CVE-2026-10101
Severity: moderate
Released on: 29/05/2026
Advisory:
Bugzilla: 2483298
Bugzilla Description:
assisted-service: assisted-service: InfraEnv status leaks referenced pull-secret contents to namespace view users
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-201
Affected Packages:
Package States: Multicluster Engine for Kubernetes,
Full Details
CVE document
CVE-2026-10028
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2465152
Bugzilla Description:
glib-networking: Infinite loop in glib-networking GnuTLS backend allows remote denial of service via circular certificate chain
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-41565
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482740
Bugzilla Description:
perl-CryptX: perl-CryptX: Stack buffer overflow allows arbitrary code execution via a crafted authentication tag.
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9804
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482487
Bugzilla Description:
kubevirt: kubevirt: VMExport directory symlink escape enables exporter pod file read
CVSS Score:
CVSSv3 Score: 7.7
Vector:
CWE: CWE-59
Affected Packages:
Package States: Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,
Full Details
CVE document
CVE-2026-44604
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2460967
Bugzilla Description:
rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-78
Affected Packages:
Package States: Pen Drive Powered by Red Hat Lightspeed,Red Hat build of Quarkus Native builder,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2026-9801
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482473
Bugzilla Description:
keycloak: Keycloak: Denial of Service via malformed LDAP password policy response
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-9802
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482467
Bugzilla Description:
keycloak: Keycloak: Unauthorized account access via replayed refresh tokens after cluster restart
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-613
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-9803
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482465
Bugzilla Description:
keycloak: Keycloak: Denial of Service via malformed Authorization header
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-9798
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482470
Bugzilla Description:
keycloak: Keycloak: Brute-force protection bypass in CIBA flow
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-305
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-9796
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482464
Bugzilla Description:
keycloak: Keycloak: Privilege escalation via Time-of-Check to Time-of-Use (TOCTOU) vulnerability
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-9795
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482462
Bugzilla Description:
keycloak: Keycloak: Privilege escalation via improper scope mapping enforcement
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-9794
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482461
Bugzilla Description:
keycloak: Keycloak: Information disclosure via SAML ECP endpoint
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-209
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-9793
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482460
Bugzilla Description:
keycloak: Keycloak: Security policy bypass in JWE-encrypted request object processing
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-347
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-9792
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482459
Bugzilla Description:
keycloak: Keycloak: Security restriction bypass allows unauthorized ROPC token acquisition
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-280
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-9791
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482458
Bugzilla Description:
keycloak-rhel9: Organization Data Leak After Feature Disabled in Keycloak
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-863
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-46190
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482519
Bugzilla Description:
kernel: mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-788
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46154
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482520
Bugzilla Description:
kernel: sched_ext: Read scx_root under scx_cgroup_ops_rwsem in cgroup setters
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46187
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482521
Bugzilla Description:
kernel: wifi: rsi: fix kthread lifetime race between self-exit and external-stop
CVSS Score:
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46157
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482522
Bugzilla Description:
kernel: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46116
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482523
Bugzilla Description:
kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46148
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482524
Bugzilla Description:
kernel: spi: microchip-core-qspi: control built-in cs manually
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46193
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482525
Bugzilla Description:
kernel: xfrm: ah: account for ESN high bits in async callbacks
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46146
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482526
Bugzilla Description:
kernel: ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46159
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482527
Bugzilla Description:
kernel: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46207
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482528
Bugzilla Description:
kernel: vsock/virtio: fix empty payload in tap skb for non-linear buffers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46118
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482529
Bugzilla Description:
kernel: pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46206
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482530
Bugzilla Description:
kernel: batman-adv: reject new tp_meter sessions during teardown
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46111
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482531
Bugzilla Description:
kernel: Bluetooth: hci_conn: fix potential UAF in create_big_sync
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46181
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482532
Bugzilla Description:
kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46230
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482533
Bugzilla Description:
kernel: drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46201
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482534
Bugzilla Description:
kernel: drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46121
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482535
Bugzilla Description:
kernel: mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46132
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482536
Bugzilla Description:
kernel: net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46104
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482537
Bugzilla Description:
kernel: selinux: use sk blob accessor in socket permission helpers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1083
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46232
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482538
Bugzilla Description:
kernel: HID: playstation: Clamp num_touch_reports
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46177
