VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1800 advisories across 32 monitored vendors.
Privilege escalation in the Graphics: WebRender component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-266. Affected package(s): firefox, thunderbird. Resolved in Red Hat advisory RHSA-2026:29940 — update the affected packages (`sudo dnf update`).
Denial of Service via integer overflow in remote message decompression. Red Hat rates this important (CVSS 8.6). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
integer overflow in VIOSockSelect leads to heap-based buffer overflow. Red Hat rates this important (CVSS 7.8). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
local privilege escalation via forged cifs.spnego key description in cifs.upcall. Red Hat rates this important (CVSS 7.8). Weakness: CWE-250. Affected package(s): cifs-utils. Resolved in Red Hat advisory RHSA-2026:32990 — update the affected packages (`sudo dnf update`).
Crypt::DSA: Crypt::DSA: Private-key recovery via nonce reuse across signatures. Red Hat rates this important (CVSS 7.1). Weakness: CWE-323. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via heap buffer overflow in formula compilation. Red Hat rates this important (CVSS 7.8). Weakness: CWE-131. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Heap use-after-free allows arbitrary code execution via malformed ODF number format. Red Hat rates this important (CVSS 7.3). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Information disclosure and denial of service via improper proxy configuration. Red Hat rates this important (CVSS 7.1). Weakness: CWE-346. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Out-of-bounds read via JPEG segment length validation in VA decoder. Red Hat rates this important (CVSS 7.1). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Heap buffer overflow via crafted VNC server rectangle in librfb. Red Hat rates this important (CVSS 8.8). Weakness: CWE-122. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Signed integer overflow in VMnc decoder cursor payload handling. Red Hat rates this important (CVSS 7.1). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
`sanitize-html`: Stored Cross-Site Scripting via HTML sanitizer bypass. Red Hat rates this important (CVSS 8.1). Weakness: CWE-79. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Form field override via CRLF injection. Red Hat rates this important (CVSS 7.5). Weakness: CWE-93. Affected package(s): cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9:1782839494, openshift-service-mesh/kiali-ossmc-rhel9:1782201851, openshift-service-mesh/kiali-ossmc-rhel9:1782231869, cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9:1782839193, cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9:1782839996, cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9:1782839981. Resolved in Red Hat advisory RHSA-2026:33160 — update the affected packages (`sudo dnf update`).
Privilege bypass allows unauthorized file write via subqueries. Red Hat rates this important (CVSS 8.1). Weakness: CWE-266. Affected package(s): mariadb10.11, mariadb11, galera, mariadb:11.8, mariadb11.8, mariadb:10.11. Resolved in Red Hat advisory RHSA-2026:33093 — update the affected packages (`sudo dnf update`).
Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer. Red Hat rates this important (CVSS 8). Weakness: CWE-78. Affected package(s): mariadb10.11, mariadb11, galera, mariadb:11.8, mariadb11.8, mariadb:10.11. Resolved in Red Hat advisory RHSA-2026:33093 — update the affected packages (`sudo dnf update`).
Arbitrary Code Execution via Code Injection. Red Hat rates this important (CVSS 7.5). Weakness: CWE-94. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Authorization bypass in V1 collection-level endpoints. Red Hat rates this important (CVSS 8.1). Weakness: CWE-551. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via malicious Redis array header. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Improper trust manager handling leads to hostname verification bypass. Red Hat rates this important (CVSS 7.5). Weakness: CWE-347. Affected package(s): netty-handler, offline-knowledge-portal/rhokp-rhel9:1782239370. Resolved in Red Hat advisory RHSA-2026:26586 — update the affected packages (`sudo dnf update`).
Unauthorized data manipulation due to improper authorization validation. Red Hat rates this important (CVSS 8.1). Weakness: CWE-266. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.