VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
Information disclosure due to prototype pollution vulnerability. Red Hat rates this important (CVSS 7). Weakness: CWE-915. Affected package(s): openshift-service-mesh/kiali-ossmc-rhel9:1782201851, openshift-service-mesh/kiali-ossmc-rhel9:1782231869, openshift4/ose-console-rhel9:1782244020, advanced-cluster-security/rhacs-main-rhel8:1779293013, discovery/discovery-ui-rhel9:1782166952, openshift4/ose-monitoring-plugin-rhel9:1781731914. Resolved in Red Hat advisory RHSA-2026:26234 — update the affected packages (`sudo dnf update`).
Man-in-the-Middle (MITM) attack via Prototype Pollution. Red Hat rates this important (CVSS 8.7). Weakness: CWE-915. Affected package(s): openshift-service-mesh/kiali-ossmc-rhel9:1782201851, openshift-service-mesh/kiali-ossmc-rhel9:1782231869, openshift4/ose-console-rhel9:1782244020, satellite/iop-advisor-frontend-rhel9:1782243376, openshift4/ose-monitoring-plugin-rhel9:1782243791, openshift4/ose-monitoring-plugin-rhel9:1782313844. Resolved in Red Hat advisory RHSA-2026:29864 — update the affected packages (`sudo dnf update`).
Proxy bypass via IPv4-mapped IPv6 address non-normalization. Red Hat rates this important (CVSS 8.6). Weakness: CWE-289. Affected package(s): openshift-service-mesh/kiali-ossmc-rhel9:1782201851, openshift-service-mesh/kiali-ossmc-rhel9:1782231869, openshift4/ose-console-rhel9:1782244020, advanced-cluster-security/rhacs-main-rhel8:1779293013, discovery/discovery-ui-rhel9:1782166952, openshift4/ose-monitoring-plugin-rhel9:1781731914. Resolved in Red Hat advisory RHSA-2026:26234 — update the affected packages (`sudo dnf update`).
Arbitrary file write via path traversal in archive extraction utilities. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via unbounded video frame processing. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary file write via malicious server. Red Hat rates this important (CVSS 7.1). Weakness: CWE-22. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via out-of-bounds heap write in ICON decoder. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via missing memory request check. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Denial of Service via crafted DCM image with invalid dimensions. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1284. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Denial of Service via out-of-bounds write when processing multiple images. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Denial of Service due to excessive resource use in MNG coder. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Denial of Service via crafted MIFF file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-835. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Information Disclosure via Invalid Connected-Components Value. Red Hat rates this important (CVSS 7.1). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service due to resource policy bypass in PSD decoder. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Remote Code Execution via HDR File Parsing Heap-based Buffer Overflow. Red Hat rates this important (CVSS 7.8). Weakness: CWE-131. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via crafted MSL image leading to heap-use-after-free. Red Hat rates this important (CVSS 7.5). Weakness: CWE-825. Affected package(s): ImageMagick. Resolved in Red Hat advisory RHSA-2026:32961 — update the affected packages (`sudo dnf update`).
Cookie attribute manipulation via prototype pollution. Red Hat rates this important (CVSS 7.5). Weakness: CWE-915. Affected package(s): openshift-service-mesh/kiali-ossmc-rhel9:1782231869, openshift-service-mesh/kiali-rhel9:1782201466. Resolved in Red Hat advisory RHSA-2026:33183 — update the affected packages (`sudo dnf update`).
Denial of Service via excessive SCRAM authentication iteration count. Red Hat rates this important (CVSS 7.5). Weakness: CWE-606. Affected package(s): quay/quay-rhel8:1782487717, quay/quay-rhel8:1781878070, quay/quay-rhel8:1781937357. Resolved in Red Hat advisory RHSA-2026:28571 — update the affected packages (`sudo dnf update`).
PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen. Red Hat rates this important (CVSS 7.8). Weakness: CWE-77. Affected package(s): evince. Resolved in Red Hat advisory RHSA-2026:33416 — update the affected packages (`sudo dnf update`).
Race in V8. Red Hat rates this important (CVSS 7.5). Weakness: CWE-843. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.