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482539
Bugzilla Description:
kernel: ipmi: Add limits to event and receive message requests
CVSS Score:
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46143
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482540
Bugzilla Description:
kernel: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46115
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482541
Bugzilla Description:
kernel: block: add pgmap check to biovec_phys_mergeable
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46170
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482542
Bugzilla Description:
kernel: mptcp: pm: ADD_ADDR rtx: free sk if last
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46204
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482543
Bugzilla Description:
kernel: drm/amdgpu/vcn4: Prevent OOB reads when parsing IB
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46205
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482544
Bugzilla Description:
kernel: staging: media: atomisp: Disallow all private IOCTLs
CVSS Score:
Vector:
CWE: CWE-267
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46237
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482545
Bugzilla Description:
kernel: drm/amdgpu/vcn3: Avoid overflow on msg bound check
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46106
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482546
Bugzilla Description:
kernel: eventfs: Hold eventfs_mutex and SRCU when remount walks events
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46162
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482547
Bugzilla Description:
kernel: ice: fix double free in ice_sf_eth_activate() error path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46216
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482548
Bugzilla Description:
kernel: drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46174
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482549
Bugzilla Description:
kernel: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-653
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46133
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482550
Bugzilla Description:
kernel: RDMA/rxe: Reject unknown opcodes before ICRC processing
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46165
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482551
Bugzilla Description:
kernel: openvswitch: vport: fix self-deadlock on release of tunnel ports
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46224
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482552
Bugzilla Description:
kernel: drm/xe: Fix bo leak in xe_dma_buf_init_obj() on allocation failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46194
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482553
Bugzilla Description:
kernel: f2fs: fix node_cnt race between extent node destroy and writeback
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46123
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482554
Bugzilla Description:
kernel: Bluetooth: virtio_bt: clamp rx length before skb_put
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46131
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482555
Bugzilla Description:
kernel: KVM: x86: check for nEPT/nNPT in slow flush hypercalls
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46188
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482557
Bugzilla Description:
kernel: octeon_ep_vf: add NULL check for napi_build_skb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46185
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482558
Bugzilla Description:
kernel: smb/client: fix out-of-bounds read in symlink_data()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46197
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482559
Bugzilla Description:
kernel: drm/amdkfd: validate SVM ioctl nattr against buffer size
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46184
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482560
Bugzilla Description:
kernel: sound: ua101: fix division by zero at probe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46233
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482561
Bugzilla Description:
kernel: batman-adv: bla: only purge non-released claims
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46231
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482562
Bugzilla Description:
kernel: batman-adv: bla: put backbone reference on failed claim hash insert
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46152
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482563
Bugzilla Description:
kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1058
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46227
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482564
Bugzilla Description:
kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46239
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482565
Bugzilla Description:
kernel: media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46149
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482566
Bugzilla Description:
kernel: scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46218
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482567
Bugzilla Description:
kernel: drm/amdgpu: Add bounds checking to ib_{get,set}_value
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46139
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482568
Bugzilla Description:
kernel: smb: client: use kzalloc to zero-initialize security descriptor buffer
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46153
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482569
Bugzilla Description:
kernel: 8021q: delete cleared egress QoS mappings
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46222
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482570
Bugzilla Description:
kernel: media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads
CVSS Score:
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46168
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482571
Bugzilla Description:
kernel: mptcp: fix scheduling with atomic in timestamp sockopt
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46142
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482572
Bugzilla Description:
kernel: net: libwx: fix VF illegal register access
CVSS Score:
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46236
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482573
Bugzilla Description:
kernel: media: rc: xbox_remote: heed DMA restrictions
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46171
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482574
Bugzilla Description:
kernel: riscv: kvm: fix vector context allocation leak
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46221
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482575
Bugzilla Description:
kernel: EDAC/versalnet: Fix device name memory leak
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46117
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482576
Bugzilla Description:
kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46240
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482577
Bugzilla Description:
kernel: media: iris: Fix use-after-free in iris_release_internal_buffers()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46182
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482578
Bugzilla Description:
kernel: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46151
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482579
Bugzilla Description:
kernel: usb: usblp: fix heap leak in IEEE 1284 device ID via short response
