VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
A flaw was found in Squid. Due to improper input validation, an out-of-bounds read can occur in the FTP gateway. This issue allows an authenticated and trusted client to read memory from random transactions when accessing a misbehaving FTP server using the Squid gateway feature. To exploit this issue, an attacker must have a valid account on the Squid proxy and must also control an FTP server reachable from the proxy on port 21. HTTPS traffic handled via CONNECT tunnels (the vast majority of modern web traffic) is opaque to the proxy because the underlying request data is encrypted and Squid does not have access to it. The impact is limited to information disclosure of cleartext HTTP request contents or traffic in TLS-terminating (SSL bump) proxy configurations where Squid decrypts and inspects traffic. FTP protocol usage has declined considerably in most environments since major browsers removed FTP support, further narrowing the practical attack surface. Due to these reasons, this vulnerability has been rated with a moderate severity. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). Weakness: CWE-125. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Red Hat does not currently list a fixing RHSA for this CVE.
A flaw was found in Squid. Due to improper input validation, a heap-based buffer overflow can occur when processing cache digests. This issue allows a trusted server to cause a denial of service when sending specially crafted replies to cache_digest request messages. To exploit this issue, an attacker must control a trusted cache peer server. Also, cache digests are not enabled in the default configuration. Squid deployments that do not use cache peering are not affected. Furthermore, even those that do are only vulnerable when the attacker controls a configured peer server within the same administrative domain. A compromised peer can reliably crash the Squid process via a heap-based buffer overflow during digest exchange, but code execution faces considerable practical security barriers. Default Red Hat Enterprise Linux security features, including SELinux enforcement, Address Space Layout Randomization (ASLR) and NX (No-Execute) stack protection, significantly increase the difficulty of achieving arbitrary code execution, limiting the impact of this vulnerability. Due to these reasons, this vulnerability has been rated with a moderate severity. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Weakness: CWE-122.
A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when processing nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TEMPLATE attributes. Red Hat severity: Moderate — CVSS 6.2 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-674. Affected Red Hat products: Red Hat Hardened Images; Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat OpenShift Container Platform 4. Red Hat fixing advisory: RHSA-2026:37469, RHSA-2026:38342.
Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different config object during traversal. This happens because the authorization layer uses string prefix matching and the /config traversal layer parses array indices numerically using strconv.Atoi(). This vulnerability is fixed in 2.11.3. A remote administrator with restricted access to specific configuration objects could bypass these limitations. This discrepancy allows an attacker to read and modify unauthorized configuration elements, undermining the principle of least privilege in remote administration. This Moderate-impact flaw in Caddy's remote administration API, which allows an authorization bypass due to differing interpretations of array indices, does not affect Red Hat products. The vulnerable code is not present in Red Hat's supported offerings. Red Hat severity: Moderate — CVSS 3.8 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N). Weakness: CWE-551. Red Hat lists Red Hat Hardened Images as not affected.
CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182. By accepting an authentication tag length of 4 bytes instead of the required 12 bytes, this vulnerability allows for a low-impact data integrity issue where the cryptographic validity of messages could be compromised. A Low-impact flaw in GnuPG's gpgsm component accepts an incorrect AES-GCM authentication tag length in CMS messages. This compromises cryptographic data integrity, though confidentiality and availability are unaffected. Red Hat severity: Low — CVSS 2.9 (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat Hardened Images. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service. A flaw was found in ImageMagick. This ImageMagick flaw is rated as Low impact. The impact is limited to availability, and the attack requires specific conditions, making successful exploitation less probable in typical Red Hat deployments unless processing untrusted images. Red Hat severity: Low — CVSS 3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Weakness: CWE-825. Affected Red Hat products: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Critical authentication bypass allows unauthorized API access. Red Hat rates this important (CVSS 9.1). Weakness: CWE-501. Red Hat lists fixing advisory RHSA-2026:36006 with package rhaiis/vllm-rocm-rhel9:1782353093, rhaiis/vllm-cuda-rhel9:1782352847, rhaiis/vllm-cuda-rhel9:1782951012, rhaiis/vllm-rocm-rhel9:1782951244.
Remote Code Execution via stored Cross-Site Scripting in nbconvert handlers. Red Hat rates this important (CVSS 9). Weakness: CWE-79.
Arbitrary code execution via malicious HuggingFace model. Red Hat rates this important (CVSS 7.5). Weakness: CWE-617. Red Hat lists fixing advisory RHSA-2026:36006 with package rhaiis/vllm-cuda-rhel9:1782951012, rhaiis/vllm-rocm-rhel9:1782951244.
