VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1151 advisories across 32 monitored vendors.
Denial of Service via invalid JSON output. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-241. Affected package(s): log4j-layout-template-json, offline-knowledge-portal/rhokp-rhel9:1779996999. Resolved in Red Hat advisory RHSA-2026:22619 — update the affected packages (`sudo dnf update`).
Invalid XML output causes denial of service in logging. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-168. Affected package(s): log4j-core-test, offline-knowledge-portal/rhokp-rhel9:1779996999, log4j-core. Resolved in Red Hat advisory RHSA-2026:22619 — update the affected packages (`sudo dnf update`).
Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-91. Affected package(s): offline-knowledge-portal/rhokp-rhel9:1779996999. Resolved in Red Hat advisory RHSA-2026:21773 — update the affected packages (`sudo dnf update`).
Log injection via CRLF sequences due to configuration attribute renames. Red Hat rates this moderate (CVSS 5.8). Weakness: CWE-93. Affected package(s): log4j-core-test, offline-knowledge-portal/rhokp-rhel9:1779996999, log4j-core. Resolved in Red Hat advisory RHSA-2026:22619 — update the affected packages (`sudo dnf update`).
Man-in-the-middle attack due to incomplete hostname verification. Red Hat rates this moderate (CVSS 6.8). Weakness: CWE-295. Affected package(s): offline-knowledge-portal/rhokp-rhel9:1779996999. Resolved in Red Hat advisory RHSA-2026:21773 — update the affected packages (`sudo dnf update`).
Denial of Service via malicious IPC API call with null element. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-476. Affected package(s): systemd-main. Resolved in Red Hat advisory RHSA-2026:7299 — update the affected packages (`sudo dnf update`).
systemd nspawn: Escape-to-host action via crafted config file. Red Hat rates this moderate (CVSS 6.4). Weakness: CWE-348. Affected package(s): systemd-main. Resolved in Red Hat advisory RHSA-2026:7299 — update the affected packages (`sudo dnf update`).
udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output. Red Hat rates this moderate (CVSS 6.4). Weakness: CWE-250. Affected package(s): systemd-main. Resolved in Red Hat advisory RHSA-2026:7299 — update the affected packages (`sudo dnf update`).
Local privilege escalation via varlink. Red Hat rates this moderate (CVSS 6.7). Weakness: CWE-266. Affected package(s): systemd-main. Resolved in Red Hat advisory RHSA-2026:7299 — update the affected packages (`sudo dnf update`).
Local unprivileged user can cause Denial of Service. Red Hat rates this moderate (CVSS 4.7). Weakness: CWE-617. Affected package(s): systemd-main. Resolved in Red Hat advisory RHSA-2026:7299 — update the affected packages (`sudo dnf update`).
Files written to unexpected directory via specially crafted Chart. Red Hat rates this moderate (CVSS 4.4). Weakness: CWE-22. Affected package(s): helm-cli, rhacm2/multicloud-integrations-rhel9:1782256081, multicluster-engine/backplane-rhel9-operator:1782476869. Resolved in Red Hat advisory RHSA-2026:26441 — update the affected packages (`sudo dnf update`).
Authentication bypass via client certificate misconfiguration. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-303. Affected package(s): tomcat, jws6-tomcat. Resolved in Red Hat advisory RHSA-2026:20405 — update the affected packages (`sudo dnf update`).
Information disclosure via sensitive data in log files. Red Hat rates this low (CVSS 6.5). Weakness: CWE-538. Affected package(s): tomcat, jws6-tomcat. Resolved in Red Hat advisory RHSA-2026:20405 — update the affected packages (`sudo dnf update`).
Information disclosure due to improper encoding in JsonAccessLogValve. Red Hat rates this low (CVSS 5.4). Weakness: CWE-838. Affected package(s): tomcat, jws6-tomcat. Resolved in Red Hat advisory RHSA-2026:20405 — update the affected packages (`sudo dnf update`).
Authentication bypass due to CLIENT_CERT soft fail misconfiguration. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-303. Affected package(s): tomcat, jws6-tomcat. Resolved in Red Hat advisory RHSA-2026:20405 — update the affected packages (`sudo dnf update`).
Open Redirect vulnerability via LoadBalancerDrainingValve. Red Hat rates this low (CVSS 4.3). Weakness: CWE-601. Affected package(s): tomcat, jws6-tomcat. Resolved in Red Hat advisory RHSA-2026:20405 — update the affected packages (`sudo dnf update`).
HTTP Request/Response Smuggling via invalid chunk extension. Red Hat rates this low (CVSS 4.3). Weakness: CWE-444. Affected package(s): tomcat, jws6-tomcat. Resolved in Red Hat advisory RHSA-2026:20405 — update the affected packages (`sudo dnf update`).
Information disclosure and data corruption via use-after-free vulnerability. Red Hat rates this moderate (CVSS 4.4). Weakness: CWE-825. Affected package(s): libpng-main. Resolved in Red Hat advisory RHSA-2026:13719 — update the affected packages (`sudo dnf update`).
Server-Side Request Forgery via log export functionality. Red Hat rates this important (CVSS 6.5). Weakness: CWE-918. Affected package(s): quay/quay-rhel8:1779811473, quay/quay-rhel8:1779689392, quay/quay-rhel8:1779822261, quay/quay-rhel9:1779204086, quay/quay-rhel8:1779811412, quay/quay-rhel8:1780891395. Resolved in Red Hat advisory RHSA-2026:23361 — update the affected packages (`sudo dnf update`).
Go crypto/x509: Denial of Service via inefficient certificate chain validation. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-1050. Affected package(s): grafana-pcp, skopeo, host-metering, multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1778867753, openshift-service-mesh/kiali-rhel9:1779520708, quay/quay-rhel9:1779922205. Resolved in Red Hat advisory RHSA-2026:10217 — update the affected packages (`sudo dnf update`).