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46112
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482580
Bugzilla Description:
kernel: RDMA/hns: Fix unlocked call to hns_roce_qp_remove()
CVSS Score:
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46145
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482581
Bugzilla Description:
kernel: RDMA/mana: Validate rx_hash_key_len
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46127
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482582
Bugzilla Description:
kernel: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46175
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482583
Bugzilla Description:
kernel: f2fs: fix fsck inconsistency caused by FGGC of node block
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46235
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482584
Bugzilla Description:
kernel: media: saa7164: add ioremap return checks and cleanups
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46208
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482585
Bugzilla Description:
kernel: batman-adv: stop tp_meter sessions during mesh teardown
CVSS Score:
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46178
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482586
Bugzilla Description:
kernel: RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46113
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482587
Bugzilla Description:
kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46189
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482588
Bugzilla Description:
kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46213
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482589
Bugzilla Description:
kernel: HID: appletb-kbd: fix UAF in inactivity-timer cleanup path
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46196
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482590
Bugzilla Description:
kernel: tracepoint: balance regfunc() on func_add() failure in tracepoint_add_func()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46200
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482591
Bugzilla Description:
kernel: spi: mpc52xx: fix controller deregistration
CVSS Score:
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46140
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482592
Bugzilla Description:
kernel: Bluetooth: btmtk: validate WMT event SKB length before struct access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46241
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482593
Bugzilla Description:
kernel: spi: mpc52xx: fix use-after-free on registration failure
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46176
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482594
Bugzilla Description:
kernel: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46169
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482595
Bugzilla Description:
kernel: hfsplus: fix uninit-value by validating catalog record size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46110
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482596
Bugzilla Description:
kernel: net: stmmac: Prevent NULL deref when RX memory exhausted
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46202
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482597
Bugzilla Description:
kernel: HID: appletb-kbd: run inactivity autodim from workqueues
CVSS Score:
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46210
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482599
Bugzilla Description:
kernel: media: iris: fix use-after-free of fmt_src during MBPF check
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46137
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482600
Bugzilla Description:
kernel: mptcp: pm: ADD_ADDR rtx: fix potential data-race
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46192
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482601
Bugzilla Description:
kernel: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46183
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482602
Bugzilla Description:
kernel: mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock
CVSS Score:
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46228
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482603
Bugzilla Description:
kernel: spi: ch341: fix devres lifetime
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46219
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482605
Bugzilla Description:
kernel: spi: mpc52xx: fix use-after-free on unbind
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46195
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482606
Bugzilla Description:
kernel: smb: client: validate dacloffset before building DACL pointers
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46220
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482607
Bugzilla Description:
kernel: drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46125
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482608
Bugzilla Description:
kernel: wifi: mac80211: remove station if connection prep fails
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46134
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482609
Bugzilla Description:
kernel: platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46161
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482610
Bugzilla Description:
kernel: md/raid10: fix divide-by-zero in setup_geo() with zero far_copies
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46105
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482611
Bugzilla Description:
kernel: scsi: mpt3sas: Limit NVMe request size to 2 MiB
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46150
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482612
Bugzilla Description:
kernel: fanotify: fix false positive on permission events
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-280
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46203
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482613
Bugzilla Description:
kernel: spi: cadence-quadspi: fix unclocked access on unbind
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46120
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482614
Bugzilla Description:
kernel: ip6_gre: Use cached t->net in ip6erspan_changelink()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46215
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482615
Bugzilla Description:
kernel: drm: Set old handle to NULL before prime swap in change_handle
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46180
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482616
Bugzilla Description:
kernel: wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46167
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482617
Bugzilla Description:
kernel: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46114
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482618
Bugzilla Description:
kernel: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46126
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482619
Bugzilla Description:
kernel: RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46147
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482620
Bugzilla Description:
kernel: KVM: arm64: Fix pin leak and publication ordering in __pkvm_init_vcpu()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46119
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482621
Bugzilla Description:
kernel: libceph: Fix slab-out-of-bounds access in auth message processing
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46144
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482622
Bugzilla Description:
