VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1860 advisories across 32 monitored vendors.
Arbitrary code execution via sandbox escape due to improper object handling. Red Hat rates this important (CVSS 7.5). Weakness: CWE-915. Affected package(s): rhoai/odh-training-cuda124-torch25-py311-rhel9:1776243287, rhoai/odh-training-rocm62-torch24-py311-rhel9:1776272258, rhoai/odh-training-rocm62-torch25-py311-rhel9:1776272253, rhoai/odh-training-cuda121-torch24-py311-rhel9:1776243258. Resolved in Red Hat advisory RHSA-2026:10184 — update the affected packages (`sudo dnf update`).
Remote Code Execution via integer underflow in H.266 Codec Parser. Red Hat rates this important (CVSS 7.8). Weakness: CWE-191. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via RIFF palette integer overflow in AVI file handling. Red Hat rates this important (CVSS 7.8). Weakness: CWE-190. Affected package(s): gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-plugins-base, gstreamer1-plugins-bad-free, gstreamer-plugins-base, gstreamer-plugins-good. Resolved in Red Hat advisory RHSA-2026:19180 — update the affected packages (`sudo dnf update`).
Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay. Red Hat rates this important (CVSS 8.8). Weakness: CWE-787. Affected package(s): gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-plugins-base, gstreamer1-plugins-bad-free, gstreamer-plugins-base, gstreamer-plugins-good. Resolved in Red Hat advisory RHSA-2026:19180 — update the affected packages (`sudo dnf update`).
Remote Code Execution via Out-Of-Bounds Write in H.266 Codec Parser. Red Hat rates this important (CVSS 7.8). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay. Red Hat rates this important (CVSS 8.8). Weakness: CWE-1284. Affected package(s): gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-plugins-base, gstreamer1-plugins-bad-free, gstreamer-plugins-base, gstreamer-plugins-good. Resolved in Red Hat advisory RHSA-2026:19180 — update the affected packages (`sudo dnf update`).
Remote Code Execution via heap-based buffer overflow in JPEG parser. Red Hat rates this important (CVSS 7.8). Weakness: CWE-120. Affected package(s): gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-plugins-base, gstreamer1-plugins-bad-free. Resolved in Red Hat advisory RHSA-2026:19180 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via H.266 codec parsing stack-based buffer overflow. Red Hat rates this important (CVSS 7.8). Weakness: CWE-120. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Remote Code Execution via out-of-bounds write in DVB Subtitles handling. Red Hat rates this important (CVSS 7.8). Weakness: CWE-787. Affected package(s): gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-plugins-base, gstreamer1-plugins-bad-free. Resolved in Red Hat advisory RHSA-2026:19180 — update the affected packages (`sudo dnf update`).
Remote Code Execution via out-of-bounds write in RealMedia Demuxer. Red Hat rates this important (CVSS 7.8). Weakness: CWE-787. Affected package(s): gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-plugins-base, gstreamer1-plugins-bad-free. Resolved in Red Hat advisory RHSA-2026:19180 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via ASF file processing. Red Hat rates this important (CVSS 7.8). Weakness: CWE-120. Affected package(s): gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-plugins-base, gstreamer1-plugins-bad-free. Resolved in Red Hat advisory RHSA-2026:19180 — update the affected packages (`sudo dnf update`).
Denial of Service via recursive <use> element amplification. Red Hat rates this important (CVSS 7.5). Weakness: CWE-776. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages. Red Hat rates this important (CVSS 8.8). Weakness: CWE-131. Affected package(s): freerdp. Resolved in Red Hat advisory RHSA-2026:6958 — update the affected packages (`sudo dnf update`).
Denial of Service via crafted audio data in RDP. Red Hat rates this moderate (CVSS 7.3). Weakness: CWE-191. Affected package(s): freerdp. Resolved in Red Hat advisory RHSA-2026:19142 — update the affected packages (`sudo dnf update`).
PyJWT accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation). Red Hat rates this important (CVSS 7.5). Weakness: CWE-347. Affected package(s): ansible-automation-platform, python3.12-pyjwt, quay/quay-rhel8:1775169155, quay/quay-rhel8:1775253092, fence-agents, rhelai3/bootc-aws-cuda-rhel9:1776871984. Resolved in Red Hat advisory RHSA-2026:13508 — update the affected packages (`sudo dnf update`).
Arbitrary code execution via unsanitized parameters in create_function. Red Hat rates this important (CVSS 7.5). Weakness: CWE-88. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Denial of Service via invalid WebSocket permessage-deflate extension parameter. Red Hat rates this important (CVSS 7.5). Weakness: CWE-248. Affected package(s): cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9:1782839996, rhoai/odh-dashboard-rhel8:1774282136, nodejs:22, cryostat/cryostat-openshift-console-plugin-rhel9:4.2.0, cluster-observability-operator/logging-console-plugin-pf5-rhel9:1782840539, rhdh/rhdh-hub-rhel9:1776784286. Resolved in Red Hat advisory RHSA-2026:13826 — update the affected packages (`sudo dnf update`).
Denial of Service via crafted WebSocket frame with large length. Red Hat rates this important (CVSS 7.5). Weakness: CWE-248. Affected package(s): cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9:1782839996, rhoai/odh-dashboard-rhel8:1774282136, nodejs:22, cryostat/cryostat-openshift-console-plugin-rhel9:4.2.0, cluster-observability-operator/logging-console-plugin-pf5-rhel9:1782840539, rhdh/rhdh-hub-rhel9:1776784286. Resolved in Red Hat advisory RHSA-2026:13826 — update the affected packages (`sudo dnf update`).
Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9:1782839996, rhoai/odh-dashboard-rhel8:1774282136, nodejs:22, cryostat/cryostat-openshift-console-plugin-rhel9:4.2.0, cluster-observability-operator/logging-console-plugin-pf5-rhel9:1782840539, rhdh/rhdh-hub-rhel9:1776784286. Resolved in Red Hat advisory RHSA-2026:13826 — update the affected packages (`sudo dnf update`).
HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers. Red Hat rates this moderate (CVSS 7.3). Weakness: CWE-444. Affected package(s): nodejs:22, cryostat/cryostat-openshift-console-plugin-rhel9:4.2.0, rhdh/rhdh-hub-rhel9:1776784286, devspaces/code-rhel9:1779814592, nodejs:24, cryostat/cryostat-rhel9:4.2.0. Resolved in Red Hat advisory RHSA-2026:7350 — update the affected packages (`sudo dnf update`).