VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1712 advisories across 32 monitored vendors.
Use after free in Payments. Red Hat rates this important (CVSS 6.6). Weakness: CWE-825.
Denial of Service via malformed VP8 chunk in WebP images. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-1288.
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s, implemented in glances/server.py) does not validate the HTTP Host header, leaving it vulnerable to DNS rebinding attacks. An attacker can exploit DNS rebinding to exfiltrate the full system monitoring dataset from a victim's browser. This vulnerability is fixed in 4.5.5. If a user is tricked into visiting a malicious website, a remote attacker can exploit this flaw to exfiltrate sensitive system monitoring data. Red Hat severity: Moderate — CVSS 5.3 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N). Weakness: CWE-346.
Denial of Service via deeply nested array comparison. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-770. Red Hat lists fixing advisory RHSA-2026:29986 with package jq-main-1.8.2-0.1.hum1.
Heap out-of-bounds write via oversized raw file processing. Red Hat rates this moderate (CVSS 6.6). Weakness: CWE-787. Red Hat lists fixing advisory RHSA-2026:29986 with package jq-main-1.8.2-0.1.hum1.
Denial of Service via integer overflow and buffer overrun on 32-bit systems. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-190. Red Hat lists fixing advisory RHSA-2026:29986 with package jq-main-1.8.2-0.1.hum1.
pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm and pacquet expanded ${ENV_VAR} placeholders from repository-controlled .npmrc and pnpm-workspace.yaml into registry request destinations and registry credentials. A malicious repository could cause dependency resolution to send victim environment secrets to an attacker-selected registry before lifecycle scripts run. This vulnerability is fixed in 10.34.2 and 11.5.3. A malicious repository could exploit this vulnerability by crafting specific .npmrc or pnpm-workspace.yaml files. When these package managers process these files, they improperly expand environment variable placeholders, leading to the disclosure of sensitive victim environment secrets to an attacker-controlled registry. This could result in unauthorized access to confidential information. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N). Weakness: CWE-15. Affected Red Hat products: Red Hat AMQ Broker 7; Red Hat Build of Keycloak; Red Hat JBoss Enterprise Application Platform 8; Red Hat JBoss Enterprise Application Platform Expansion Pack. Red Hat does not currently list a fixing RHSA for this CVE.
pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm can send user-level unscoped npm authentication credentials to a registry chosen by a repository-local .npmrc file. In the reproduced case, the user's npm config contains a default registry and an unscoped _authToken. The repository does not provide a token-bearing auth line. It only sets registry= to a different registry URL. During normal pnpm metadata/install workflows, pnpm binds the user-origin unscoped credential to the repository-selected registry and sends it as an Authorization header. This vulnerability is fixed in 10.34.0 and 11.4.0. During normal pnpm operations, the user's authentication token, intended for their default registry, can be inadvertently sent to a different, potentially malicious, registry. This could lead to the unauthorized disclosure of sensitive authentication tokens. This Moderate impact information disclosure flaw in pnpm allows an attacker to obtain user-level unscoped npm authentication credentials. When a user runs pnpm commands in a repository with a malicious local `.npmrc` file, their authentication token, intended for their default registry, can be redirected to an attacker-controlled registry. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). Weakness: CWE-201.
pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- separator or commit-format validation. For git dependencies fetched through the shallow-fetch path, a malicious lockfile can replace the expected 40-character commit hash with a Git option such as --upload-pack=<command>. For SSH and local transports, --upload-pack can execute the supplied command. HTTPS transports ignore --upload-pack, so the practical attack surface is primarily SSH or local git dependencies. This vulnerability is fixed in 10.34.0 and 11.4.0. An attacker could exploit this vulnerability by providing a malicious lockfile, which could lead to arbitrary code execution. This Moderate severity flaw in pnpm allows for arbitrary code execution. The vulnerability arises from pnpm's improper handling of git dependency commit values from a malicious lockfile, specifically when using SSH or local git transports. Red Hat products utilizing pnpm, such as Konflux, Red Hat Build of Keycloak, Enterprise Application Platform, and Red Hat AMQ, are affected if they process untrusted pnpm-lock.yaml files with SSH or local git dependencies. Red Hat severity: Moderate — CVSS 6.4 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N). Weakness: CWE-78.
pnpm is a package manager. However, plain pnpm install then performs a resolution repair, accepts the registry's new integrity, updates the lockfile, installs the new content, and exits successfully. This means the lockfile integrity check does not act as a hard stop by default. This vulnerability is fixed in 10.34.0 and 11.4.0. This could lead to the installation of unintended or malicious software, compromising the integrity and confidentiality of the system. Red Hat severity: Moderate — CVSS 6.8 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N). Weakness: CWE-494. Affected Red Hat products: Red Hat AMQ Broker 7; Red Hat Build of Keycloak; Red Hat JBoss Enterprise Application Platform 8; Red Hat JBoss Enterprise Application Platform Expansion Pack. Red Hat does not currently list a fixing RHSA for this CVE.
