. A remote attacker could exploit this by crafting a malicious repository that, when used by a developer or CI system, leads to the execution of a malicious binary. This vulnerability arises from pnpm's improper handling of `configDependencies` declared in `pnpm-workspace.yaml`, allowing an untrusted repository to opt into a native install engine.
pnpm is a package manager. Prior to 10.34.2 and 11.5.3, the generic peer-suffix normalizer also stripped parenthesized text from git, URL, tarball, file, and other opaque locators. Approval for one source string could therefore authorize a different attacker-controlled source whose locator normalized to the same value. This vulnerability is fixed in 10.34.2 and 11.5.3. This vulnerability allows a remote attacker to bypass security checks by manipulating how package source strings are processed. By crafting a specially designed source string, an attacker could trick the system into approving and using a malicious package instead of the intended one. This could lead to the execution of unauthorized code or the installation of harmful software, severely impacting the confidentiality, integrity, and availability of the system. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). Weakness: CWE-140. Affected Red Hat products: Red Hat Build of Keycloak. Red Hat lists Red Hat AMQ Broker 7; Red Hat JBoss Enterprise Application Platform 8; Red Hat JBoss Enterprise Application Platform Expansion Pack as not affected. Red Hat does not currently list a fixing RHSA for this CVE.
Group-Admin Escalation to Realm-Admin. Red Hat rates this important (CVSS 7.7). Weakness: CWE-639. Red Hat lists fixing advisory RHSA-2026:30049 with package rhbk/keycloak-operator-bundle:26.4.13-1, rhbk/keycloak-rhel9-operator:26.4-19, rhbk/keycloak-rhel9, rhbk/keycloak-rhel9:26.6-8.
Cross-site scripting (XSS) via case-insensitive URI validation bypass. Red Hat rates this important (CVSS 7.3). Weakness: CWE-79. Red Hat lists fixing advisory RHSA-2026:30049 with package rhbk/keycloak-operator-bundle:26.4.13-1, rhbk/keycloak-rhel9-operator:26.4-19, rhbk/keycloak-rhel9, rhbk/keycloak-rhel9:26.6-8.
Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked against the size of the fixed MAXWLEN-element stack arrays it indexes (arridx[], curi[], wordcount[]). A crafted .spl/.sug file pair, loaded when the user invokes spell suggestion, can drive the descent arbitrarily deep, so the function writes past the end of those arrays. This is a stack out-of-bounds write that corrupts the call frame and crashes the editor. This vulnerability is fixed in 9.2.0653. Red Hat severity: Moderate — CVSS 7.3 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H). Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat Hardened Images; Red Hat OpenShift Container Platform 4. Red Hat does not currently list a fixing RHSA for this CVE.
Arbitrary code execution via Vimscript code injection in netrw plugin. Red Hat rates this important (CVSS 7.8). Weakness: CWE-94.
Arbitrary code execution via malicious docstrings in Python omni-completion. Red Hat rates this important (CVSS 7.8). Weakness: CWE-94. Red Hat lists fixing advisory RHSA-2026:35387 with package vim-main-9.2.780-1.hum1.
GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an unauthenticated user to execute arbitrary JavaScript in a user's browser session due to improper path validation under certain conditions.
GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code in the context of another user's session, due to improper sanitization of user-supplied input.
A specially crafted SVCB RR can cause a heap overflow of up to 65509 attacker controlled bytes. Red Hat rates this important (CVSS 8). Weakness: CWE-787.
Denial of DNS over TLS service by any DoT client. Red Hat rates this important (CVSS 7.5). Weakness: CWE-617.
Out of bounds stack write with crafted APL RR. Red Hat rates this important (CVSS 8). Weakness: CWE-787.
Fix buffer overflow in SDMA queue checkpoint/restore on GFX11. Red Hat rates this important (CVSS 7). Weakness: CWE-131.
Take the SRCU lock for page table walks in fault injection and AT emulation. Red Hat rates this important (CVSS 7). Weakness: CWE-820.
Clamp XDomain response data copy to allocation size. Red Hat rates this important (CVSS 7). Weakness: CWE-787.