VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
478 advisories across 32 monitored vendors.
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, when no_auth_user was configured, a parser fast path intended for ordinary client connections could also apply to route or leafnode listeners, allowing an unauthenticated peer to bypass inter-server CONNECT authentication and operate with the privileges associated with that connection type. This issue is fixed in versions 2.14.0, 2.12.7, and 2.11.16. A flaw was found in NATS Server. This allows an unauthenticated attacker on an adjacent network to bypass inter-server authentication. Consequently, the attacker can operate with the privileges of a trusted connection, leading to a high impact on data integrity. Red Hat severity: Important — CVSS 8.8 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L). Weakness: CWE-551. Red Hat lists Red Hat Hardened Images as not affected.
Denial of Service via unbounded decompression of HTTP response bodies. Red Hat rates this important (CVSS 7.5). Weakness: CWE-409. Affected products named by the advisory: Migration Toolkit for Applications 8; Red Hat Ansible Automation Platform 2; Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; and 3 more.
Directory traversal via crafted skill archive upload. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22. Affected products named by the advisory: Red Hat Enterprise Linux; Exploit Intelligence; Lightspeed Core; Red Hat Ansible Automation Platform 2; and 1 more.
Arbitrary code execution and information disclosure via custom code guardrails. Red Hat rates this important (CVSS 7.2). Weakness: CWE-94. Affected products named by the advisory: Red Hat Enterprise Linux; Exploit Intelligence; Lightspeed Core; Red Hat Ansible Automation Platform 2; and 1 more.
HashiCorp memberlist: Denial of Service via push/pull state handling. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected products named by the advisory: Logging Subsystem for Red Hat OpenShift; Multicluster Global Hub; Red Hat Advanced Cluster Management for Kubernetes 2; Red Hat Ansible Automation Platform 2; and 6 more.
@opentelemetry/propagator-jaeger: OpenTelemetry JavaScript: Denial of Service via malformed HTTP header decoding. Red Hat rates this important (CVSS 7.5). Weakness: CWE-248. Affected products named by the advisory: Red Hat Enterprise Linux; OpenShift Serverless; Red Hat Developer Hub; Self-service automation portal 2.
On July 15, 2026, the Cisco Product Security Incident Response Team (PSIRT) will publish advisories to disclose security vulnerability information along with fixed software releases for the following Cisco products: Identity Services Engine (ISE) RoomOS To fully remediate vulnerabilities to be disclosed on July 15, 2026, Cisco strongly recommends that customers upgrade to the fixed software indicated in the advisories. For more information about changes in Cisco PSIRT vulnerability disclosure, see Strengthening the Foundation: A Predictable, Customer Focused Response to AI-Accelerated Vulne… Affected products named by the advisory: Identity Services Engine Software; RoomOS Software.
CVE-2026-0277 Prisma Access Agent: Improper Certificate Validation on iOS
CVE-2026-0286 PAN-OS: Authenticated Command Injection in CLI
CVE-2026-0278 Prisma Access Agent: Multiple DLP Policy Bypass Vulnerabilities on Windows
PAN-SA-2026-0010 Chromium and Prisma Browser: Monthly Vulnerability Update (July 2026)
CVE-2026-0285 PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface
CVE-2026-0283 PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)
CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing
CVE-2026-0284 PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)
Go os.Root: Symlink following vulnerability allows directory traversal. Red Hat rates this important (CVSS 7.8). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:38493 with package golang-0:1.26.5-1.el10_2, buildah-2:1.43.1-4.el10_2, buildah-2:1.43.1-4.el9_8, golang-0:1.26.5-1.el9_8. Affected products named by the advisory: Red Hat Enterprise Linux 1; Red Hat Enterprise Linux 9. Affected products named by the advisory: Assisted Installer for Red Hat OpenShift Container Platform 2; Builds for Red Hat OpenShift; cert-manager Operator for Red Hat OpenShift; Compliance Operator; and 70 more.
Denial of Service via invalid binary POST requests. Red Hat rates this important (CVSS 7.5). Weakness: CWE-772. Red Hat lists fixing advisory RHSA-2026:37577 with package dotnet8-0-main-8.0.128-1.1.hum1. Affected products named by the advisory: Red Hat Hardened Images; Red Hat Enterprise Linux AI (RHEL AI) 3.
Denial of Service via crafted WebTransport session ID. Red Hat rates this important (CVSS 7.5). Weakness: CWE-843. Affected products named by the advisory: Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat Hardened Images.
Denial of Service via malformed tar archive header. Red Hat rates this important (CVSS 7.5). Weakness: CWE-606. Affected products named by the advisory: Confidential Compute Attestation; Cryostat 4; Exploit Intelligence; Migration Toolkit for Containers; and 28 more.
Denial of Service via crafted gzip bomb. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected products named by the advisory: Confidential Compute Attestation; Cryostat 4; Exploit Intelligence; Migration Toolkit for Containers; and 28 more.