VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1828 advisories across 32 monitored vendors.
Denial of Service due to degraded resolution performance in jostle logic. Red Hat rates this important (CVSS 7.5). Weakness: CWE-911. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via excessive EDNS options. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1050. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS). Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): 389-ds-base, 389-ds:1.4, redhat-ds:11, redhat-ds:12, dirsrv/dirsrv-container-rhel10:1781714123. Resolved in Red Hat advisory RHSA-2026:26463 — update the affected packages (`sudo dnf update`).
Username enumeration via timing side channel. Red Hat rates this important (CVSS 8.1). Weakness: CWE-208. Affected package(s): memcached. Resolved in Red Hat advisory RHSA-2026:27862 — update the affected packages (`sudo dnf update`).
Remote memory disclosure via integer overflow in compressed-token decoding. Red Hat rates this important (CVSS 8.1). Weakness: CWE-190. Affected package(s): rsync, discovery/discovery-ui-rhel9:1782166952. Resolved in Red Hat advisory RHSA-2026:26410 — update the affected packages (`sudo dnf update`).
TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.. Red Hat rates this important (CVSS 7.8). Weakness: CWE-367. Affected package(s): rsync, discovery/discovery-ui-rhel9:1782166952. Resolved in Red Hat advisory RHSA-2026:26410 — update the affected packages (`sudo dnf update`).
Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages. Red Hat rates this important (CVSS 7.5). Weakness: CWE-824. Affected package(s): unbound-main, unbound. Resolved in Red Hat advisory RHSA-2026:23231 — update the affected packages (`sudo dnf update`).
Denial of Service and Information Disclosure vulnerability. Red Hat rates this important (CVSS 7.1). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Heap buffer overflow vulnerability in image decoding. Red Hat rates this important (CVSS 7.1). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution or denial of service via crafted HEIF/AVIF file. Red Hat rates this important (CVSS 8.8). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:26551 — update the affected packages (`sudo dnf update`).
Memory safety bugs fixed in Firefox 151. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Same-origin policy bypass in the DOM: Networking component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-79. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use-after-free in the DOM: Bindings (WebIDL) component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-825. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:26551 — update the affected packages (`sudo dnf update`).
Incorrect boundary conditions in the Audio/Video: Web Codecs component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:26551 — update the affected packages (`sudo dnf update`).
Sandbox escape in Firefox and Firefox Focus for Android. Red Hat rates this important (CVSS 7.5). Weakness: CWE-653. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Open redirect when using wildcard valid redirect URIs in Keycloak. Red Hat rates this important (CVSS 8.1). Weakness: CWE-601. Affected package(s): rhbk/keycloak-rhel9-operator, rhbk/keycloak-operator-bundle:26.4.12, rhbk/keycloak-operator-bundle:26.2.16, rhbk/keycloak-rhel9-operator:26.2, rhbk/keycloak-rhel9:26.4, rhbk/keycloak-rhel9:26.2. Resolved in Red Hat advisory RHSA-2026:19594 — update the affected packages (`sudo dnf update`).
Session fixation in OIDC login flow that can lead to account takeover. Red Hat rates this important (CVSS 7.5). Weakness: CWE-290. Affected package(s): rhbk/keycloak-rhel9-operator, rhbk/keycloak-operator-bundle:26.4.12, rhbk/keycloak-operator-bundle:26.2.16, rhbk/keycloak-rhel9-operator:26.2, rhbk/keycloak-rhel9:26.4, rhbk/keycloak-rhel9:26.2. Resolved in Red Hat advisory RHSA-2026:19594 — update the affected packages (`sudo dnf update`).
Access token disclosure and implicit flow bypass via forged client data. Red Hat rates this moderate (CVSS 7.1). Weakness: CWE-472. Affected package(s): rhbk/keycloak-operator-bundle:26.4.12, rhbk/keycloak-rhel9-operator, rhbk/keycloak-rhel9:26.4, rhbk/keycloak-rhel9-operator:26.4. Resolved in Red Hat advisory RHSA-2026:19596 — update the affected packages (`sudo dnf update`).
Denial of Service via specially crafted SAML input. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1286. Affected package(s): rhbk/keycloak-rhel9, rhbk/keycloak-operator-bundle:26.4.12, rhbk/keycloak-operator-bundle:26.2.16, rhbk/keycloak-rhel9-operator:26.2, rhbk/keycloak-rhel9:26.4, rhbk/keycloak-rhel9:26.2. Resolved in Red Hat advisory RHSA-2026:19594 — update the affected packages (`sudo dnf update`).