VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1810 advisories across 32 monitored vendors.
Stored XSS via javascript: URL in Agent Credential Link. Red Hat rates this important (CVSS 7.3). Weakness: CWE-79. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
argument injection in ansible-galaxy role install leads to arbitrary code execution. Red Hat rates this important (CVSS 7.8). Weakness: CWE-88. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary file write leading to remote code execution via crafted ZIP archive (Zip Slip). Red Hat rates this important (CVSS 7.5). Weakness: CWE-22. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Moby/Docker Engine: Arbitrary Code Execution via malicious container image and compressed archive upload. Red Hat rates this important (CVSS 7.5). Weakness: CWE-427. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via crafted JSON string. Red Hat rates this important (CVSS 7.5). Weakness: CWE-502. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow. Red Hat rates this important (CVSS 7.6). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
OpenStack oslo.messaging: Man-in-the-middle attack via improper TLS hostname verification. Red Hat rates this important (CVSS 7.4). Weakness: CWE-295. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
HTTP/2 Remote Denial of Service via HPACK compression bomb and Slowloris-style attack. Red Hat rates this important (CVSS 7.5). Weakness: CWE-409. Affected package(s): openshift-service-mesh/istio-proxyv2-rhel9:1781069908, openshift-service-mesh/istio-proxyv2-rhel9:1781070158, openshift-service-mesh/istio-proxyv2-rhel9:1781070967, openshift-service-mesh/proxyv2-rhel9:1781604724, openshift-service-mesh/istio-proxyv2-rhel9:1781094520. Resolved in Red Hat advisory RHSA-2026:26210 — update the affected packages (`sudo dnf update`).
Arbitrary code execution due to overridden trust_remote_code setting. Red Hat rates this important (CVSS 7.7). Weakness: CWE-829. Affected package(s): rhoai/odh-th06-cuda130-torch210-py312-rhel9:1782136276, rhoai/odh-training-rocm62-torch25-py311-rhel9:1782132236, rhoai/odh-th06-cpu-torch210-py312-rhel9:1782135464, rhoai/odh-training-cuda128-torch29-py312-rhel9:1782132240, rhoai/odh-th06-rocm64-torch291-py312-rhel9:1782135346, rhoai/odh-training-cuda124-torch25-py311-rhel9:1782132207. Resolved in Red Hat advisory RHSA-2026:34456 — update the affected packages (`sudo dnf update`).
Sensitive credential exfiltration via environment variable resolution in AI Gateway secrets. Red Hat rates this important (CVSS 7.7). Weakness: CWE-201. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Remote Denial of Service via compression bomb and Slowloris-style attack. Red Hat rates this important (CVSS 7.5). Weakness: CWE-409. Affected package(s): jbcs-httpd24-httpd, mod_http2, jbcs-httpd24-mod_http2, httpd-main, httpd:2.4, openshift-service-mesh/proxyv2-rhel9:1781604724. Resolved in Red Hat advisory RHSA-2026:27200 — update the affected packages (`sudo dnf update`).
Fix IPv6 inner_thoff desync. Red Hat rates this important (CVSS 7.3). Weakness: CWE-823. Affected package(s): kernel. Resolved in Red Hat advisory RHSA-2026:34094 — update the affected packages (`sudo dnf update`).
golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries. Red Hat rates this important (CVSS 7.5). Weakness: CWE-606. Affected package(s): golang-github-openprinting-ipp-usb, opentelemetry-collector, rhdh/rhdh-rhel9-operator:1782767215. Resolved in Red Hat advisory RHSA-2026:33574 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via untrusted input to CookieJar.load(). Red Hat rates this important (CVSS 7.2). Weakness: CWE-502. Affected package(s): rhoai/odh-training-rocm62-torch25-py311-rhel9:1782132236, rhoai/odh-training-cuda128-torch29-py312-rhel9:1782132240, rhoai/odh-training-cuda121-torch24-py311-rhel9:1780078807, rhoai/odh-training-cuda121-torch24-py311-rhel9:1782132167, rhoai/odh-training-rocm64-torch29-py312-rhel9:1782132297, rhoai/odh-training-cuda128-torch28-py312-rhel9:1782132237. Resolved in Red Hat advisory RHSA-2026:24977 — update the affected packages (`sudo dnf update`).
JIT miscompilation in the JavaScript Engine: JIT component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-733. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Incorrect boundary conditions in the Graphics: Text component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-131. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Remote Code Execution Through HAProxy Configuration Injection. Red Hat rates this important (CVSS 8.8). Weakness: CWE-15. Affected package(s): openshift4/ose-cluster-ingress-rhel9-operator:1780988280, openshift4/ose-cluster-ingress-rhel9-operator:1780962617, openshift4/ose-cluster-ingress-rhel9-operator:1780444348, openshift4/ose-cluster-ingress-rhel9-operator:1780990977, openshift4/ose-cluster-ingress-operator:1781123014, openshift4/ose-cluster-ingress-rhel9-operator:1780043338. Resolved in Red Hat advisory RHSA-2026:28893 — update the affected packages (`sudo dnf update`).
Processing maliciously crafted web content may lead to an unexpected Safari crash. Red Hat rates this important (CVSS 8.8). Weakness: CWE-416. Affected package(s): webkit2gtk3, webkitgtk4. Resolved in Red Hat advisory RHSA-2026:25918 — update the affected packages (`sudo dnf update`).
Processing maliciously crafted web content may lead to an unexpected process crash. Red Hat rates this important (CVSS 8.8). Weakness: CWE-120. Affected package(s): webkit2gtk3, webkitgtk4. Resolved in Red Hat advisory RHSA-2026:25918 — update the affected packages (`sudo dnf update`).
Processing maliciously crafted web content may lead to an unexpected process crash. Red Hat rates this important (CVSS 8.8). Weakness: CWE-416. Affected package(s): webkit2gtk3, webkitgtk4. Resolved in Red Hat advisory RHSA-2026:25918 — update the affected packages (`sudo dnf update`).