VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1151 advisories across 32 monitored vendors.
Information disclosure via timing oracle in HMAC verification. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-208. Affected package(s): nodejs24, nodejs:24. Resolved in Red Hat advisory RHSA-2026:7350 — update the affected packages (`sudo dnf update`).
Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-772. Affected package(s): nodejs24, nodejs:24. Resolved in Red Hat advisory RHSA-2026:7350 — update the affected packages (`sudo dnf update`).
Denial of Service via V8 string hashing mechanism due to predictable hash collisions. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-328. Affected package(s): nodejs20-main, nodejs25-main, nodejs24, nodejs22-main, nodejs:24, nodejs24-main. Resolved in Red Hat advisory RHSA-2026:7350 — update the affected packages (`sudo dnf update`).
Denial of Service via iconv() function with specific character sets. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-617. Affected package(s): rhui5/haproxy-rhel9:1781525671, insights-proxy/insights-proxy-container-rhel9:1780420428, glibc, rhui5/installer-rhel9:1781525693, costmanagement/costmanagement-metrics-rhel9-operator:1780946239, rhui5/cds-rhel9:1781525684. Resolved in Red Hat advisory RHSA-2026:29197 — update the affected packages (`sudo dnf update`).
Denial of Service via malformed Internationalized Domain Name processing. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-168. Affected package(s): nodejs24, nodejs:24. Resolved in Red Hat advisory RHSA-2026:7350 — update the affected packages (`sudo dnf update`).
Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-319. Affected package(s): libsoup, libsoup3. Resolved in Red Hat advisory RHSA-2026:13978 — update the affected packages (`sudo dnf update`).
Processing maliciously crafted web content may bypass Same Origin Policy. Red Hat rates this moderate (CVSS 5.4). Weakness: CWE-346. Affected package(s): webkit2gtk3, webkitgtk4. Resolved in Red Hat advisory RHSA-2026:19206 — update the affected packages (`sudo dnf update`).
Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Red Hat rates this moderate (CVSS 5.4). Weakness: CWE-693. Affected package(s): webkit2gtk3, webkitgtk4. Resolved in Red Hat advisory RHSA-2026:19206 — update the affected packages (`sudo dnf update`).
A maliciously crafted webpage may be able to fingerprint the user. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-497. Affected package(s): webkit2gtk3, webkitgtk4. Resolved in Red Hat advisory RHSA-2026:19206 — update the affected packages (`sudo dnf update`).
A malicious website may be able to access script message handlers intended for other origins. Red Hat rates this important (CVSS 4.3). Weakness: CWE-346. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Visiting a maliciously crafted website may lead to a cross-site scripting attack. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-79. Affected package(s): webkit2gtk3, webkitgtk4. Resolved in Red Hat advisory RHSA-2026:19206 — update the affected packages (`sudo dnf update`).
Unauthorized file access via Git URL fragment subdir components. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-22. Affected package(s): openshift-service-mesh/istio-proxyv2-rhel9:1776240392, multicluster-engine/must-gather-rhel9:1782158798, openshift-service-mesh/istio-proxyv2-rhel9:1776291540, openshift-service-mesh/istio-proxyv2-rhel9:1776315466, oadp/oadp-mustgather-rhel9:1779770049, oadp/oadp-mustgather-rhel9:1779770057. Resolved in Red Hat advisory RHSA-2026:9453 — update the affected packages (`sudo dnf update`).
TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions. Red Hat rates this moderate (CVSS 6.3). Weakness: CWE-279. Affected package(s): tigervnc. Resolved in Red Hat advisory RHSA-2026:24341 — update the affected packages (`sudo dnf update`).
Regular Expression Denial of Service via crafted extglob patterns. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-1333. Affected package(s): cluster-observability-operator/logging-console-plugin-pf4-rhel9:1782839279, cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9:1782839996, cluster-observability-operator/logging-console-plugin-pf5-rhel9:1782840539. Resolved in Red Hat advisory RHSA-2026:34342 — update the affected packages (`sudo dnf update`).
Denial of Service due to infinite loop via boolean XPath expressions. Red Hat rates this moderate (CVSS 6.2). Weakness: CWE-606. Affected package(s): rhosdt/opentelemetry-collector-rhel9:1776185379. Resolved in Red Hat advisory RHSA-2026:9388 — update the affected packages (`sudo dnf update`).
Denial of Service via specially crafted paths with multiple wildcards. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-1333. Affected package(s): rhdh/rhdh-hub-rhel9:1780930740. Resolved in Red Hat advisory RHSA-2026:24841 — update the affected packages (`sudo dnf update`).
Denial of Service via catastrophic backtracking from malformed URL parameters. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-1333. Affected package(s): cluster-observability-operator/logging-console-plugin-pf4-rhel9:1782839279, cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9:1782839996, cluster-observability-operator/logging-console-plugin-pf5-rhel9:1782840539. Resolved in Red Hat advisory RHSA-2026:34342 — update the affected packages (`sudo dnf update`).
GIMP:Memory disclosure and denial of service via specially crafted PCX image. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-193. Affected package(s): gimp, gimp:2.8. Resolved in Red Hat advisory RHSA-2026:17533 — update the affected packages (`sudo dnf update`).
Denial of Service via maliciously crafted TIFF file. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-1285. Affected package(s): golang1. Resolved in Red Hat advisory RHSA-2026:7385 — update the affected packages (`sudo dnf update`).
Security flaw allows arbitrary code execution or system crash. Red Hat rates this moderate (CVSS 6.6). Weakness: CWE-193. Affected package(s): fontconfig-main. Resolved in Red Hat advisory RHSA-2026:13722 — update the affected packages (`sudo dnf update`).