VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1836 advisories across 32 monitored vendors.
Heap-based buffer overflow via crafted PixarLog-compressed TIFF image. Red Hat rates this important (CVSS 7.3). Weakness: CWE-122. Affected package(s): libtiff-main. Resolved in Red Hat advisory RHSA-2026:34890 — update the affected packages (`sudo dnf update`).
Denial of Service via decompression bomb in FITS image processing. Red Hat rates this important (CVSS 7.5). Weakness: CWE-409. Affected package(s): ansible-automation-platform, rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9:1778263054, rhelai3/bootc-rocm-rhel9:1778666124, rhaiis/vllm-rocm-rhel9:1778244531, rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9:1778677734, rhaiis/vllm-cuda-rhel9:1778274666. Resolved in Red Hat advisory RHSA-2026:23361 — update the affected packages (`sudo dnf update`).
command injection via malicious Perforce source reference/url. Red Hat rates this important (CVSS 8.8). Weakness: CWE-78. Affected package(s): composer-main. Resolved in Red Hat advisory RHSA-2026:8165 — update the affected packages (`sudo dnf update`).
command injection via malicious Perforce repository definition. Red Hat rates this important (CVSS 7.8). Weakness: CWE-78. Affected package(s): composer-main. Resolved in Red Hat advisory RHSA-2026:8165 — update the affected packages (`sudo dnf update`).
sensitive COS SecretKey exposed in plaintext via configuration API due to missing type protection. Red Hat rates this important (CVSS 7.5). Weakness: CWE-201. Affected package(s): multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1779925273. Resolved in Red Hat advisory RHSA-2026:24503 — update the affected packages (`sudo dnf update`).
Arbitrary code execution or denial of service via buffer overflow in GIF image processing. Red Hat rates this important (CVSS 7.3). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
@fastify/reply-from: @fastify/http-proxy: Fastify Reply From and HTTP Proxy: Security bypass via Connection header manipulation. Red Hat rates this important (CVSS 7.4). Weakness: CWE-444. Affected package(s): devspaces/dashboard-rhel9:1776795511. Resolved in Red Hat advisory RHSA-2026:10175 — update the affected packages (`sudo dnf update`).
unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): eap8-bouncycastle, bcpg-jdk18on, bcpg-fips, bcpg-jdk15on. Resolved in Red Hat advisory RHSA-2026:18054 — update the affected packages (`sudo dnf update`).
PKIX draft CompositeVerifier accepts empty signature sequence as valid. Red Hat rates this important (CVSS 7.5). Weakness: CWE-347. Affected package(s): eap8-bouncycastle, devspaces/openvsx-rhel9:1779528224, eap8-guava-failureaccess, eap8-activemq-artemis, eap8-netty-transport-native-epoll, eap8-reactivex-rxjava. Resolved in Red Hat advisory RHSA-2026:14276 — update the affected packages (`sudo dnf update`).
private key leakage via non-constant time comparisons. Red Hat rates this important (CVSS 7.5). Weakness: CWE-385. Affected package(s): eap8-bouncycastle, bcprov-jdk12, eap7-bouncycastle. Resolved in Red Hat advisory RHSA-2026:18054 — update the affected packages (`sudo dnf update`).
GOSTCTR implementation unable to process more than 255 blocks correctly. Red Hat rates this important (CVSS 7.5). Weakness: CWE-327. Affected package(s): bcprov-jdk15to18, eap8-bouncycastle, devspaces/openvsx-rhel9:1779528224, bcprov-ext-jdk15on, bcprov-ext-jdk18on, devspaces/pluginregistry-rhel9:1779359423. Resolved in Red Hat advisory RHSA-2026:14276 — update the affected packages (`sudo dnf update`).
Schema validation bypass via malformed Content-Type header. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1289. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in XR. Red Hat rates this important (CVSS 8.8). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in CSS. Red Hat rates this important (CVSS 8.8). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Out of bounds write in GPU. Red Hat rates this important (CVSS 8). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Video. Red Hat rates this important (CVSS 8.8). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Proxy. Red Hat rates this important (CVSS 8.3). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Heap buffer overflow in Skia. Red Hat rates this important (CVSS 7.4). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Type Confusion in Turbofan. Red Hat rates this important (CVSS 8.8). Weakness: CWE-843. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Heap buffer overflow in PDFium. Red Hat rates this important (CVSS 8.8). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.