VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
VDDK Tarball Chained-Symlink Arbitrary File Write. Red Hat rates this important (CVSS 9.6). Weakness: CWE-59. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Type confusion vulnerability in Shared Pointer Handler. Red Hat rates this important (CVSS 7.3). Weakness: CWE-843. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Stored XSS via javascript: URL in Agent Credential Link. Red Hat rates this important (CVSS 7.3). Weakness: CWE-79. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
argument injection in ansible-galaxy role install leads to arbitrary code execution. Red Hat rates this important (CVSS 7.8). Weakness: CWE-88. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary file write leading to remote code execution via crafted ZIP archive (Zip Slip). Red Hat rates this important (CVSS 7.5). Weakness: CWE-22. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Moby/Docker Engine: Arbitrary Code Execution via malicious container image and compressed archive upload. Red Hat rates this important (CVSS 7.5). Weakness: CWE-427. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary Remote Code Execution via exposed API endpoints. Red Hat rates this important (CVSS 9.9). Weakness: CWE-749. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via crafted JSON string. Red Hat rates this important (CVSS 7.5). Weakness: CWE-502. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow. Red Hat rates this important (CVSS 7.6). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
OpenStack oslo.messaging: Man-in-the-middle attack via improper TLS hostname verification. Red Hat rates this important (CVSS 7.4). Weakness: CWE-295. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
HTTP/2 Remote Denial of Service via HPACK compression bomb and Slowloris-style attack. Red Hat rates this important (CVSS 7.5). Weakness: CWE-409. Affected package(s): openshift-service-mesh/istio-proxyv2-rhel9:1781069908, openshift-service-mesh/istio-proxyv2-rhel9:1781070158, openshift-service-mesh/istio-proxyv2-rhel9:1781070967, openshift-service-mesh/proxyv2-rhel9:1781604724, openshift-service-mesh/istio-proxyv2-rhel9:1781094520. Resolved in Red Hat advisory RHSA-2026:26210 — update the affected packages (`sudo dnf update`).
Arbitrary code execution due to overridden trust_remote_code setting. Red Hat rates this important (CVSS 7.7). Weakness: CWE-829. Affected package(s): rhoai/odh-th06-cuda130-torch210-py312-rhel9:1782136276, rhoai/odh-training-rocm62-torch25-py311-rhel9:1782132236, rhoai/odh-th06-cpu-torch210-py312-rhel9:1782135464, rhoai/odh-training-cuda128-torch29-py312-rhel9:1782132240, rhoai/odh-th06-rocm64-torch291-py312-rhel9:1782135346, rhoai/odh-training-cuda124-torch25-py311-rhel9:1782132207. Resolved in Red Hat advisory RHSA-2026:34456 — update the affected packages (`sudo dnf update`).
Sensitive credential exfiltration via environment variable resolution in AI Gateway secrets. Red Hat rates this important (CVSS 7.7). Weakness: CWE-201. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Remote Denial of Service via compression bomb and Slowloris-style attack. Red Hat rates this important (CVSS 7.5). Weakness: CWE-409. Affected package(s): jbcs-httpd24-httpd, mod_http2, jbcs-httpd24-mod_http2, httpd-main, httpd:2.4, openshift-service-mesh/proxyv2-rhel9:1781604724. Resolved in Red Hat advisory RHSA-2026:27200 — update the affected packages (`sudo dnf update`).
Fix IPv6 inner_thoff desync. Red Hat rates this important (CVSS 7.3). Weakness: CWE-823. Affected package(s): kernel. Resolved in Red Hat advisory RHSA-2026:34094 — update the affected packages (`sudo dnf update`).
Insufficient validation of untrusted input in Media. Red Hat rates this important (CVSS 9). Weakness: CWE-1173. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Printing. Red Hat rates this important (CVSS 9). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Inappropriate implementation in V8. Red Hat rates this important (CVSS 9.6). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in FileSystem. Red Hat rates this important (CVSS 9.6). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Out of bounds write in GPU. Red Hat rates this important (CVSS 9.6). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.