VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
fix potential UAF and double free in smb2_open_file(). Red Hat rates this important (CVSS 7). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Fix peer runtime UAF during format-change stop. Red Hat rates this important (CVSS 7). Weakness: CWE-364. Affected package(s): kernel, kernel-rt. Resolved in Red Hat advisory RHSA-2026:27354 — update the affected packages (`sudo dnf update`).
authencesn - reject short ahash digests during instance creation. Red Hat rates this important (CVSS 7). Weakness: CWE-1284. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Fix potential UAF after skb_unshare() failure. Red Hat rates this important (CVSS 7). Weakness: CWE-825. Affected package(s): kernel. Resolved in Red Hat advisory RHSA-2026:34911 — update the affected packages (`sudo dnf update`).
fix overlayfs mmap() and mprotect() access checks. Red Hat rates this important (CVSS 7). Weakness: CWE-280. Affected package(s): kernel, kernel-rt. Resolved in Red Hat advisory RHSA-2026:30848 — update the affected packages (`sudo dnf update`).
Fix workqueue list corruption by removing work_list. Red Hat rates this important (CVSS 7). Weakness: CWE-1341. Affected package(s): kernel. Resolved in Red Hat advisory RHSA-2026:30129 — update the affected packages (`sudo dnf update`).
Fix double free in rxe_srq_from_init. Red Hat rates this important (CVSS 7). Affected package(s): kernel, kernel-rt. Resolved in Red Hat advisory RHSA-2026:25120 — update the affected packages (`sudo dnf update`).
fix potential UAF in SSP passkey handlers. Red Hat rates this moderate (CVSS 7.1). Weakness: CWE-413. Affected package(s): kernel, kernel-rt. Resolved in Red Hat advisory RHSA-2026:27288 — update the affected packages (`sudo dnf update`).
Remote Code Execution in printing subsystem via unescaped job description. Red Hat rates this important (CVSS 9). Weakness: CWE-78. Affected package(s): samba. Resolved in Red Hat advisory RHSA-2026:28057 — update the affected packages (`sudo dnf update`).
KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability. Red Hat rates this important (CVSS 9.9). Weakness: CWE-59. Affected package(s): container-native-virtualization/virt-handler:1779375376, container-native-virtualization/virt-handler-rhel9:1779288737, container-native-virtualization/virt-handler-rhel9:1779174925, container-native-virtualization/virt-handler-rhel9:1779289071, container-native-virtualization/virt-handler-rhel9:1779420069, container-native-virtualization/virt-handler-rhel9:1778859977. Resolved in Red Hat advisory RHSA-2026:20866 — update the affected packages (`sudo dnf update`).
Remote Code Execution in SAMR. Red Hat rates this important (CVSS 9). Weakness: CWE-78. Affected package(s): samba, rhcos. Resolved in Red Hat advisory RHSA-2026:29863 — update the affected packages (`sudo dnf update`).
Remote Code Execution via Server-Side Template Injection. Red Hat rates this important (CVSS 7.5). Weakness: CWE-917. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Stack-based buffer overflow in libsolv EdDSA PGP signature verification allows denial of service. Red Hat rates this important (CVSS 7.5). Weakness: CWE-121. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data. Red Hat rates this moderate (CVSS 7.8). Weakness: CWE-787. Affected package(s): libsolv, libsolv-main. Resolved in Red Hat advisory RHSA-2026:28236 — update the affected packages (`sudo dnf update`).
Remote code execution via heap-buffer-overflow in gdi_CacheToSurface. Red Hat rates this important (CVSS 8.8). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via crafted tar header with large entry size. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Path traversal via crafted symlinks allows arbitrary file access. Red Hat rates this important (CVSS 8.2). Weakness: CWE-22. Affected package(s): perl:5.32, perl-Archive-Tar. Resolved in Red Hat advisory RHSA-2026:30852 — update the affected packages (`sudo dnf update`).
Denial of service against AD DC WINS server. Red Hat rates this important (CVSS 7.5). Weakness: CWE-476. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Linux kernel: smb: client: reject userspace cifs.spnego descriptions. Red Hat rates this important (CVSS 7.8). Weakness: CWE-825. Affected package(s): kernel, kernel-rt, rhcos, kpatch-patch. Resolved in Red Hat advisory RHSA-2026:33219 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via unauthorized multipart upload access. Red Hat rates this critical (CVSS 9). Weakness: CWE-1220. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.