VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
Root code execution via DHCP options command injection. Red Hat rates this important (CVSS 7.5). Weakness: CWE-78. Affected package(s): dracut, dracut-main. Resolved in Red Hat advisory RHSA-2026:26713 — update the affected packages (`sudo dnf update`).
Denial of Service via crafted SCTP ERROR chunk. Red Hat rates this important (CVSS 8.2). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Phishing attack via improper redirect URL validation. Red Hat rates this important (CVSS 7.4). Weakness: CWE-601. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via deserialization of attacker-controlled configuration. Red Hat rates this important (CVSS 8.8). Weakness: CWE-502. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Unhardened SAXParser in content-type detection leads to blind XXE / SSRF / billion-laughs DoS. Red Hat rates this important (CVSS 8.5). Weakness: CWE-611. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
SSRF via wsdl4j import dereference in WSDL FULL validation. Red Hat rates this important (CVSS 7.4). Weakness: CWE-918. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
ansible.posix authorized_key: local privilege escalation via symlink-following chown. Red Hat rates this important (CVSS 7.3). Weakness: CWE-59. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
WICD CSR extra-Organization allows privilege escalation to system:masters. Red Hat rates this important (CVSS 8.8). Weakness: CWE-269. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
SSH host key not verified enables credential theft. Red Hat rates this important (CVSS 8.3). Weakness: CWE-295. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
AES-OCB IV Ignored on EVP_Cipher() Path. Red Hat rates this moderate (CVSS 9.1). Weakness: CWE-1204. Affected package(s): insights-proxy/insights-proxy-container-rhel9:1782890503, rhui5/haproxy-rhel9:1781525671, openssl, rhui5/installer-rhel9:1781525693, rhui5/cds-rhel9:1781525684, discovery/discovery-ui-rhel9:1782166952. Resolved in Red Hat advisory RHSA-2026:29197 — update the affected packages (`sudo dnf update`).
Spring for Apache Kafka: Arbitrary code execution via insecure deserialization of crafted header values. Red Hat rates this important (CVSS 8.1). Weakness: CWE-502. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service due to infinite loop when processing specially crafted images.. Red Hat rates this important (CVSS 7.5). Weakness: CWE-835. Affected package(s): discovery/discovery-ui-rhel9:1782756541. Resolved in Red Hat advisory RHSA-2026:33313 — update the affected packages (`sudo dnf update`).
Denial of Service via uncontrolled resource consumption. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): dotnet8, dotnet8.0, dotnet9.0, dotnet9, dotnet10.0, dotnet10. Resolved in Red Hat advisory RHSA-2026:25110 — update the affected packages (`sudo dnf update`).
.NET SDK workload elevate: arbitrary file creation/truncation via LogFile named pipe.. Red Hat rates this important (CVSS 7.8). Weakness: CWE-266. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Cross-Site Scripting via DOM Clobbering. Red Hat rates this important (CVSS 8.1). Weakness: CWE-79. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Excessive memory consumption via deserialization of sparse arrays. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Privilege escalation or information disclosure via writes to higher exception level resources. Red Hat rates this important (CVSS 8.4). Weakness: CWE-266. Affected package(s): kernel. Resolved in Red Hat advisory RHSA-2026:34911 — update the affected packages (`sudo dnf update`).
YAML safe_load production fallback to unsafe_load enables RCE via deserialization. Red Hat rates this important (CVSS 8.8). Weakness: CWE-502. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Buffer overflow in error handling can lead to arbitrary code execution. Red Hat rates this important (CVSS 8.2). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via specially crafted HTTP requests. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.