VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
Use after free in MediaRecording. Red Hat rates this important (CVSS 8.8). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in PresentationAPI. Red Hat rates this important (CVSS 8.8). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Insufficient policy enforcement in DevTools. Red Hat rates this important (CVSS 7.3). Weakness: CWE-266. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Insufficient data validation in InterestGroups. Red Hat rates this important (CVSS 8.2). Weakness: CWE-501. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Aura. Red Hat rates this important (CVSS 8). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Chromoting. Red Hat rates this important (CVSS 8.2). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Integer overflow in GPU. Red Hat rates this important (CVSS 8). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Type Confusion in Runtime. Red Hat rates this important (CVSS 8.8). Weakness: CWE-843. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via SuppressedError sandbox escape. Red Hat rates this important (CVSS 9.1). Weakness: CWE-653. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution due to sandbox escape vulnerability. Red Hat rates this important (CVSS 9.1). Weakness: CWE-807. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution due to sandbox breakout. Red Hat rates this important (CVSS 9.1). Weakness: CWE-749. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Information disclosure via heap out-of-bounds read in GGUF model loader. Red Hat rates this critical (CVSS 9.1). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Path traversal vulnerability allows bypass of security policies. Red Hat rates this important (CVSS 7.5). Weakness: CWE-22. Affected package(s): odf4/odf-multicluster-rhel9-operator:1778577548, network-observability/network-observability-console-plugin-rhel9:1780556069, cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9:1782839996, cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9:1782840519, odf4/odf-cli-rhel9:1781557189, satellite/iop-advisor-frontend-rhel9:1781181673. Resolved in Red Hat advisory RHSA-2026:25089 — update the affected packages (`sudo dnf update`).
Denial of Service via uncontrolled memory allocation in remote read endpoint. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): opentelemetry-collector, jaeger-main, rhacm2/prometheus-rhel9:1782374537, opentelemetry-collector-main, openshift-logging/logging-loki-rhel9:1782405469, opentelemetry-collector-contrib-main. Resolved in Red Hat advisory RHSA-2026:29770 — update the affected packages (`sudo dnf update`).
Information disclosure of Azure OAuth client secret via config API. Red Hat rates this important (CVSS 7.5). Weakness: CWE-256. Affected package(s): opentelemetry-collector, opentelemetry-collector-contrib-main, jaeger-main, opentelemetry-collector-main. Resolved in Red Hat advisory RHSA-2026:25504 — update the affected packages (`sudo dnf update`).
buffer over-read via malformed enhanced status code. Red Hat rates this important (CVSS 7.5). Weakness: CWE-193. Affected package(s): postfix. Resolved in Red Hat advisory RHSA-2026:25932 — update the affected packages (`sudo dnf update`).
Arbitrary Code Execution via DHCPv6 Client Heap Buffer Overflow. Red Hat rates this important (CVSS 8.8). Weakness: CWE-131. Affected package(s): busybox-main. Resolved in Red Hat advisory RHSA-2026:30652 — update the affected packages (`sudo dnf update`).
XML External Entity (XXE) vulnerability via crafted dictionary parsing. Red Hat rates this important (CVSS 7.5). Weakness: CWE-611. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary Class Loading via Model Manifest. Red Hat rates this important (CVSS 7.5). Weakness: CWE-502. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via unbounded array allocation in crafted model files. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.