VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1836 advisories across 32 monitored vendors.
algif_aead - Revert to operating out-of-place. Red Hat rates this important (CVSS 7.8). Weakness: CWE-1288. Affected package(s): kernel, rhcos, kernel-rt, kpatch-patch. Resolved in Red Hat advisory RHSA-2026:13729 — update the affected packages (`sudo dnf update`).
Authentication bypass due to spoofed X-Forwarded-Uri header. Red Hat rates this important (CVSS 8.7). Weakness: CWE-290. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution and secret exfiltration via malicious git commands. Red Hat rates this important (CVSS 8.5). Weakness: CWE-88. Affected package(s): openshift-pipelines/pipelines-rhel9-operator:1780645012, serve-tkn-cli, openshift-builds/openshift-builds-image-processing-rhel9:1778682932, openshift-builds/openshift-builds-image-processing-rhel9:1780373835, openshift-builds/openshift-builds-git-cloner-rhel9:1780374151, openshift-builds/openshift-builds-image-bundler-rhel9:1780373867. Resolved in Red Hat advisory RHSA-2026:24484 — update the affected packages (`sudo dnf update`).
Critical data compromise and loss via SQL injection. Red Hat rates this important (CVSS 8.8). Weakness: CWE-89. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Enhance Path Factories Redux (Oracle CPU 2026-04). Red Hat rates this important (CVSS 7.5). Weakness: CWE-611. Affected package(s): java. Resolved in Red Hat advisory RHSA-2026:11829 — update the affected packages (`sudo dnf update`).
Enhance TLS connection handling (Oracle CPU 2026-04). Red Hat rates this important (CVSS 7.5). Weakness: CWE-835. Affected package(s): java. Resolved in Red Hat advisory RHSA-2026:11829 — update the affected packages (`sudo dnf update`).
Information disclosure via cross-domain redirects. Red Hat rates this important (CVSS 7.5). Weakness: CWE-212. Affected package(s): openshift-service-mesh/kiali-rhel9:1778164042, rhoai/odh-mod-arch-model-registry-rhel9:1780467147, rhoai/odh-mod-arch-gen-ai-rhel9:1778473763, devspaces/openvsx-rhel9:1779528224, rhoai/odh-dashboard-rhel9:1779189627, cryostat/cryostat-openshift-console-plugin-rhel9:4.2.0. Resolved in Red Hat advisory RHSA-2026:13826 — update the affected packages (`sudo dnf update`).
Denial of Service via malformed Markdown input. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-1286. Affected package(s): multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1779925273, multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1780167118, multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1778867753, multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1779579439, rhacm2/acm-grafana-rhel9:1780677003. Resolved in Red Hat advisory RHSA-2026:21769 — update the affected packages (`sudo dnf update`).
Arbitrary file write and deletion via path traversal from a malicious ACME server. Red Hat rates this important (CVSS 8.8). Weakness: CWE-22. Affected package(s): devspaces/traefik-rhel9:1779786779. Resolved in Red Hat advisory RHSA-2026:21772 — update the affected packages (`sudo dnf update`).
Information disclosure of Git API token via user-controlled serverURL. Red Hat rates this moderate (CVSS 7.7). Weakness: CWE-918. Affected package(s): openshift-builds/openshift-builds-webhook-rhel9:1780374084, openshift-builds/openshift-builds-controller-rhel9:1780373846, serve-tkn-cli, openshift-builds/openshift-builds-image-processing-rhel9:1780373835, openshift-builds/openshift-builds-git-cloner-rhel9:1780374151, openshift-builds/openshift-builds-rhel9-operator:1780480839. Resolved in Red Hat advisory RHSA-2026:24484 — update the affected packages (`sudo dnf update`).
Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:10757 — update the affected packages (`sudo dnf update`).
Memory safety bugs fixed in Firefox 150 and Thunderbird 150. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:10757 — update the affected packages (`sudo dnf update`).
Use-after-free in the JavaScript Engine component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-825. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:10757 — update the affected packages (`sudo dnf update`).
Incorrect boundary conditions in the WebRTC component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-131. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:10757 — update the affected packages (`sudo dnf update`).
Incorrect boundary conditions in the WebRTC component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:10757 — update the affected packages (`sudo dnf update`).
Uninitialized memory in the Audio/Video: Web Codecs component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-824. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:10757 — update the affected packages (`sudo dnf update`).
Privilege escalation in the Graphics: WebRender component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-266. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:10757 — update the affected packages (`sudo dnf update`).
Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-824. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:10757 — update the affected packages (`sudo dnf update`).
Use-after-free in the WebRTC component. Red Hat rates this important (CVSS 7.5). Weakness: CWE-825. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:10757 — update the affected packages (`sudo dnf update`).