Authentication Bypass via Host Header Injection. Red Hat rates this important (CVSS 8.1). Weakness: CWE-290.
http-proxy-middleware is node.js http-proxy middleware. From 3.0.4 until 3.0.7 and 4.1.1, fixRequestBody() is the library's documented helper for re-emitting a request body that was already consumed by a body parser. When the outgoing Content-Type is multipart/form-data, it rebuilds the body with handlerFormDataBodyData(), which interpolates each req.body key and value directly into the multipart wire format without neutralizing CR/LF. A \r\n inside a value (or key) lets an attacker close the current part and inject an entirely new form part. Because the proxy's own body parser saw a single opaque value, any gateway-side policy or validation performed on req.body is evaluated against a different set of fields than the upstream backend ultimately parses a request/parameter desynchronization across the trust boundary. This vulnerability is fixed in 3.0.7 and 4.1.1. A remote attacker could exploit a vulnerability in the fixRequestBody() function, which is used to re-emit a request body. By injecting carriage return and line feed characters (\r\n) into a request body key or value, an attacker can bypass security policies and validation performed by the proxy. This desynchronization between the proxy and the backend server can lead to a compromise of data integrity. Other Red Hat AI products are not affected or do not expose the vulnerable code path in normal operation.
Information Disclosure via Path Traversal in `nltk.data.load()`. Red Hat rates this important (CVSS 7.5). Weakness: CWE-22.
Arbitrary code execution via prototype pollution of filename option. Red Hat rates this important (CVSS 8.1). Weakness: CWE-915.
request.form() limits silently ignored for application/x-www-form-urlencoded enable DoS. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Red Hat lists fixing advisory RHSA-2026:36006 with package rhaiis/vllm-cuda-rhel9:1782951012, jaeger-main-2.19.0-1.hum1, rhaiis/vllm-rocm-rhel9:1782951244.
protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.6.1 and 8.4.1, protobufjs could recurse without a depth limit while converting decoded messages to plain objects or JSON. This affected generated toObject() conversion and the custom google.protobuf.Any JSON conversion path. A crafted protobuf binary payload containing deeply nested Any values could cause the JavaScript call stack to be exhausted during conversion to JSON. This vulnerability is fixed in 7.6.1 and 8.4.1. A flaw was found in protobufjs. This uncontrolled recursion could exhaust the JavaScript call stack during conversion to JSON, leading to a Denial of Service (DoS). Red Hat rates this issue as having Low impact for Red Hat Enterprise Linux AI bootc images. Although protobufjs is present as a transitive dependency, the vulnerable parsing path is not exercised in normal product operation. Red Hat severity: Moderate — CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-606. Affected Red Hat products: Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI).
@angular/platform-server: Angular: SSRF via Hostname Hijacking in @angular/platform-server. Red Hat rates this important.
@angular/platform-server: domino: Angular Platform Server: Cross-Site Scripting via unescaped `</noscript>` tags in dynamic content. Red Hat rates this important (CVSS 8.1). Weakness: CWE-79.
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack can compromise the confidentiality of forwarded X11 traffic, including sensitive window contents and input, and may allow some manipulation of the forwarded session. This is a Moderate severity flaw. The OpenSSH client in Red Hat Enterprise Linux is vulnerable to a local man-in-the-middle attack on X11 forwarding connections. Exploitation requires an attacker to have local unprivileged access on the client system and for X11 forwarding to be explicitly enabled and in use, which is not a default configuration. This vulnerability doesn't affect the upstream OpenSSH versions and is restricted to the versions as shipped with Red Hat Enterprise Linux. Red Hat severity: Moderate — CVSS 5 (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N). Weakness: CWE-923. Affected Red Hat products: Red Hat Hardened Images; Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Under investigation: Red Hat OpenShift Container Platform 4. Red Hat fixing advisory: RHSA-2026:36759.
A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange (DH-GEX) client path. This occurs during FIPS (Federal Information Processing Standards) mode known-group validation when the client processes attacker-controlled DH-GEX group parameters. Successful exploitation leads to client-side process termination, resulting in a Denial of Service (DoS). This Moderate flaw in OpenSSH affects clients operating in FIPS mode when negotiating Diffie-Hellman Group Exchange (DH-GEX) with a malicious SSH server. While it can lead to client process termination, resulting in a denial of service, the impact is limited to availability and does not result in broader system compromise. In order to exploit this vulnerability the attacker needs to trick the user to connect to an untrusted malicious server or compromise the server first. The availability impact is considered Low as the only impacted process is the single run of the SSH client trying to connect to the malicious server. This vulnerability affects only the OpenSSH versions shipped with Red Hat products. Red Hat severity: Moderate — CVSS 4.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). Weakness: CWE-415.
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment that supplies --revision or --code-revision can still load dynamic code, GGUF files, image processors, retrieval side weights, or same-repository subfolder weights/config from an unpinned/default revision. This is a supply-chain integrity issue for pinned vLLM deployments. Operators can believe they are serving a reviewed model revision while vLLM resolves behavior-affecting nested or sibling artifacts outside that reviewed revision. This vulnerability is fixed in 0.22.0. This issue can lead to a supply-chain integrity compromise, where operators may unknowingly serve models with unreviewed or unintended behavior. Red Hat rates this issue as having Moderate impact. The flaw is a supply-chain integrity issue when operators pin a HuggingFace model revision but vLLM may still load nested artifacts from an unpinned revision. It affects Red Hat AI Inference Server, Red Hat OpenShift AI, and Red Hat Enterprise Linux AI images that ship vLLM versions prior to 0.22.0. KServe control-plane components that bundle vLLM as a library are not affected. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N). Weakness: CWE-829.