VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
Erlang OTP ssh: Denial of Service via infinite loop in SFTP channel. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-835.
Erlang OTP ssh: Information disclosure via SFTP REALPATH handler. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-204. Red Hat lists fixing advisory RHSA-2026:35998 with package erlang27-main-27.3.4.14-1.hum1.
DPoP verifier accepts malformed proof with private key material. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-358.
Server-Side Request Forgery allows unauthorized internal network access. Red Hat rates this moderate (CVSS 5.8). Weakness: CWE-918.
Request smuggling via re-parsing of Content-Length header. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-444. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
use chan timer to close channels in cleanup_listen(). Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-413.
Unauthenticated data injection during TLS handshake. Red Hat rates this low (CVSS 3.7). Weakness: CWE-924.
Authentication bypass due to improper input neutralization. Red Hat rates this critical (CVSS 9.1). Weakness: CWE-140.
containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image config (LABEL instruction in Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host, via a plugin that consumes container labels for some operations. This issue has been fixed in versions 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10.
Remote code execution via JNDI injection. Red Hat rates this important (CVSS 7.5). Weakness: CWE-502.
SQL Injection vulnerability. Red Hat rates this important (CVSS 7.3). Weakness: CWE-89.
Security bypass via Container Device Interface (CDI) annotation smuggling during checkpoint restoration. Red Hat rates this important (CVSS 8.2). Weakness: CWE-807. Red Hat lists fixing advisory RHSA-2026:36873 with package rhacm2/submariner-rhel9-operator:1782933193, syft-main-1.46.0-0.1.hum1, grype-main-0.115.0-0.1.hum1, trivy-main-0.69.3-1.2.hum1.
Privilege escalation via incorrect user ID handling. Red Hat rates this important (CVSS 7.8). Weakness: CWE-681. Red Hat lists fixing advisory RHSA-2026:35111 with package trivy-main-0.72.0-0.1.hum1.
org.apache.httpcomponents.core5/httpcore5-h2: Apache HttpComponents Core: Denial of Service via oversized HTTP/2 HPACK header blocks. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
org.apache.httpcomponents.core5/httpcore5: Apache HttpComponents Core: Denial of Service via excessive HTTP headers. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
Denial of Service via crafted ALZ file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-120.
Denial of Service via crafted DMG file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-190.
Denial of Service via crafted 7z file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-120.
Denial of Service via crafted PESpin file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-120.
Denial of Service via crafted InstallShield file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.