VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
CVE-2026-0284 PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)
CVE-2026-0285 PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface
CVE-2026-0286 PAN-OS: Authenticated Command Injection in CLI
CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing
PAN-SA-2026-0010 Chromium and Prisma Browser: Monthly Vulnerability Update (July 2026)
Go os.Root: Symlink following vulnerability allows directory traversal. Red Hat rates this important (CVSS 7.8). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:38493 with package golang-0:1.26.5-1.el10_2, buildah-2:1.43.1-4.el10_2, buildah-2:1.43.1-4.el9_8, golang-0:1.26.5-1.el9_8. Affected products named by the advisory: Red Hat Enterprise Linux 1; Red Hat Enterprise Linux 9. Affected products named by the advisory: Assisted Installer for Red Hat OpenShift Container Platform 2; Builds for Red Hat OpenShift; cert-manager Operator for Red Hat OpenShift; Compliance Operator; and 70 more.
Denial of Service via invalid binary POST requests. Red Hat rates this important (CVSS 7.5). Weakness: CWE-772. Red Hat lists fixing advisory RHSA-2026:37577 with package dotnet8-0-main-8.0.128-1.1.hum1. Affected products named by the advisory: Red Hat Hardened Images; Red Hat Enterprise Linux AI (RHEL AI) 3.
Denial of Service via crafted WebTransport session ID. Red Hat rates this important (CVSS 7.5). Weakness: CWE-843. Affected products named by the advisory: Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat Hardened Images.
Denial of Service via malformed tar archive header. Red Hat rates this important (CVSS 7.5). Weakness: CWE-606. Affected products named by the advisory: Confidential Compute Attestation; Cryostat 4; Exploit Intelligence; Migration Toolkit for Containers; and 28 more.
Denial of Service via crafted gzip bomb. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected products named by the advisory: Confidential Compute Attestation; Cryostat 4; Exploit Intelligence; Migration Toolkit for Containers; and 28 more.
Denial of Service via quadratic CPU time parsing with merge keys. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1333. Red Hat lists fixing advisory RHSA-2026:34975 with package nodejs20-main-20.20.2-1.hum1, rust-main-1.96.1-1.hum1. Affected products named by the advisory: Red Hat Hardened Images; Cryostat 4; Gatekeeper 3; Migration Toolkit for Applications 8; and 48 more.
js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11_SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem() to perform a linear duplicate-key scan on every insertion, causing O(n^2) CPU consumption when yaml.load() parses a crafted ordered-map document. This issue is fixed in version 5.2.1. An attacker could exploit this by providing a specially crafted YAML ordered-map document. This could lead to excessive CPU consumption, resulting in a denial of service (DoS) for applications processing the malicious YAML input. This affects yaml.load() calls using that schema. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-770. Affected Red Hat products: Red Hat Hardened Images; Red Hat Discovery 2.
Prevent rehoming resources to nodes with different owner. Red Hat rates this important (CVSS 8.7). Weakness: CWE-1220. Affected products named by the advisory: Red Hat Enterprise Linux; Red Hat OpenShift Container Platform 4; Red Hat OpenStack Platform 16.2; Red Hat OpenStack Platform 17.1; and 1 more.
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
Use-after-free vulnerability during host key re-exchange on the client side. Red Hat rates this important (CVSS 7.7). Weakness: CWE-825. Red Hat lists fixing advisory RHSA-2026:37382 with package openssh-main-10.4p1-1.hum1. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; and 3 more.
glamor Font Atlas Heap Buffer Overflow. Red Hat rates this important (CVSS 7.5). Weakness: CWE-805. Red Hat lists fixing advisory RHSA-2026:38486 with package xorg-x11-server-0:1.20.11-34.el9_8.3, xorg-x11-server-Xwayland-0:21.1.3-20.el8_10.3, xorg-x11-server-Xwayland-0:24.1.9-4.el9_8.3, xorg-x11-server-0:1.20.11-28.el8_10.3. Affected products named by the advisory: Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 1. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7.
BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow. Red Hat rates this important (CVSS 7.3). Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.
PCF Font Parsing Heap Buffer Overflow. Red Hat rates this important (CVSS 7.3). Weakness: CWE-787. Affected product named by the advisory: Red Hat Enterprise Linux.
rfbsrc/librfb Hextile heap out-of-bounds write with 16bpp framebuffer. Red Hat rates this important (CVSS 7.1). Weakness: CWE-787. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; and 1 more.
DTLS certificate Subject DN stack buffer overflow in openssl_verify_callback. Red Hat rates this important (CVSS 7.5). Weakness: CWE-121. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; and 1 more.