VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
4116 advisories across 32 monitored vendors.
Command Injection vulnerability in the JavaDoc hover provider of the vscode-java extension. Red Hat rates this important (CVSS 8.8). Weakness: CWE-88. Red Hat lists fixing advisory RHSA-2026:36820 with package devspaces/pluginregistry-rhel9:1782989367.
Improper Authorization Allows Security Constraint Bypass. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-551. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Replay attack via improper authentication in EncryptionInterceptor. Red Hat rates this moderate (CVSS 4.2). Weakness: CWE-294. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Incorrect control flow in rewrite valve allows unexpected rule processing. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-358. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Cross-Site Scripting vulnerability in number guess example. Red Hat rates this moderate (CVSS 5.4). Weakness: CWE-79. Red Hat lists fixing advisory RHSA-2026:32960 with package tomcat11-main-11.0.23-0.1.hum1.
Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path (/tmp/claude/response.md) without UID isolation, randomness, or symlink protection. The file was created world-readable (0644) in a world-traversable directory (0755), allowing any local user to read a privileged user's Claude response, which could contain secrets or credentials. Additionally, because the path was static and predictable, a local attacker could pre-create the directory and plant a symlink at the expected file path, causing the privileged process to follow the symlink and overwrite an attacker-chosen file with the response text. Exploiting this required a local unprivileged user on the same system and a privileged user to run the /copy command. This vulnerability is fixed in 2.1.128. This allowed a local unprivileged user to read sensitive information from a privileged user's Claude response, potentially containing secrets or credentials. Red Hat rates this Moderate with a CVSS score of 6.8, higher than NIST's 6.1. The difference is in the confidentiality and integrity metrics. Claude Code responses might contain secrets, API keys, credentials, and code, which is why Red Hat scores confidentiality as High rather than Low.
Arbitrary code execution in xmlcatalog utility via buffer overflow. Red Hat rates this moderate (CVSS 4.8). Weakness: CWE-120. Red Hat lists fixing advisory RHSA-2026:33840 with package libxml2-main-2.15.3-0.1.1.hum1.
TOCTOU Symlink Traversal via getfacl/setfacl. Red Hat rates this moderate (CVSS 6.3). Weakness: CWE-367. Red Hat lists fixing advisory RHSA-2026:34351 with package acl-main-2.4.0-0.1.hum1.
Symlink Traversal Privilege Escalation via getfattr and setfattr. Red Hat rates this moderate (CVSS 6.3). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:34889 with package attr-main-2.6.0-9.1.hum1.
Arbitrary file overwrite via insecure temporary file handling in gzexe utility. Red Hat rates this moderate (CVSS 6). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:33771 with package gzip-main-1.14-2.2.hum1.
Fix broken error propagation in agp_amd64_probe(). Red Hat rates this low (CVSS 5.5). Weakness: CWE-476.
Misleading security logs due to incorrect control flow. Red Hat rates this low (CVSS 2.3). Weakness: CWE-778. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Error condition not handled when configuring CRLs. Red Hat rates this low (CVSS 3.7). Weakness: CWE-390. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Denial of service via heap-based buffer overflow in Bitcode File Handler. Red Hat rates this low (CVSS 3.3). Weakness: CWE-805. Red Hat lists fixing advisory RHSA-2026:7634 with package llvm21-main-21.1.8-6.hum1, llvm-main-21.1.8-1.1.hum1.
Denial of Service via stack-based buffer overflow in StringMap::insert. Red Hat rates this low (CVSS 3.3). Weakness: CWE-120. Red Hat lists fixing advisory RHSA-2026:7634 with package llvm21-main-21.1.8-6.hum1, llvm-main-21.1.8-1.1.hum1.
Remote code injection vulnerability. Red Hat rates this important (CVSS 7.3). Weakness: CWE-94.
Memory corruption via crafted Photo CD (PCD) file. Red Hat rates this important (CVSS 8.1). Weakness: CWE-787.
libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation num_attrs * sizeof(libssh2_publickey_attribute) without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious SSH server can then drive the attribute-parsing loop to write past the allocation, causing a heap buffer overflow in a connecting libssh2 client. A flaw in libssh2 allows a malicious SSH server to trigger a memory overflow by sending a manipulated attribute count. This can cause the connecting client to crash or allow unauthorized code execution. By manipulating the publickey-subsystem response, an attacker could cause an integer overflow, potentially leading to denial of service or arbitrary code execution on Red Hat systems using libssh2 to establish SSH connections. Note: Red Hat Enterprise Linux (RHEL) 8 and newer are not affected by this flaw, as they do not ship the libssh2 package. Red Hat severity: Moderate — CVSS 7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H). Weakness: CWE-787. Affected Red Hat products: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Hardened Images. Will not fix / out of support: Red Hat Enterprise Linux 6. Red Hat does not currently list a fixing RHSA for this CVE.
Memory corruption via crafted RASC video stream. Red Hat rates this important (CVSS 7.6). Weakness: CWE-787.
A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. This could allow unauthorized access to sensitive files and directories on the system. Successful exploitation requires a specific scenario where an application using ANTLR4 is configured to accept and parse untrusted, attacker-supplied grammar files containing a manipulated tokenVocab option. Red Hat severity: Moderate — CVSS 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). Weakness: CWE-22. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.