VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
4070 advisories across 32 monitored vendors.
OIDC email_verified claim incorrectly applied to userinfo email. Red Hat rates this moderate (CVSS 4.8). Weakness: CWE-1288.
Denial of Service via local use-after-free vulnerability. Red Hat rates this low (CVSS 3.3). Weakness: CWE-825.
Denial of Service via heap-based buffer overflow. Red Hat rates this low (CVSS 3.3). Weakness: CWE-131.
Information Disclosure via Weak Hash in Task Result Cache. Red Hat rates this low (CVSS 3.1). Weakness: CWE-328.
Data integrity impact due to incorrect comparison. Red Hat rates this low (CVSS 3.3). Weakness: CWE-839.
Arbitrary code execution via pickle deserialization bypass. Red Hat rates this important (CVSS 8.8). Weakness: CWE-693.
Arbitrary code execution due to incomplete denylist in deserialization. Red Hat rates this important (CVSS 8.8). Weakness: CWE-184.
Arbitrary Code Execution via Untrusted JAR File Loading. Red Hat rates this important (CVSS 7.8). Weakness: CWE-347.
In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In __ip6_append_data(), when the paged-allocation branch is taken (MSG_MORE / NETIF_F_SG / large fraglen), alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen; pagedlen = datalen - transhdrlen; datalen already includes fraggap (datalen = length + fraggap). When fraggap is non-zero, this is not the first skb and transhdrlen is zero. The fraggap bytes carried over from the previous skb are copied just past the fragment headers in the new skb's linear area. The linear area is therefore undersized by fraggap bytes while pagedlen is overstated by the same amount, and the copy writes past skb->end into the trailing skb_shared_info. An unprivileged user can trigger this via a UDPv6 socket using MSG_MORE together with MSG_SPLICE_PAGES. The bad accounting was introduced by commit 773ba4fe9104 ("ipv6: avoid partial copy for zc"). Before commit ce650a166335 ("udp6: Fix __ip6_append_data()'s handling of MSG_SPLICE_PAGES"), the negative copy value caused -EINVAL to be returned. That later commit allowed MSG_SPLICE_PAGES to proceed in this case, making the corruption triggerable. After this adjustment, copy no longer collapses to -fraggap on the paged path, so remove the stale comment describing that old arithmetic.
Fix shadow paging use-after-free due to unexpected role. Red Hat rates this important (CVSS 7.8). Weakness: CWE-825. Red Hat lists fixing advisory RHSA-2026:36957 with package kernel-0:5.14.0-570.127.1.el9_6, kernel-0:6.12.0-211.32.1.el10_2, kernel-0:5.14.0-427.137.1.el9_4, kernel-0:6.12.0-55.88.1.el10_0. Affected products named by the advisory: Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 1; Red Hat Enterprise Linux 8.
Require in-GHCB scratch area if GHCB v2+ is in use. Red Hat rates this important (CVSS 7). Weakness: CWE-787.
Set gc_in_progress to true in unix_gc(). Red Hat rates this moderate (CVSS 7). Weakness: CWE-366.
Denial of Service via uncontrolled memory allocation in decodeFromByteBuffer. Red Hat rates this low (CVSS 5). Weakness: CWE-770. Red Hat lists fixing advisory RHSA-2026:26989 with package rust-main-1.96.1-1.hum1, netavark-main-2.0.0-1.hum1.
Information disclosure via out-of-bounds read. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-125.
Local state issue via 'Count' argument manipulation. Red Hat rates this low (CVSS 3.3). Weakness: CWE-1284.
Denial of Service via uncontrolled memory allocation. Red Hat rates this low (CVSS 3.3). Weakness: CWE-770.
Denial of Service vulnerability via local manipulation of compiler functions. Red Hat rates this low (CVSS 3.3). Weakness: CWE-835.
Denial of Service in UTF-8 Character Handler. Red Hat rates this low (CVSS 3.3). Weakness: CWE-1050.
WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that have a Mobile VPN with IKEv2 configured to use an external LDAP authentication server. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2025.1 up to and including 2026.2.
Incomplete Fix for CVE-2026-8631. Red Hat rates this important (CVSS 9.8). Weakness: CWE-190.