VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1837 advisories across 32 monitored vendors.
Linux kernel: Use-after-free in bonding driver leads to denial of service. Red Hat rates this important (CVSS 7). Weakness: CWE-416. Affected package(s): kernel, kernel-rt. Resolved in Red Hat advisory RHSA-2026:27354 — update the affected packages (`sudo dnf update`).
Arbitrary Code Execution via Local Buffer Overflow. Red Hat rates this important (CVSS 8.4). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Gleam compiler: Arbitrary file system modification and potential code execution via improper path validation in git dependency handling.. Red Hat rates this important (CVSS 8.6). Weakness: CWE-22. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Remote Code Execution via XPM File Parsing Integer Overflow. Red Hat rates this important (CVSS 7.8). Weakness: CWE-190. Affected package(s): gimp, gimp:2.8. Resolved in Red Hat advisory RHSA-2026:17533 — update the affected packages (`sudo dnf update`).
Remote Code Execution via PSP file parsing. Red Hat rates this important (CVSS 7.8). Weakness: CWE-120. Affected package(s): gimp, gimp:2.8. Resolved in Red Hat advisory RHSA-2026:17533 — update the affected packages (`sudo dnf update`).
Remote Code Execution via malicious JP2 file parsing. Red Hat rates this important (CVSS 7.8). Weakness: CWE-131. Affected package(s): gimp. Resolved in Red Hat advisory RHSA-2026:25907 — update the affected packages (`sudo dnf update`).
Remote Code Execution via ANI File Parsing Integer Overflow. Red Hat rates this important (CVSS 7.8). Weakness: CWE-190. Affected package(s): gimp. Resolved in Red Hat advisory RHSA-2026:16484 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via specially crafted PSD file. Red Hat rates this important (CVSS 7.8). Weakness: CWE-190. Affected package(s): gimp, gimp:2.8. Resolved in Red Hat advisory RHSA-2026:17533 — update the affected packages (`sudo dnf update`).
Heap buffer overflow in read_channel_data(). Red Hat rates this important (CVSS 7.3). Weakness: CWE-122. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
ODH Dashboard Kubernetes Service Account Exposure. Red Hat rates this important (CVSS 8.5). Weakness: CWE-201. Affected package(s): rhoai/odh-dashboard-rhel8:1775230902, rhoai/odh-dashboard-rhel9:1775239958, rhoai/odh-dashboard-rhel9:1775234711, rhoai/odh-dashboard-rhel9:1775523049. Resolved in Red Hat advisory RHSA-2026:7404 — update the affected packages (`sudo dnf update`).
Arbitrary Code Execution via bytecode rewriting. Red Hat rates this important (CVSS 8.8). Weakness: CWE-94. Affected package(s): rhoai/odh-llama-stack-core-rhel9:1782310008, ansible-automation-platform. Resolved in Red Hat advisory RHSA-2026:24866 — update the affected packages (`sudo dnf update`).
Denial of Service due to TLSv1.3 KeyUpdate memory exhaustion. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort. Red Hat rates this important (CVSS 7.8). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Missing Encryption of Sensitive Data due to EncryptInterceptor bypass. Red Hat rates this important (CVSS 7.5). Weakness: CWE-807. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Improper Input Validation vulnerability due to incomplete fix. Red Hat rates this moderate (CVSS 7.3). Weakness: CWE-184. Affected package(s): tomcat, jws6-tomcat. Resolved in Red Hat advisory RHSA-2026:12195 — update the affected packages (`sudo dnf update`).
Information disclosure via Padding Oracle vulnerability in EncryptInterceptor. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1240. Affected package(s): jws6-tomcat. Resolved in Red Hat advisory RHSA-2026:20405 — update the affected packages (`sudo dnf update`).
HDF5 h5dump: Arbitrary code execution via a crafted HDF5 file. Red Hat rates this important (CVSS 7.8). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Sandbox escape due to miscompiled heap access on aarch64. Red Hat rates this important (CVSS 8.5). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Command injection via CRLF sequences in file path parameters. Red Hat rates this important (CVSS 8.6). Weakness: CWE-93. Affected package(s): rhdh/rhdh-hub-rhel9:1777903262, rhdh/rhdh-hub-rhel9:1776784286. Resolved in Red Hat advisory RHSA-2026:13826 — update the affected packages (`sudo dnf update`).
Arbitrary code execution due to insufficient plugin provenance verification. Red Hat rates this important (CVSS 8). Weakness: CWE-347. Affected package(s): helm-cli. Resolved in Red Hat advisory RHSA-2026:26441 — update the affected packages (`sudo dnf update`).