VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1837 advisories across 32 monitored vendors.
Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-476. Affected package(s): openssl-main, rhui5/installer-rhel9:1781525693, openssl, compat-openssl10, rhui5/cds-rhel9:1781525684, discovery/discovery-ui-rhel9:1782166952. Resolved in Red Hat advisory RHSA-2026:35869 — update the affected packages (`sudo dnf update`).
Denial of Service and Information Disclosure via unauthenticated HTTP server. Red Hat rates this important (CVSS 8.2). Weakness: CWE-770. Affected package(s): rh-podman-desktop. Resolved in Red Hat advisory RHSA-2026:13867 — update the affected packages (`sudo dnf update`).
github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): multicluster-engine/hypershift-addon-rhel9-operator:1780917881. Resolved in Red Hat advisory RHSA-2026:25271 — update the affected packages (`sudo dnf update`).
Memory exhaustion via crafted compressed JWE tokens. Red Hat rates this low (CVSS 7.5). Weakness: CWE-770. Affected package(s): python3.12-jwcrypto, python-jwcrypto. Resolved in Red Hat advisory RHSA-2026:13508 — update the affected packages (`sudo dnf update`).
Information disclosure via query parameter manipulation on the development server. Red Hat rates this important (CVSS 7.5). Weakness: CWE-472. Affected package(s): ansible-automation-platform-tech-preview/mcp-server-rhel9:1779783248. Resolved in Red Hat advisory RHSA-2026:24866 — update the affected packages (`sudo dnf update`).
Information disclosure via WebSocket connection bypasses access control. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1220. Affected package(s): ansible-automation-platform-tech-preview/mcp-server-rhel9:1779783248, automation-platform-ui, automation-gateway. Resolved in Red Hat advisory RHSA-2026:24866 — update the affected packages (`sudo dnf update`).
Memory-safety vulnerability. Red Hat rates this important (CVSS 8.3). Weakness: CWE-787. Affected package(s): advanced-cluster-security/rhacs-scanner-v4-rhel8:1777986630, rhtas/updatetree-rhel9:1780053572, rhtas/createtree-rhel9:1780053572, advanced-cluster-security/rhacs-scanner-v4-rhel8:1777307791, custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator:1779953535, go-fdo-server. Resolved in Red Hat advisory RHSA-2026:13907 — update the affected packages (`sudo dnf update`).
Memory-safety vulnerability. Red Hat rates this important (CVSS 8.3). Weakness: CWE-787. Affected package(s): advanced-cluster-security/rhacs-scanner-v4-rhel8:1777986630, rhtas/updatetree-rhel9:1780053572, rhtas/createtree-rhel9:1780053572, advanced-cluster-security/rhacs-scanner-v4-rhel8:1777307791, custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator:1779953535, rhtas/trillian-logserver-rhel9:1780053572. Resolved in Red Hat advisory RHSA-2026:24482 — update the affected packages (`sudo dnf update`).
Open Cluster Management (OCM): Cross-cluster privilege escalation via improper Kubernetes client certificate renewal validation. Red Hat rates this important (CVSS 8.2). Weakness: CWE-295. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary Code Execution via specially crafted file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. Affected package(s): LibRaw. Resolved in Red Hat advisory RHSA-2026:11360 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via specially crafted image file. Red Hat rates this important (CVSS 7.5). Weakness: CWE-120. Affected package(s): LibRaw. Resolved in Red Hat advisory RHSA-2026:13284 — update the affected packages (`sudo dnf update`).
Memory Corruption via Malicious File Processing. Red Hat rates this important (CVSS 7.5). Weakness: CWE-120. Affected package(s): LibRaw. Resolved in Red Hat advisory RHSA-2026:13284 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via a specially crafted malicious file. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-190. Affected package(s): LibRaw. Resolved in Red Hat advisory RHSA-2026:11360 — update the affected packages (`sudo dnf update`).
Memory safety bugs fixed in Firefox 149.0.2 and Thunderbird 149.0.2. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2. Red Hat rates this important (CVSS 8.8). Weakness: CWE-787. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:11805 — update the affected packages (`sudo dnf update`).
Incorrect boundary conditions in the Graphics: WebGPU component. Red Hat rates this important (CVSS 8.8). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Incorrect boundary conditions, integer overflow in the Graphics: Text component. Red Hat rates this important (CVSS 8.8). Weakness: CWE-190. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:11805 — update the affected packages (`sudo dnf update`).
Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2. Red Hat rates this important (CVSS 8.8). Weakness: CWE-787. Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:11805 — update the affected packages (`sudo dnf update`).
Erlang OTP inets modules: Unauthenticated access to protected CGI scripts via incorrect authorization. Red Hat rates this important (CVSS 7.4). Weakness: CWE-551. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.