VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
Host-root command execution via unvalidated image config labels in CRI plugin. Red Hat rates this important (CVSS 8.8). Weakness: CWE-78. Red Hat lists fixing advisory RHSA-2026:37252 with package rhacm2/submariner-rhel9-operator:1782933193, multicluster-engine/assisted-service-8-rhel8:1783332008, trivy-main-0.72.0-0.1.hum1, multicluster-engine/assisted-service-9-rhel9:1783350355.
fix UAF due to unlocked ->mnt_ns read in may_decode_fh(). Red Hat rates this moderate (CVSS 7). Weakness: CWE-364.
Mitigate TLBI errata on various Arm CPUs. Red Hat rates this moderate (CVSS 7). Weakness: CWE-1037.
clear i_sends on setup unwind. Red Hat rates this moderate (CVSS 7). Weakness: CWE-825.
Heap corruption and Denial of Service via integer overflow in JSON parsing. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787.
Heap corruption via crafted JSON object key. Red Hat rates this important (CVSS 7.5). Weakness: CWE-131.
Use-After-Free in Oj::Doc Iterators via reentrant close. Red Hat rates this important (CVSS 7.8). Weakness: CWE-364.
Heap buffer overflow in exception serialization. Red Hat rates this important (CVSS 7.8). Weakness: CWE-787.
Denial of Service via deeply nested JSON input. Red Hat rates this important (CVSS 7.5). Weakness: CWE-120.
Remote code execution via deserialization vulnerability. Red Hat rates this important (CVSS 7.5). Weakness: CWE-502.
Arbitrary code execution through AppImage library loading vulnerability. Red Hat rates this important (CVSS 7.3). Weakness: CWE-427.
Denial of Service via malformed Wi-Fi 7 Multi-Link Operation association request. Red Hat rates this moderate (CVSS 7.1). Weakness: CWE-787.
Denial of Service via inefficient HTTP body processing. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-1046.
Unauthorized broker instantiation via improper input validation in LDAP entries. Red Hat rates this important (CVSS 7.6). Weakness: CWE-90.
Denial of Service via improper input validation in STOMP connector. Red Hat rates this important (CVSS 7.5). Weakness: CWE-839.
Denial of Service via crafted WireFormatInfo frame. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
Denial of Service via repeated BrokerInfo commands. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec. Red Hat rates this important (CVSS 7.5). Weakness: CWE-789.
Information disclosure due to broken temporary destination isolation. Red Hat rates this important (CVSS 8.2). Weakness: CWE-1220.
Denial of Service due to exponential-time complexity. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1333. Red Hat lists fixing advisory RHSA-2026:35272 with package dotnet8-0-main-8.0.128-1.1.hum1, nodejs26-main-26.4.0-1.3.hum1, nodejs22-main-22.23.1-2.hum1, nodejs24-main-24.18.0-0.2.hum1.