VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
SIG(0) validation during query flood may lead to undefined behavior. Red Hat rates this important (CVSS 7.5). Weakness: CWE-367. Affected package(s): bind-main. Resolved in Red Hat advisory RHSA-2026:7412 — update the affected packages (`sudo dnf update`).
Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation. Red Hat rates this important (CVSS 7.4). Weakness: CWE-825. Affected package(s): bind-main. Resolved in Red Hat advisory RHSA-2026:7412 — update the affected packages (`sudo dnf update`).
reset op_nents when zerocopy page pin fails. Red Hat rates this important (CVSS 7). Weakness: CWE-1341. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
reserve mac_len headroom when recompressed SRH grows. Red Hat rates this important (CVSS 7.5). Weakness: CWE-131. Affected package(s): kernel, kernel-rt. Resolved in Red Hat advisory RHSA-2026:34094 — update the affected packages (`sudo dnf update`).
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data. A flaw was found in HP Linux Imaging and Printing Software (HPLIP). An integer overflow in the hpcups processing path when handling crafted print data may lead to arbitrary code execution or privilege escalation on the affected system. HPLIP's hpcups component is vulnerable to integer overflow when processing crafted print data. A remote attacker who can submit print job content to the hpcups filter path may achieve arbitrary code execution or privilege escalation on systems using HPLIP for printing. Red Hat severity: Important — CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Weakness: CWE-190. Fixed by RHSA-2026:26228, RHSA-2026:26335, RHSA-2026:26297 — update the affected packages (`sudo dnf update`). Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6.
Privilege escalation and arbitrary code execution via operating system command injection. Red Hat rates this important (CVSS 7.8). Weakness: CWE-78. Affected package(s): hplip. Resolved in Red Hat advisory RHSA-2026:26297 — update the affected packages (`sudo dnf update`).
Unbound DNSSEC Validator Use-After-Free via Deep Copy Pointer Overwrite Leading to DoS and Possible Remote Code Execution. Red Hat rates this important (CVSS 8.1). Weakness: CWE-416. Affected package(s): unbound-main, unbound. Resolved in Red Hat advisory RHSA-2026:23231 — update the affected packages (`sudo dnf update`).
Heap overflow and crash with multiple nsid, cookie, padding EDNS options. Red Hat rates this important (CVSS 7.5). Affected package(s): unbound-main, unbound. Resolved in Red Hat advisory RHSA-2026:23231 — update the affected packages (`sudo dnf update`).
Denial of Service due to excessive resource consumption with large DNS Resource Record Sets. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1050. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service due to degraded resolution performance in jostle logic. Red Hat rates this important (CVSS 7.5). Weakness: CWE-911. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via excessive EDNS options. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1050. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS). Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): 389-ds-base, 389-ds:1.4, redhat-ds:11, redhat-ds:12, dirsrv/dirsrv-container-rhel10:1781714123. Resolved in Red Hat advisory RHSA-2026:26463 — update the affected packages (`sudo dnf update`).
Username enumeration via timing side channel. Red Hat rates this important (CVSS 8.1). Weakness: CWE-208. Affected package(s): memcached. Resolved in Red Hat advisory RHSA-2026:27862 — update the affected packages (`sudo dnf update`).
Remote memory disclosure via integer overflow in compressed-token decoding. Red Hat rates this important (CVSS 8.1). Weakness: CWE-190. Affected package(s): rsync, discovery/discovery-ui-rhel9:1782166952. Resolved in Red Hat advisory RHSA-2026:26410 — update the affected packages (`sudo dnf update`).
TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.. Red Hat rates this important (CVSS 7.8). Weakness: CWE-367. Affected package(s): rsync, discovery/discovery-ui-rhel9:1782166952. Resolved in Red Hat advisory RHSA-2026:26410 — update the affected packages (`sudo dnf update`).
Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages. Red Hat rates this important (CVSS 7.5). Weakness: CWE-824. Affected package(s): unbound-main, unbound. Resolved in Red Hat advisory RHSA-2026:23231 — update the affected packages (`sudo dnf update`).
Remote Code Execution via header injection due to missing inbound filtering. Red Hat rates this critical (CVSS 9.8). Weakness: CWE-791. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary Code Execution via Improper Origin Validation. Red Hat rates this critical (CVSS 9.6). Weakness: CWE-940. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in XR. Red Hat rates this important (CVSS 9.6). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in WebRTC. Red Hat rates this important (CVSS 9.6). No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.