VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
Apache HTTP Server mod_proxy_ajp: Arbitrary code execution via heap-based buffer overflow. Red Hat rates this important (CVSS 8.1). Weakness: CWE-787. Affected package(s): httpd, httpd:2.4, jbcs-httpd24-httpd. Resolved in Red Hat advisory RHSA-2026:27200 — update the affected packages (`sudo dnf update`).
Cross-Origin Resource Sharing (CORS) bypass via improper Origin header validation. Red Hat rates this important (CVSS 7.1). Weakness: CWE-625. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Authentication bypass allows unauthorized access to TSIG-protected functionalities. Red Hat rates this important (CVSS 7.5). Weakness: CWE-303. Affected package(s): rhacm2/lighthouse-coredns-rhel9:1780204249. Resolved in Red Hat advisory RHSA-2026:25127 — update the affected packages (`sudo dnf update`).
Unauthorized File Access via Path Traversal Vulnerability. Red Hat rates this important (CVSS 7.1). Weakness: CWE-22. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via oversized DNS-over-HTTPS GET requests. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-1284. Affected package(s): rhacm2/lighthouse-agent-rhel9:1780204232, rhacm2/lighthouse-coredns-rhel9:1780204249. Resolved in Red Hat advisory RHSA-2026:25127 — update the affected packages (`sudo dnf update`).
RESTORE invalid memory access may allow remote code execution. Red Hat rates this important (CVSS 8.8). Weakness: CWE-122. Affected package(s): redis, valkey, redis:6, redis:7. Resolved in Red Hat advisory RHSA-2026:26540 — update the affected packages (`sudo dnf update`).
Remote code execution via use-after-free in Lua scripting. Red Hat rates this important (CVSS 8.8). Weakness: CWE-416. Affected package(s): redis:7, valkey. Resolved in Red Hat advisory RHSA-2026:26540 — update the affected packages (`sudo dnf update`).
use-after-free in unblock client flow may allow remote code execution. Red Hat rates this important (CVSS 7.5). Weakness: CWE-416. Affected package(s): redis:7, valkey. Resolved in Red Hat advisory RHSA-2026:26540 — update the affected packages (`sudo dnf update`).
unrestricted OCSP response leads to resource exhaustion. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-770. Affected package(s): mod_md, jbcs-httpd24-httpd, jbcs-httpd24-mod_md. Resolved in Red Hat advisory RHSA-2026:27200 — update the affected packages (`sudo dnf update`).
Denial of Service in JITServer via crafted TCP message. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1286. Affected package(s): java. Resolved in Red Hat advisory RHSA-2026:22328 — update the affected packages (`sudo dnf update`).
URI authority bypass due to improper delimiter handling. Red Hat rates this important (CVSS 7.5). Weakness: CWE-140. Affected package(s): cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9:1782839996, cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9:1782839981, cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9:1782840519, openshift4/ose-monitoring-plugin-rhel9:1782313844, quay/quay-rhel8:1781878070, rhacm2/console-rhel9:1780600823. Resolved in Red Hat advisory RHSA-2026:26234 — update the affected packages (`sudo dnf update`).
Denial of Service via excessive memory allocation. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1285. Affected package(s): libthrift. Resolved in Red Hat advisory RHSA-2026:26586 — update the affected packages (`sudo dnf update`).
Security bypass due to improper certificate validation. Red Hat rates this important (CVSS 7.3). Weakness: CWE-295. Affected package(s): multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1779925273, multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1779212259, multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1780167118, cryostat/cryostat-storage-rhel9:4.2.0, libthrift, rhosdt/tempo-rhel9:1781589494. Resolved in Red Hat advisory RHSA-2026:21769 — update the affected packages (`sudo dnf update`).
Information disclosure via credential forwarding during mold import. Red Hat rates this important (CVSS 7.7). Weakness: CWE-201. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Aura. Red Hat rates this important (CVSS 8.2). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Views. Red Hat rates this important (CVSS 7.7). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Integer overflow in ANGLE. Red Hat rates this important (CVSS 8.8). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Out of bounds read and write in V8. Red Hat rates this important (CVSS 8.8). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Integer overflow in Blink. Red Hat rates this important (CVSS 8.8). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in MediaRecording. Red Hat rates this important (CVSS 8.8). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.