VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
CVE-2026-0286 PAN-OS: Authenticated Command Injection in CLI
CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing
PAN-SA-2026-0010 Chromium and Prisma Browser: Monthly Vulnerability Update (July 2026)
Go os.Root: Symlink following vulnerability allows directory traversal. Red Hat rates this important (CVSS 7.8). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:38493 with package podman-6:5.8.2-5.el9_8, golang-0:1.26.5-1.el10_2, buildah-2:1.43.1-4.el10_2, buildah-2:1.43.1-4.el9_8. Affected products named by the advisory: Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 1.
Denial of Service via invalid binary POST requests. Red Hat rates this important (CVSS 7.5). Weakness: CWE-772. Red Hat lists fixing advisory RHSA-2026:37577 with package dotnet8-0-main-8.0.128-1.1.hum1.
Denial of Service via crafted WebTransport session ID. Red Hat rates this important (CVSS 7.5). Weakness: CWE-843.
Denial of Service via malformed tar archive header. Red Hat rates this important (CVSS 7.5). Weakness: CWE-606.
Denial of Service via crafted gzip bomb. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
Denial of Service via quadratic CPU time parsing with merge keys. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1333. Red Hat lists fixing advisory RHSA-2026:34975 with package nodejs20-main-20.20.2-1.hum1, rust-main-1.96.1-1.hum1.
Denial of Service via crafted YAML ordered-map document. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Red Hat lists fixing advisory RHSA-2026:34975 with package nodejs20-main-20.20.2-1.hum1, rust-main-1.96.1-1.hum1.
Prevent rehoming resources to nodes with different owner. Red Hat rates this important (CVSS 8.7). Weakness: CWE-1220.
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
Use-after-free vulnerability during host key re-exchange on the client side. Red Hat rates this important (CVSS 7.7). Weakness: CWE-825. Red Hat lists fixing advisory RHSA-2026:37382 with package openssh-main-10.4p1-1.hum1.
glamor Font Atlas Heap Buffer Overflow. Red Hat rates this important (CVSS 7.5). Weakness: CWE-805. Red Hat lists fixing advisory RHSA-2026:38486 with package xorg-x11-server-0:1.20.11-34.el9_8.3, xorg-x11-server-Xwayland-0:21.1.3-20.el8_10.3, xorg-x11-server-Xwayland-0:24.1.9-4.el9_8.3, xorg-x11-server-0:1.20.11-28.el8_10.3. Affected products named by the advisory: Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 1.
BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow. Red Hat rates this important (CVSS 7.3).
PCF Font Parsing Heap Buffer Overflow. Red Hat rates this important (CVSS 7.3). Weakness: CWE-787.
rfbsrc/librfb Hextile heap out-of-bounds write with 16bpp framebuffer. Red Hat rates this important (CVSS 7.1). Weakness: CWE-787.
DTLS certificate Subject DN stack buffer overflow in openssl_verify_callback. Red Hat rates this important (CVSS 7.5). Weakness: CWE-121.
A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()` of attacker-controlled class paths when the Scheduler / API Server loaded a serialized DAG: a DAG author could embed a malicious trigger into a DAG to gain remote code execution on the API Server / Scheduler process, crossing the Airflow security boundary that DAG-author code must never execute in those processes. Users are advised to upgrade to `apache-airflow` 3.3.0 or later. As a defense-in-depth mitigation, deployments where DAG-author trust is limited can restrict the `[core] allowed_deserialization_classes` config to a narrow allowlist.
Heap overflow when preparsing SQL statements with excessive placeholders. Red Hat rates this important (CVSS 8.1). Weakness: CWE-131.