VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
Arbitrary code execution via malicious package-manager lockfile. Red Hat rates this important (CVSS 8.8). Weakness: CWE-502.
Arbitrary code execution via improper handling of config dependencies. Red Hat rates this important (CVSS 7.5). Weakness: CWE-349.
Supply chain compromise via manipulated package source strings. Red Hat rates this important (CVSS 7.5). Weakness: CWE-140.
Group-Admin Escalation to Realm-Admin. Red Hat rates this important (CVSS 7.7). Weakness: CWE-639. Red Hat lists fixing advisory RHSA-2026:30049 with package rhbk/keycloak-operator-bundle:26.4.13-1, rhbk/keycloak-rhel9-operator:26.4-19, rhbk/keycloak-rhel9, rhbk/keycloak-rhel9:26.6-8.
Cross-site scripting (XSS) via case-insensitive URI validation bypass. Red Hat rates this important (CVSS 7.3). Weakness: CWE-79. Red Hat lists fixing advisory RHSA-2026:30049 with package rhbk/keycloak-operator-bundle:26.4.13-1, rhbk/keycloak-rhel9-operator:26.4-19, rhbk/keycloak-rhel9, rhbk/keycloak-rhel9:26.6-8.
Out-of-bounds Write in Spell File Word Count. Red Hat rates this moderate (CVSS 7.3).
Arbitrary code execution via Vimscript code injection in netrw plugin. Red Hat rates this important (CVSS 7.8). Weakness: CWE-94.
Arbitrary code execution via malicious docstrings in Python omni-completion. Red Hat rates this important (CVSS 7.8). Weakness: CWE-94. Red Hat lists fixing advisory RHSA-2026:35387 with package vim-main-9.2.780-1.hum1.
GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an unauthenticated user to execute arbitrary JavaScript in a user's browser session due to improper path validation under certain conditions.
GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code in the context of another user's session, due to improper sanitization of user-supplied input.
A specially crafted SVCB RR can cause a heap overflow of up to 65509 attacker controlled bytes. Red Hat rates this important (CVSS 8). Weakness: CWE-787.
Denial of DNS over TLS service by any DoT client. Red Hat rates this important (CVSS 7.5). Weakness: CWE-617.
Out of bounds stack write with crafted APL RR. Red Hat rates this important (CVSS 8). Weakness: CWE-787.
Fix buffer overflow in SDMA queue checkpoint/restore on GFX11. Red Hat rates this important (CVSS 7). Weakness: CWE-131.
Take the SRCU lock for page table walks in fault injection and AT emulation. Red Hat rates this important (CVSS 7). Weakness: CWE-820.
Clamp XDomain response data copy to allocation size. Red Hat rates this important (CVSS 7). Weakness: CWE-787.
Try to fix change_handle ioctl, attempt 4. Red Hat rates this important (CVSS 7). Weakness: CWE-367.
drain before clearing xarray entry on reparent. Red Hat rates this important (CVSS 7). Weakness: CWE-820.
Add buffer overflow check in MS get_info_ioctl. Red Hat rates this important (CVSS 7). Weakness: CWE-120.