kernel: RDMA/mana: Fix error unwind in mana_ib_create_qp_rss()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46238
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482623
Bugzilla Description:
kernel: batman-adv: stop caching unowned originator pointers in BAT IV
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46136
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482624
Bugzilla Description:
kernel: wifi: mt76: mt7921: fix a potential clc buffer length underflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-124
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46141
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482625
Bugzilla Description:
kernel: powerpc/xive: fix kmemleak caused by incorrect chip_data lookup
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46198
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482626
Bugzilla Description:
kernel: batman-adv: fix integer overflow on buff_pos
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46179
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482627
Bugzilla Description:
kernel: ASoC: SOF: Don't allow pointer operations on unconfigured streams
CVSS Score:
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46223
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482628
Bugzilla Description:
kernel: cgroup: Defer css percpu_ref kill on rmdir until cgroup is depopulated
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46109
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482629
Bugzilla Description:
kernel: usb: ulpi: fix memory leak on ulpi_register() error paths
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46211
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482630
Bugzilla Description:
kernel: drm/msm/gem: fix error handling in msm_ioctl_gem_info_get_metadata()
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46186
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482631
Bugzilla Description:
kernel: Bluetooth: virtio_bt: validate rx pkt_type header length
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46212
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482632
Bugzilla Description:
kernel: batman-adv: bla: prevent use-after-free when deleting claims
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46217
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482633
Bugzilla Description:
kernel: drm/amdgpu/vcn4: Avoid overflow on msg bound check
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46173
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482634
Bugzilla Description:
kernel: exit: prevent preemption of oopsing TASK_DEAD task
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46191
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482635
Bugzilla Description:
kernel: fbcon: Avoid OOB font access if console rotation fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46209
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482636
Bugzilla Description:
kernel: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46107
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482637
Bugzilla Description:
kernel: dm-thin: fix metadata refcount underflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46156
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482638
Bugzilla Description:
kernel: LoongArch: Fix potential ADE in loongson_gpu_fixup_dma_hang()
CVSS Score:
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46158
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482639
Bugzilla Description:
kernel: mptcp: pm: ADD_ADDR rtx: always decrease sk refcount
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46234
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482640
Bugzilla Description:
kernel: vsock: fix buffer size clamping order
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-179
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46163
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482641
Bugzilla Description:
kernel: wifi: b43legacy: enforce bounds check on firmware key index in RX path
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46164
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482642
Bugzilla Description:
kernel: btrfs: fix double free in create_space_info_sub_group() error path
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46229
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482643
Bugzilla Description:
kernel: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46172
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482644
Bugzilla Description:
kernel: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46166
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482645
Bugzilla Description:
kernel: wifi: mac80211: use safe list iteration in radar detect work
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46124
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482646
Bugzilla Description:
kernel: isofs: validate block number from NFS file handle in isofs_export_iget
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46160
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482647
Bugzilla Description:
kernel: btrfs: fix missing last_unlink_trans update when removing a directory
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46122
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482648
Bugzilla Description:
kernel: wifi: b43: enforce bounds check on firmware key index in b43_rx()
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46199
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482649
Bugzilla Description:
kernel: drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46225
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482651
Bugzilla Description:
kernel: spi: rspi: fix controller deregistration
CVSS Score:
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46214
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482652
Bugzilla Description:
kernel: vsock/virtio: fix accept queue count leak on transport mismatch
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46135
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482654
Bugzilla Description:
kernel: nvmet-tcp: fix race between ICReq handling and queue teardown
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46129
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482655
Bugzilla Description:
kernel: btrfs: fix double free in create_space_info() error path
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46138
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482656
Bugzilla Description:
kernel: Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46226
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482657
Bugzilla Description:
kernel: spi: fsl: fix controller deregistration
CVSS Score:
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46128
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482659
Bugzilla Description:
kernel: ipmi: Check event message buffer response for bad data
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46155
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482660
Bugzilla Description:
kernel: smb/client: fix out-of-bounds read in smb2_compound_op()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46108
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482661
Bugzilla Description:
kernel: ipmi:si: Return state to normal if message allocation fails
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46130
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482662
Bugzilla Description:
kernel: dm-verity-fec: fix reading parity bytes split across blocks (take 3)
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8643
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2460927
Bugzilla Description:
python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-22
