VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1830 advisories across 32 monitored vendors.
Arbitrary code execution due to improper enforcement of extension allow-list. Red Hat rates this important (CVSS 8.8). Weakness: CWE-88. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via deceptive button in HTML output. Red Hat rates this important (CVSS 8.8). Weakness: CWE-79. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via crafted JSON descriptors. Red Hat rates this important (CVSS 7.5). Weakness: CWE-776. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors. Red Hat rates this important (CVSS 7.1). Weakness: CWE-94. Affected package(s): automation-platform-ui, rhdh/rhdh-hub-rhel9:1781187342, openshift-service-mesh/kiali-ossmc-rhel9:1780997382, ansible-automation-platform, openshift4/ose-console-rhel9:1782224390, openshift-service-mesh/kiali-rhel9:1780997438. Resolved in Red Hat advisory RHSA-2026:34160 — update the affected packages (`sudo dnf update`).
Data integrity impact due to prototype pollution. Red Hat rates this important (CVSS 7.5). Weakness: CWE-915. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary Code Execution via prototype pollution. Red Hat rates this important (CVSS 8.1). Weakness: CWE-94. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via crafted schema. Red Hat rates this important (CVSS 7.5). Weakness: CWE-915. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via uncontrolled recursion in protobuf decoding. Red Hat rates this important (CVSS 7.5). Weakness: CWE-606. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary Code Execution Vulnerability. Red Hat rates this critical (CVSS 8.1). Weakness: CWE-131. Affected package(s): odf4/ocs-client-console-rhel9:1779881302, satellite/iop-gateway-rhel9:1779706797, nginx, odf4/ocs-client-console-rhel9:1779879463, odf4/ocs-client-console-rhel9:1779972138, odf4/odf-console-rhel9:1779952279. Resolved in Red Hat advisory RHSA-2026:19371 — update the affected packages (`sudo dnf update`).
"Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel. Red Hat rates this important (CVSS 7.8). Weakness: CWE-123. Affected package(s): rhcos, kernel-rt, kernel, openshift, kpatch-patch. Resolved in Red Hat advisory RHSA-2026:23470 — update the affected packages (`sudo dnf update`).
Denial of Service via malformed multimodal input or token injection. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1285. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Cross-site scripting via improper HTML escaping of untrusted input. Red Hat rates this important (CVSS 8.1). Weakness: CWE-79. Affected package(s): openshift-service-mesh/kiali-ossmc-rhel9:1782201851, openshift-service-mesh/kiali-ossmc-rhel9:1782231869, nodejs24, nodejs22, openshift-service-mesh/kiali-ossmc-rhel9:1782201894, openshift-service-mesh/kiali-ossmc-rhel9:1782201696. Resolved in Red Hat advisory RHSA-2026:33160 — update the affected packages (`sudo dnf update`).
.NET: infinite loop allows an attacker to cause a denial of service. Red Hat rates this important (CVSS 7.5). Weakness: CWE-835. Affected package(s): dotnet10.0, dotnet9.0, dotnet8.0, dotnet8, dotnet9, dotnet10. Resolved in Red Hat advisory RHSA-2026:21291 — update the affected packages (`sudo dnf update`).
.NET: improper input validation allows an attacker to elevate privileges locally. Red Hat rates this important (CVSS 7.3). Weakness: CWE-20. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
.NET: heap-based buffer overflow allows an attacker to elevate privileges locally. Red Hat rates this important (CVSS 7.3). Weakness: CWE-122. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Sandbox escape in the Profile Backup component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-653. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:26551 — update the affected packages (`sudo dnf update`).
Denial of Service via excessive IMAP bracing. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
SQL/LDAP injection via incorrect safe filter interpretation with variable expansion. Red Hat rates this important (CVSS 7.4). Weakness: CWE-89. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Other issue in the JavaScript Engine component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-475. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:26551 — update the affected packages (`sudo dnf update`).
Use-after-free in the JavaScript: WebAssembly component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.