VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1818 advisories across 32 monitored vendors.
Denial of service against AD DC WINS server. Red Hat rates this important (CVSS 7.5). Weakness: CWE-476. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Linux kernel: smb: client: reject userspace cifs.spnego descriptions. Red Hat rates this important (CVSS 7.8). Weakness: CWE-825. Affected package(s): kernel, kernel-rt, rhcos, kpatch-patch. Resolved in Red Hat advisory RHSA-2026:33219 — update the affected packages (`sudo dnf update`).
Double-Free Vulnerability in RAR5 Decompression Logic via dangling filtered_buf pointer in init_unpack(). Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-415. Affected package(s): libarchive-main. Resolved in Red Hat advisory RHSA-2026:30333 — update the affected packages (`sudo dnf update`).
propagate shared-frag marker through frag-transfer helpers. Red Hat rates this important (CVSS 7). Weakness: CWE-664. Affected package(s): rhcos, kernel-rt, kernel, kpatch-patch. Resolved in Red Hat advisory RHSA-2026:23470 — update the affected packages (`sudo dnf update`).
Cross-Site Scripting via HTML parsing bypass. Red Hat rates this important (CVSS 8.1). Weakness: CWE-79. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Privilege escalation via incorrect Punycode label processing. Red Hat rates this important (CVSS 8.2). Weakness: CWE-1289. Affected package(s): rhacm2/observatorium-rhel9:1782157471, rhacm2/prometheus-alertmanager-rhel9:1782156920, cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9:1782840519, rhacm2/thanos-rhel9:1782465412, rhacm2/grafana-dashboard-loader-rhel9:1782383255, rhacm2/acm-prometheus-config-reloader-rhel9:1782157632. Resolved in Red Hat advisory RHSA-2026:35830 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via Cross-Site Scripting. Red Hat rates this important (CVSS 8.1). Weakness: CWE-79. Affected package(s): opentelemetry-collector, cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9:1782839193, cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9:1782839981, cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9:1782840519, cluster-observability-operator/logging-console-plugin-pf5-rhel9:1782840539, cluster-observability-operator/monitoring-console-plugin-rhel9:1782838476. Resolved in Red Hat advisory RHSA-2026:34342 — update the affected packages (`sudo dnf update`).
code execution and denial of service. Red Hat rates this important (CVSS 8.1). Weakness: CWE-122. Affected package(s): nginx, nginx:1.26, nginx-main, nginx:1.24, discovery/discovery-ui-rhel9:1782756541. Resolved in Red Hat advisory RHSA-2026:29874 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via command injection due to unescaped line terminators. Red Hat rates this important (CVSS 8.1). Weakness: CWE-78. Affected package(s): openshift4/ose-console-rhel9:1782308675, cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9:1782839996, cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9:1782839981, openshift-service-mesh/kiali-rhel9:1780916345, cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9:1782840519, quay/quay-rhel8:1781878070. Resolved in Red Hat advisory RHSA-2026:26077 — update the affected packages (`sudo dnf update`).
Remote Code Execution via untrusted JMS configuration. Red Hat rates this important (CVSS 7.5). Weakness: CWE-15. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap: Apache CXF: Information Disclosure via LDAP Injection. Red Hat rates this important (CVSS 7.5). Weakness: CWE-90. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via crafted public key with excessive parameters. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1284. Affected package(s): advanced-cluster-security/rhacs-roxctl-rhel8:1781686458, advanced-cluster-security/rhacs-roxctl-rhel8:1781686446, buildah. Resolved in Red Hat advisory RHSA-2026:29455 — update the affected packages (`sudo dnf update`).
Denial of Service via resource leak from unsolicited SSH responses. Red Hat rates this important (CVSS 7.5). Weakness: CWE-772. Affected package(s): buildah. Resolved in Red Hat advisory RHSA-2026:29455 — update the affected packages (`sudo dnf update`).
Revocation bypass via unchecked SignatureKey. Red Hat rates this important (CVSS 7.4). Weakness: CWE-295. Affected package(s): golang1, advanced-cluster-security/rhacs-main-rhel8:1781686446, advanced-cluster-security/rhacs-main-rhel8:1781686458. Resolved in Red Hat advisory RHSA-2026:23262 — update the affected packages (`sudo dnf update`).
Authorization bypass due to skipped source-address validation. Red Hat rates this important (CVSS 7.1). Weakness: CWE-303. Affected package(s): multicluster-engine/addon-manager-rhel9:1782160196, multicluster-engine/registration-operator-rhel9:1782160210, rhelai3/bootc-azure-cuda-rhel9:1782758410, golang1, multicluster-engine/work-rhel9:1782159773, multicluster-engine/kube-rbac-proxy-mce-rhel9:1782477094. Resolved in Red Hat advisory RHSA-2026:23262 — update the affected packages (`sudo dnf update`).
Denial of Service via crafted SSH certificate. Red Hat rates this important (CVSS 7.5). Weakness: CWE-476. Affected package(s): advanced-cluster-security/rhacs-roxctl-rhel8:1781686458, advanced-cluster-security/rhacs-scanner-v4-rhel8:1781686458, advanced-cluster-security/rhacs-roxctl-rhel8:1781686446, advanced-cluster-security/rhacs-scanner-v4-rhel8:1781686446, advanced-cluster-security/rhacs-main-rhel8:1781686446, advanced-cluster-security/rhacs-main-rhel8:1781686458. Resolved in Red Hat advisory RHSA-2026:26547 — update the affected packages (`sudo dnf update`).
Security bypass due to improper handling of key restrictions. Red Hat rates this important (CVSS 8.7). Weakness: CWE-281. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Unauthorized command execution via discarded SSH permissions. Red Hat rates this important (CVSS 8.8). Weakness: CWE-281. Affected package(s): advanced-cluster-security/rhacs-roxctl-rhel8:1781686458, advanced-cluster-security/rhacs-roxctl-rhel8:1781686446. Resolved in Red Hat advisory RHSA-2026:26547 — update the affected packages (`sudo dnf update`).
Privilege escalation through user role modification. Red Hat rates this important (CVSS 8.8). Weakness: CWE-915. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Privilege escalation via API key generation with insufficient permission validation. Red Hat rates this important (CVSS 8.8). Weakness: CWE-639. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.