VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
Denial of Service via deeply nested JSON objects. Red Hat rates this important (CVSS 7.5). Weakness: CWE-776.
Arbitrary file write and information disclosure via symlink validation bypass. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22.
Information disclosure via malicious container image environment variables. Red Hat rates this important (CVSS 7.5). Weakness: CWE-914. Red Hat lists fixing advisory RHSA-2026:37123 with package podman-7:5.8.2-4.el10_2, podman-6:5.8.2-4.el9_8, podman-main-6.0.0-1.hum1, container-tools:rhel8-8100020260709093628.afee755d. Affected products named by the advisory: Red Hat Enterprise Linux 1; Red Hat Enterprise Linux 9.
Unsafe URI and Path Handling in HTML Backend. Red Hat rates this important (CVSS 7.1). Weakness: CWE-22.
Information disclosure vulnerability in model quantization engine. Red Hat rates this important (CVSS 7.5). Weakness: CWE-825.
Kerberos pre-authentication bypass via unrecognized PA-DATA. Red Hat rates this important (CVSS 7.3). Weakness: CWE-358.
DisableTLS migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces. Red Hat rates this moderate (CVSS 8.5). Weakness: CWE-306.
Authentication bypass due to TLS hostname handling and unicode dot separator mismatch. Red Hat rates this important (CVSS 7.7). Weakness: CWE-289. Red Hat lists fixing advisory RHSA-2026:39246 with package nodejs20-main-20.20.2-1.hum1, nodejs22-main-22.23.1-1.hum1, nodejs24-main-24.18.0-0.1.hum1, nodejs26-main-26.4.0-1.2.hum1. Affected product named by the advisory: Red Hat Enterprise Linux 1.
Denial of Service via large input to subtle.encrypt(). Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Red Hat lists fixing advisory RHSA-2026:39246 with package nodejs20-main-20.20.2-1.hum1, nodejs22-main-22.23.1-1.hum1, nodejs24-main-24.18.0-0.1.hum1, nodejs26-main-26.4.0-1.2.hum1. Affected product named by the advisory: Red Hat Enterprise Linux 1.
Avoid NULL pointer dereference or refcount corruption. Red Hat rates this important (CVSS 7).
Clean up DMABUFs before disabling function. Red Hat rates this important (CVSS 7). Weakness: CWE-826.
Fix drm_dev_put called before stream disable in close. Red Hat rates this moderate (CVSS 7). Weakness: CWE-825.
fix off-by-one in dlm_match_regions() region comparison. Red Hat rates this important (CVSS 7.1). Weakness: CWE-125.
Use after free in AdFilter. Red Hat rates this important (CVSS 9.6). Weakness: CWE-825.
Package Import Signature Validation Bypass Allows Self-Signed Packages. Red Hat rates this important (CVSS 8.8). Weakness: CWE-347.
Integer overflow in Mojo. Red Hat rates this important (CVSS 8.7). Weakness: CWE-190.
Denial of Service due to unbounded gzip decompression in Alpine APK parsing. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Red Hat lists fixing advisory RHSA-2026:25138 with package cosign-main-3.1.1-0.1.hum1.
Remote Code Execution via NTLM Authentication Stack Buffer Overflow. Red Hat rates this important (CVSS 7.5). Weakness: CWE-120.
Supply chain compromise from unverified dependencies. Red Hat rates this important (CVSS 7.5). Weakness: CWE-494.
Arbitrary code execution due to path traversal in dependency aliases. Red Hat rates this important (CVSS 8). Weakness: CWE-22.