VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1837 advisories across 32 monitored vendors.
fix heap overflow in NFSv4.0 LOCK replay cache. Red Hat rates this important (CVSS 7.8). Weakness: CWE-787. Affected package(s): kernel, kernel-rt. Resolved in Red Hat advisory RHSA-2026:13936 — update the affected packages (`sudo dnf update`).
Model Context Protocol (MCP) Go SDK: DNS rebinding vulnerability allows unauthorized access. Red Hat rates this important (CVSS 8). Weakness: CWE-1188. Affected package(s): devspaces/udi-rhel9:1779829736. Resolved in Red Hat advisory RHSA-2026:21772 — update the affected packages (`sudo dnf update`).
XML structure injection via CDATA terminator. Red Hat rates this important (CVSS 7.5). Weakness: CWE-91. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via crafted multipart/form-data requests. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via unbounded multipart file upload. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Information disclosure via incorrect static file serving prefix check. Red Hat rates this important (CVSS 7.5). Weakness: CWE-552. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Privilege escalation via scp legacy protocol when not preserving file mode. Red Hat rates this important (CVSS 7.5). Weakness: CWE-281. Affected package(s): rhaiis/model-opt-cuda-rhel9:1782352950, rhaiis/vllm-spyre-rhel9:1782352919, openssh, rhcos, rhui5/rhua-rhel9:1779798222, rhaiis/model-opt-cuda-rhel9:1780681984. Resolved in Red Hat advisory RHSA-2026:26542 — update the affected packages (`sudo dnf update`).
Authenticated Server-Side Request Forgery via path traversal in OpenAPI path parameters. Red Hat rates this important (CVSS 8.5). Weakness: CWE-918. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via DCERPC buffering inefficiency. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via HTTP2 continuation frame flooding. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via quadratic complexity in URL search of MIME-encoded SMTP messages. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1333. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service due to specially crafted network traffic. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service due to inefficiency in KRB5 buffering. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via 'tls.alpn' rule keyword. Red Hat rates this important (CVSS 7.5). Weakness: CWE-476. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Information disclosure due to redirect_uri validation bypass. Red Hat rates this important (CVSS 7.3). Weakness: CWE-601. Affected package(s): rhbk/keycloak-rhel9-operator:26.2, rhbk/keycloak-rhel9, rhbk/keycloak-operator-bundle:26.4.11, rhbk/keycloak-rhel9:26.2, rhbk/keycloak-operator-bundle:26.2.15, rhbk/keycloak-rhel9-operator:26.4. Resolved in Red Hat advisory RHSA-2026:6478 — update the affected packages (`sudo dnf update`).
Privilege escalation via forged authorization codes due to SingleUseObjectProvider isolation flaw. Red Hat rates this important (CVSS 7.4). Weakness: CWE-653. Affected package(s): rhbk/keycloak-rhel9-operator:26.2, rhbk/keycloak-rhel9, rhbk/keycloak-operator-bundle:26.4.11, rhbk/keycloak-rhel9:26.2, rhbk/keycloak-operator-bundle:26.2.15, rhbk/keycloak-rhel9-operator:26.4. Resolved in Red Hat advisory RHSA-2026:6478 — update the affected packages (`sudo dnf update`).
Denial of Service via excessive processing of OpenID Connect scope parameters. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1050. Affected package(s): rhbk/keycloak-rhel9-operator:26.2, rhbk/keycloak-rhel9, rhbk/keycloak-operator-bundle:26.4.11, rhbk/keycloak-rhel9:26.2, rhbk/keycloak-operator-bundle:26.2.15, rhbk/keycloak-rhel9-operator:26.4. Resolved in Red Hat advisory RHSA-2026:6478 — update the affected packages (`sudo dnf update`).
UMA policy bypass allows authenticated users to gain unauthorized access to victim-owned resources.. Red Hat rates this important (CVSS 8.1). Weakness: CWE-551. Affected package(s): rhbk/keycloak-rhel9-operator:26.2, rhbk/keycloak-rhel9, rhbk/keycloak-operator-bundle:26.4.11, rhbk/keycloak-rhel9:26.2, rhbk/keycloak-operator-bundle:26.2.15, rhbk/keycloak-rhel9-operator:26.4. Resolved in Red Hat advisory RHSA-2026:6478 — update the affected packages (`sudo dnf update`).
Remote code execution via crafted EXR files. Red Hat rates this important (CVSS 8.8). Weakness: CWE-1284. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Information Disclosure via Path Traversal Vulnerability. Red Hat rates this important (CVSS 8.6). Weakness: CWE-22. Affected package(s): rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9:1780078429, rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9:1780417775, rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9:1780078388, rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9:1780069222, rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9:1780078632, rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9:1780078312. Resolved in Red Hat advisory RHSA-2026:24977 — update the affected packages (`sudo dnf update`).