VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Known exploitation or KEV-listed
Out of bounds memory access in V8. Red Hat rates this important (CVSS 9.6). Weakness: CWE-125. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU length or offset exceeds sg_cnt and then use bogus sg->length/offset values, leading to _copy_to_iter() GPF/KASAN. It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container.)(CVE-2026-31431) Affected Ubuntu releases: 24.04, 22.04, 20.04, 18.04. CVEs: CVE-2026-31431, CVE-2025-37849, CVE-2026-23112.
Authenticated command execution via MCP stdio test endpoints. Red Hat rates this important (CVSS 8.8). Weakness: CWE-78. Affected package(s): rhoai/odh-llama-stack-core-rhel9:1781826406, rhoai/odh-llama-stack-core-rhel9:1782310008, rhoai/odh-trustyai-garak-lls-provider-dsp-rhel9:1781622627. Resolved in Red Hat advisory RHSA-2026:28960 — update the affected packages (`sudo dnf update`).
Unauthorized data access and modification via SQL injection. Red Hat rates this critical (CVSS 9.8). Weakness: CWE-89. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
algif_aead - Revert to operating out-of-place. Red Hat rates this important (CVSS 7.8). Weakness: CWE-1288. Affected package(s): kernel, rhcos, kernel-rt, kpatch-patch. Resolved in Red Hat advisory RHSA-2026:13729 — update the affected packages (`sudo dnf update`).
RCE via crafted discovery URI in Jolokia JMX-HTTP bridge. Red Hat rates this important (CVSS 8.8). Weakness: CWE-78. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in Dawn. Red Hat rates this important (CVSS 9). Weakness: CWE-825. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Processing maliciously crafted web content may lead to memory corruption. Red Hat rates this important (CVSS 8.8). Weakness: CWE-120. Affected package(s): webkit2gtk3, webkitgtk4. Resolved in Red Hat advisory RHSA-2025:19157 — update the affected packages (`sudo dnf update`).
Out of bounds write in Skia. Red Hat rates this important (CVSS 8.8). No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Inappropriate implementation in V8. Red Hat rates this important (CVSS 8.8). No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Use after free in CSS. Red Hat rates this important (CVSS 8.8). No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.