VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1802 advisories across 32 monitored vendors.
Denial of Service via crafted MIFF file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-835. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Information Disclosure via Invalid Connected-Components Value. Red Hat rates this important (CVSS 7.1). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service due to resource policy bypass in PSD decoder. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Remote Code Execution via HDR File Parsing Heap-based Buffer Overflow. Red Hat rates this important (CVSS 7.8). Weakness: CWE-131. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via crafted MSL image leading to heap-use-after-free. Red Hat rates this important (CVSS 7.5). Weakness: CWE-825. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Cookie attribute manipulation via prototype pollution. Red Hat rates this important (CVSS 7.5). Weakness: CWE-915. Affected package(s): openshift-service-mesh/kiali-ossmc-rhel9:1782231869, openshift-service-mesh/kiali-rhel9:1782201466. Resolved in Red Hat advisory RHSA-2026:33183 — update the affected packages (`sudo dnf update`).
Denial of Service via excessive SCRAM authentication iteration count. Red Hat rates this important (CVSS 7.5). Weakness: CWE-606. Affected package(s): quay/quay-rhel8:1782487717, quay/quay-rhel8:1781878070, quay/quay-rhel8:1781937357. Resolved in Red Hat advisory RHSA-2026:28571 — update the affected packages (`sudo dnf update`).
PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen. Red Hat rates this important (CVSS 7.8). Weakness: CWE-77. Affected package(s): evince. Resolved in Red Hat advisory RHSA-2026:33416 — update the affected packages (`sudo dnf update`).
Race in V8. Red Hat rates this important (CVSS 7.5). Weakness: CWE-843. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Root code execution via DHCP options command injection. Red Hat rates this important (CVSS 7.5). Weakness: CWE-78. Affected package(s): dracut, dracut-main. Resolved in Red Hat advisory RHSA-2026:26713 — update the affected packages (`sudo dnf update`).
Denial of Service via crafted SCTP ERROR chunk. Red Hat rates this important (CVSS 8.2). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Phishing attack via improper redirect URL validation. Red Hat rates this important (CVSS 7.4). Weakness: CWE-601. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via deserialization of attacker-controlled configuration. Red Hat rates this important (CVSS 8.8). Weakness: CWE-502. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Unhardened SAXParser in content-type detection leads to blind XXE / SSRF / billion-laughs DoS. Red Hat rates this important (CVSS 8.5). Weakness: CWE-611. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
SSRF via wsdl4j import dereference in WSDL FULL validation. Red Hat rates this important (CVSS 7.4). Weakness: CWE-918. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
ansible.posix authorized_key: local privilege escalation via symlink-following chown. Red Hat rates this important (CVSS 7.3). Weakness: CWE-59. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
WICD CSR extra-Organization allows privilege escalation to system:masters. Red Hat rates this important (CVSS 8.8). Weakness: CWE-269. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
SSH host key not verified enables credential theft. Red Hat rates this important (CVSS 8.3). Weakness: CWE-295. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Spring for Apache Kafka: Arbitrary code execution via insecure deserialization of crafted header values. Red Hat rates this important (CVSS 8.1). Weakness: CWE-502. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service due to infinite loop when processing specially crafted images.. Red Hat rates this important (CVSS 7.5). Weakness: CWE-835. Affected package(s): discovery/discovery-ui-rhel9:1782756541. Resolved in Red Hat advisory RHSA-2026:33313 — update the affected packages (`sudo dnf update`).