Affected Packages:
Package States: Exploit Intelligence,Migration Toolkit for Applications 8,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 3,Pen Drive Powered by Red Hat Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,
Full Details
CVE document
CVE-2026-9704
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481877
Bugzilla Description:
keycloak: Keycloak: Privilege escalation due to oversized subject_token JWT
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-1933
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2447317
Bugzilla Description:
samba: Missing access check on reparse point operations
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-2340
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2447318
Bugzilla Description:
samba: vfs_worm does not block directory modification
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-280
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-9689
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481845
Bugzilla Description:
keycloak: org.keycloak.protocol.oidc: HTTP Parameter Pollution in OIDC redirect URI allows response parameter duplication - #GHI-604
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-3012
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2447319
Bugzilla Description:
samba: group policy certificate enrollment uses http:// without validation
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-345
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-48962
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481767
Bugzilla Description:
perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-10007
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla:
Bugzilla Description:
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-45981
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla:
Bugzilla Description:
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45840
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481862
Bugzilla Description:
kernel: openvswitch: cap upcall PID array size and pre-size vport replies
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45842
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481863
Bugzilla Description:
kernel: slip: reject VJ receive packets on instances with no rstate array
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45844
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481864
Bugzilla Description:
kernel: netfilter: arp_tables: fix IEEE1394 ARP payload parsing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45839
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481865
Bugzilla Description:
kernel: bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec()
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45845
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481866
Bugzilla Description:
kernel: net/sched: taprio: fix NULL pointer dereference in class dump
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45841
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481867
Bugzilla Description:
kernel: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45846
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481868
Bugzilla Description:
kernel: bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45843
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481869
Bugzilla Description:
kernel: slip: bound decode() reads against the compressed packet length
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45838
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481870
Bugzilla Description:
kernel: bpf: fix end-of-list detection in cgroup_storage_get_next_key()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45837
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481871
Bugzilla Description:
kernel: bpf: Fix use-after-free in arena_vm_close on fork
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45886
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481904
Bugzilla Description:
kernel: bpf: Fix bpf_xdp_store_bytes proto for read-only arg
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45932
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481905
Bugzilla Description:
kernel: bpf: Fix tcx/netkit detach permissions when prog fd isn't given
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46001
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481906
Bugzilla Description:
kernel: hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data()
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46020
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481907
Bugzilla Description:
kernel: mm/damon/core: validate damos_quota_goal->nid for node_mem_{used,free}_bp
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45949
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481908
Bugzilla Description:
kernel: hwrng: core - use RCU and work_struct to fix race condition
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45869
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481909
Bugzilla Description:
kernel: power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45924
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481910
Bugzilla Description:
kernel: ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45925
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481911
Bugzilla Description:
kernel: thermal/of: Fix reference leak in thermal_of_cm_lookup()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46011
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481912
Bugzilla Description:
kernel: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45876
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481913
Bugzilla Description:
kernel: arm64/gcs: Fix error handling in arch_set_shadow_stack_status()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45963
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481914
Bugzilla Description:
kernel: ASoC: nau8821: Cancel delayed work on component remove
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45992
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481915
Bugzilla Description:
kernel: ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46060
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481917
Bugzilla Description:
kernel: crypto: qat - fix IRQ cleanup on 6xxx probe failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46035
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481918
Bugzilla Description:
kernel: mm/page_alloc: return NULL early from alloc_frozen_pages_nolock() in NMI on UP
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45853
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481919
Bugzilla Description:
kernel: drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges()
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46084
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481920
Bugzilla Description:
kernel: RDMA/mana_ib: Disable RX steering on RSS QP destroy
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46068
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481921
Bugzilla Description:
kernel: crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45984
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481922
Bugzilla Description:
kernel: gfs2: Fix use-after-free in iomap inline data write path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46072
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481923
Bugzilla Description:
kernel: ntfs3: add buffer boundary checks to run_unpack()
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45922
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481924
Bugzilla Description:
kernel: RDMA/mlx5: Fix memory leak in GET_DATA_DIRECT_SYSFS_PATH handler
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46024
