VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1856 advisories across 32 monitored vendors.
buffer overflows on response messages via ipmi-oem. Red Hat rates this moderate (CVSS 8.8). Weakness: CWE-120. Affected package(s): freeipmi. Resolved in Red Hat advisory RHSA-2026:19208 — update the affected packages (`sudo dnf update`).
Remote tool execution via cross-site request forgery. Red Hat rates this moderate (CVSS 7.1). Weakness: CWE-940. Affected package(s): devspaces/udi-rhel9:1779829736. Resolved in Red Hat advisory RHSA-2026:21772 — update the affected packages (`sudo dnf update`).
Active Storage (Rails): Arbitrary file access via path traversal in blob keys. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution or Denial of Service via spurious IPC API call data. Red Hat rates this moderate (CVSS 7.8). Weakness: CWE-1287. Affected package(s): systemd, rhosdt/opentelemetry-collector-rhel9:1778056267, rhui5/haproxy-rhel9:1779798164, rhosdt/opentelemetry-rhel9-operator:1778056233, rhui5/rhua-rhel9:1779798222, insights-proxy/insights-proxy-container-rhel9:1780420428. Resolved in Red Hat advisory RHSA-2026:14162 — update the affected packages (`sudo dnf update`).
Private Key Recovery via Missing Cryptographic Step in DSA Signing. Red Hat rates this important (CVSS 8.7). Weakness: CWE-325. Affected package(s): migration-toolkit-virtualization/mtv-console-plugin-rhel9:1779139872, quay/quay-rhel8:1775169155, quay/quay-rhel8:1775253092, quay/quay-rhel9:1779204086, migration-toolkit-virtualization/mtv-console-plugin-rhel9:1778927462, quay/quay-rhel8:1775169219. Resolved in Red Hat advisory RHSA-2026:6926 — update the affected packages (`sudo dnf update`).
Denial of Service via infinite loop in bnModInverse function with crafted inputs. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1287. Affected package(s): quay/quay-rhel8:1779811473, migration-toolkit-virtualization/mtv-console-plugin-rhel9:1779139872, quay/quay-rhel8:1779822261, quay/quay-rhel8:1775253092, quay/quay-rhel9:1779204086, migration-toolkit-virtualization/mtv-console-plugin-rhel9:1778927462. Resolved in Red Hat advisory RHSA-2026:23361 — update the affected packages (`sudo dnf update`).
Signature verification bypass via negative exponent handling. Red Hat rates this important (CVSS 7.5). Weakness: CWE-681. Affected package(s): migration-toolkit-virtualization/mtv-console-plugin-rhel9:1779139872, quay/quay-rhel8:1775169155, quay/quay-rhel8:1775253092, quay/quay-rhel9:1779204086, migration-toolkit-virtualization/mtv-console-plugin-rhel9:1778927462, quay/quay-rhel8:1775169219. Resolved in Red Hat advisory RHSA-2026:6926 — update the affected packages (`sudo dnf update`).
Cryptographic signature forgery via malicious DSA domain parameters. Red Hat rates this important (CVSS 8.2). Weakness: CWE-347. Affected package(s): migration-toolkit-virtualization/mtv-console-plugin-rhel9:1779139872, quay/quay-rhel8:1775169155, quay/quay-rhel8:1775253092, quay/quay-rhel9:1779204086, migration-toolkit-virtualization/mtv-console-plugin-rhel9:1778927462, quay/quay-rhel8:1775169219. Resolved in Red Hat advisory RHSA-2026:6926 — update the affected packages (`sudo dnf update`).
Use after free in FedCM. Red Hat rates this important (CVSS 8.8). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary file overwrite and creation via path traversal in XML index files. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22. Affected package(s): rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9:1778263054, rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9:1776319185, rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9:1776243238, rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9:1778262893. Resolved in Red Hat advisory RHSA-2026:19712 — update the affected packages (`sudo dnf update`).
Denial of Service via unauthenticated remote shutdown. Red Hat rates this important (CVSS 7.5). Weakness: CWE-306. Affected package(s): rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9:1778263054, rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9:1780069222, rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9:1780069226, rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9:1778262893. Resolved in Red Hat advisory RHSA-2026:19712 — update the affected packages (`sudo dnf update`).
Information disclosure and potential impersonation via HTTP redirects sending sensitive headers. Red Hat rates this important (CVSS 8.2). Weakness: CWE-201. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via Server-Side Template Injection. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-917. Affected package(s): ansible-automation-platform, automation-controller. Resolved in Red Hat advisory RHSA-2026:34160 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via use-after-free in io_uring subsystem. Red Hat rates this important (CVSS 7.8). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Remote Code Execution or Denial of Service via JSON_SCHEMA_VALID() function vulnerability. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-120. Affected package(s): mariadb11.8, galera, mariadb:11.8. Resolved in Red Hat advisory RHSA-2026:19182 — update the affected packages (`sudo dnf update`).
Command-line option injection in webbrowser.open() via crafted URLs. Red Hat rates this important (CVSS 7.1). Weakness: CWE-88. Affected package(s): python3.11, rhpam, discovery/discovery-server-rhel9:1775668717, python3.9, python3.12, rhaiis/vllm-cuda-rhel9:1778274666. Resolved in Red Hat advisory RHSA-2026:10140 — update the affected packages (`sudo dnf update`).
mTLS bypass allows unauthorized service access via fragmented ClientHello.. Red Hat rates this important (CVSS 8.3). Weakness: CWE-179. Affected package(s): devspaces/traefik-rhel9:1779786779, devspaces/traefik-rhel9:1776718585. Resolved in Red Hat advisory RHSA-2026:21772 — update the affected packages (`sudo dnf update`).
Denial of Service via XML entity expansion bypass. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-776. Affected package(s): odf4/ocs-client-console-rhel9:1778050558, odf4/mcg-core-rhel9:1776403991, odf4/ocs-client-rhel9-operator:1778049818, odf4/odf-cloudnative-pg-rhel9-operator:1776406131, odf4/odf-csi-addons-sidecar-rhel9:1778050048, odf4/odf-multicluster-console-rhel9:1778078096. Resolved in Red Hat advisory RHSA-2026:7110 — update the affected packages (`sudo dnf update`).
Denial of Service via large indent parameter in JSON serialization. Red Hat rates this important (CVSS 7.5). Weakness: CWE-190. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service due to memory leak when parsing large integers. Red Hat rates this important (CVSS 7.5). Weakness: CWE-772. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.