pnpm is a package manager. Prior to 10.34.2 and 11.5.3, Manifest bin object keys such as "", ".", and ".." passed pnpm's bin-name guard. When a malicious package was installed globally, later global remove, update, or add-replacement flows could re-derive those names from the installed manifest and pass path.join(globalBinDir, binName) to removeBin. For "." this targets the global bin directory; for ".." this targets its parent. This vulnerability is fixed in 10.34.2 and 11.5.3. When a malicious package with specially crafted manifest bin object keys (such as "." or "..") is installed globally, subsequent package management operations like removal, update, or replacement could lead to the deletion of critical directories. This requires an attacker to first trick a user into installing a malicious package globally, limiting the immediate exploitability in typical Red Hat deployments. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-22. Affected Red Hat products: Red Hat AMQ Broker 7; Red Hat Build of Keycloak; Red Hat JBoss Enterprise Application Platform 8; Red Hat JBoss Enterprise Application Platform Expansion Pack. Red Hat does not currently list a fixing RHSA for this CVE.
Attacker can re-enable and take over disabled clients via Registration Access Token. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-613. Red Hat lists fixing advisory RHSA-2026:30049 with package rhbk/keycloak-operator-bundle:26.4.13-1, rhbk/keycloak-rhel9-operator:26.4-19, rhbk/keycloak-rhel9, rhbk/keycloak-rhel9:26.6-8.
Information disclosure through arbitrary filesystem path probing. Red Hat rates this moderate (CVSS 4.9). Weakness: CWE-22. Red Hat lists fixing advisory RHSA-2026:30049 with package rhbk/keycloak-operator-bundle:26.4.13-1, rhbk/keycloak-rhel9-operator:26.4-19, rhbk/keycloak-rhel9, rhbk/keycloak-rhel9:26.6-8.
Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded only by the trie structure itself; it is never checked against the size of the fixed MAXWLEN-element stack arrays it indexes (prefix[], arridx[], curi[]). A crafted .spl file, loaded when the user dumps the word list, can drive the descent arbitrarily deep, so the function writes past the end of those arrays. This is a stack out-of-bounds write that corrupts the call frame and crashes the editor. This vulnerability is fixed in 9.2.0662. A remote attacker could exploit this vulnerability by convincing a user to load a specially crafted spell file. This leads to a Denial of Service (DoS), making the editor unavailable to the user. A flaw was found in Vim's spell file handling. The dump_prefixes() function in src/spell.c does not validate the depth of the prefix trie against the size of fixed-size stack arrays, allowing a crafted .spl file to cause a stack out-of-bounds write and crash. Red Hat ships Vim in all RHEL versions and OpenShift CoreOS. Exploitation requires a user to load a malicious spell file and run :spelldump or spelling completion. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H).
Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textprop_T entries that follow. The only check is a floor that guarantees room for a single entry; the count is never checked against the amount of data actually present. A line that declares a large count while carrying little data causes consumers to read far past the end of the line buffer. Such a line can be delivered through a crafted undo file, leading to a crash. This vulnerability is fixed in 9.2.0670. A flaw in Vim allows an attacker to cause a Denial of Service (DoS) via an application crash. If a user opens a maliciously crafted undo file, an out-of-bounds read is triggered in the get_text_props() function due to missing length validation on property counts. Exploitation requires specific user interaction; the vulnerability only triggers when a local user is tricked into opening a specially crafted undo file in Vim. This limits the attack surface to scenarios where untrusted files are intentionally processed Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-125. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 9; Red Hat OpenShift Container Platform 4.
Out-of-bounds Read with libsodium-encrypted Files. Red Hat rates this moderate (CVSS 4.7). Weakness: CWE-125. Red Hat lists fixing advisory RHSA-2026:30267 with package vim-main-9.2.725-1.hum1.
Arbitrary code execution via crafted zip archive entry names. Red Hat rates this moderate (CVSS 5.8). Weakness: CWE-78.
Out-of-bounds Read with Text Properties. Red Hat rates this moderate. Weakness: CWE-125.
Denial of Service via stack out-of-bounds write in spell_soundfold_sofo(). Red Hat rates this moderate (CVSS 4.7). Weakness: CWE-787. Red Hat lists fixing advisory RHSA-2026:30267 with package vim-main-9.2.725-1.hum1.
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Node#do_xinclude replaced each <xi:include> in place, freeing the include node along with its children (such as <xi:fallback> and its descendants) and any namespaces declared on them. If an application had already exposed one of those nodes or namespaces to Ruby, the corresponding Ruby object was left pointing at freed memory. Using the object could result in invalid reads or writes to memory. This vulnerability is fixed in 1.19.4. When performing XInclude substitutions, the library prematurely frees memory associated with nodes and namespaces. If an application has exposed these freed objects to Ruby, a local attacker could potentially trigger invalid reads or writes to memory. This memory corruption could lead to information disclosure or denial of service. Red Hat products ship Nokogiri as a dependency of several components. The impact on Red Hat products is rated Moderate because exploitation requires the application to both perform XInclude substitution and separately retain references to nodes or namespaces within the substituted elements — a combination that is uncommon in typical usage patterns. This vulnerability only affects CRuby; JRuby is not affected.