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481926
Bugzilla Description:
kernel: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45996
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481927
Bugzilla Description:
kernel: spi: imx: fix use-after-free on unbind
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46080
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481928
Bugzilla Description:
kernel: ocfs2: split transactions in dio completion to avoid credit exhaustion
CVSS Score:
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71311
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481929
Bugzilla Description:
kernel: fs/ntfs3: Initialize new folios before use
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45918
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481930
Bugzilla Description:
kernel: ovpn: tcp - don't deref NULL sk_socket member after tcp_close()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46046
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481931
Bugzilla Description:
kernel: ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45973
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481932
Bugzilla Description:
kernel: RDMA/mlx5: Fix UMR hang in LAG error state unload
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45864
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481933
Bugzilla Description:
kernel: fs/ntfs3: prevent infinite loops caused by the next valid being the same
CVSS Score:
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46039
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481934
Bugzilla Description:
kernel: rxgk: Fix potential integer overflow in length check
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45975
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481935
Bugzilla Description:
kernel: ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46015
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481936
Bugzilla Description:
kernel: tcp: call sk_data_ready() after listener migration
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45952
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481937
Bugzilla Description:
kernel: eth: fbnic: Add validation for MTU changes
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46093
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481938
Bugzilla Description:
kernel: mm/vmalloc: take vmap_purge_lock in shrinker
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46006
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481939
Bugzilla Description:
kernel: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45894
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481940
Bugzilla Description:
kernel: iommu/vt-d: Clear Present bit before tearing down PASID entry
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71305
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481941
Bugzilla Description:
kernel: drm/display/dp_mst: Add protection against 0 vcpi
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1335
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71307
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481942
Bugzilla Description:
kernel: drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45873
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481943
Bugzilla Description:
kernel: netfilter: nft_set_rbtree: check for partial overlaps in anonymous sets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46059
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481944
Bugzilla Description:
kernel: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-841
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46079
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481945
Bugzilla Description:
kernel: rbd: fix null-ptr-deref when device_add_disk() fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45875
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481946
Bugzilla Description:
kernel: mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45896
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481947
Bugzilla Description:
kernel: mtd: intel-dg: Fix accessing regions before setting nregions
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45959
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481948
Bugzilla Description:
kernel: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45934
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481949
Bugzilla Description:
kernel: btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45917
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481951
Bugzilla Description:
kernel: ipvs: do not keep dest_dst if dev is going down
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45905
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481952
Bugzilla Description:
kernel: xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45902
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481953
Bugzilla Description:
kernel: power: supply: bq256xx: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46025
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481954
Bugzilla Description:
kernel: mm/damon/core: fix damon_call() vs kdamond_fn() exit race
CVSS Score:
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46022
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481955
Bugzilla Description:
kernel: misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45956
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481956
Bugzilla Description:
kernel: drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()
CVSS Score:
Vector:
CWE: CWE-466
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46051
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481957
Bugzilla Description:
kernel: md/raid5: fix soft lockup in retry_aligned_read()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45962
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481958
Bugzilla Description:
kernel: ublk: Validate SQE128 flag before accessing the cmd
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45966
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481959
Bugzilla Description:
kernel: apparmor: fix NULL pointer dereference in __unix_needs_revalidation
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46034
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481960
Bugzilla Description:
kernel: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45935
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481961
Bugzilla Description:
kernel: fs/ntfs3: Fix slab-out-of-bounds read in DeleteIndexEntryRoot
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45990
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481962
Bugzilla Description:
kernel: slub: fix data loss and overflow in krealloc()
CVSS Score:
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46057
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481963
Bugzilla Description:
kernel: landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork()
CVSS Score:
Vector:
CWE: CWE-281
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45948
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481964
Bugzilla Description:
kernel: ext4: fix memory leak in ext4_ext_shift_extents()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45944
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481965
Bugzilla Description:
kernel: iommu/vt-d: Clear Present bit before tearing down context entry
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46053
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481966
Bugzilla Description:
kernel: net: rds: fix MR cleanup on copy error
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45920
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481967
Bugzilla Description:
kernel: ext4: fix dirtyclusters double decrement on fs shutdown
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46045
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481969
Bugzilla Description:
kernel: md/md-llbitmap: skip reading rdevs that are not in_sync
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45974
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481970
Bugzilla Description:
kernel: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46100
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481971
Bugzilla Description:
kernel: fs: afs: revert mmap_prepare() change
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46099
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481972
Bugzilla Description:
kernel: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45972
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481973
Bugzilla Description:
kernel: smb: client: fix potential UAF and double free in smb2_open_file()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46077
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481974
Bugzilla Description:
kernel: crypto: atmel-tdes - fix DMA sync direction
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45982
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481975
Bugzilla Description:
kernel: ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45928
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481976
Bugzilla Description:
kernel: media: chips-media: wave5: Fix memory leak on codec_info allocation failure
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45977
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481977
Bugzilla Description:
kernel: fbnic: close fw_log race between users and teardown
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45865
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481978
Bugzilla Description:
kernel: mctp i2c: initialise event handler read bytes
CVSS Score:
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46016
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481979
Bugzilla Description:
kernel: remoteproc: xlnx: Only access buffer information if IPI is buffered
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46090
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481980
Bugzilla Description:
kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45919
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481981
Bugzilla Description:
kernel: sched/rt: Skip currently executing CPU in rto_next_cpu()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45885
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481982
Bugzilla Description:
kernel: power: supply: cpcap-battery: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45983
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481983
Bugzilla Description:
kernel: nfsd: never defer requests during idmap lookup
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45995
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481984
Bugzilla Description:
kernel: io_uring/zcrx: fix user_struct uaf
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45868
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481985
Bugzilla Description:
kernel: pinctrl: single: fix refcount leak in pcs_add_gpio_func()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46086
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481989
Bugzilla Description:
kernel: net: bridge: use a stable FDB dst snapshot in RCU readers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45938
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481990
Bugzilla Description:
kernel: power: supply: pm8916_lbc: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45993
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481991
Bugzilla Description:
kernel: LoongArch: Add spectre boundry for syscall dispatch table
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46076
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481992
Bugzilla Description:
kernel: KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-475
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46058
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481993
Bugzilla Description:
kernel: media: amphion: Fix race between m2m job_abort and device_run
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45859
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481994
Bugzilla Description:
kernel: netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46067
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481995
Bugzilla Description:
kernel: mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45892
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481996
Bugzilla Description:
kernel: ext4: drop extent cache after doing PARTIAL_VALID1 zeroout
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45955
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481998
Bugzilla Description:
kernel: md/md-llbitmap: fix percpu_ref not resurrected on suspend timeout
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46063
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2481999
Bugzilla Description:
kernel: x86/shstk: Prevent deadlock during shstk sigreturn
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46033
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482000
Bugzilla Description:
kernel: crypto: authencesn - reject short ahash digests during instance creation
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45908
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482001
Bugzilla Description:
kernel: accel/amdxdna: Fix memory leak in amdxdna_ubuf_map
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45985
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482002
Bugzilla Description:
kernel: ext4: don't set EXT4_GET_BLOCKS_CONVERT when splitting before submitting I/O
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46055
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482003
Bugzilla Description:
kernel: apparmor: Fix string overrun due to missing termination
CVSS Score:
Vector:
CWE: CWE-170
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46018
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482004
Bugzilla Description:
kernel: ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45970
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482006
Bugzilla Description:
kernel: bonding: alb: fix UAF in rlb_arp_recv during bond up/down
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46096
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482007
Bugzilla Description:
kernel: tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46023
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482008
Bugzilla Description:
kernel: dm mirror: fix integer overflow in create_dirty_log()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45881
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482009
Bugzilla Description:
kernel: soc: mediatek: svs: Fix memory leak in svs_enable_debug_write()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45930
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482010
Bugzilla Description:
kernel: net: mctp: ensure our nlmsg responses are initialised
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45912
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482011
Bugzilla Description:
kernel: ext4: don't cache extent during splitting extent
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45957
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482013
Bugzilla Description:
kernel: rcu: Fix rcu_read_unlock() deadloop due to softirq
CVSS Score:
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45968
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482014
Bugzilla Description:
kernel: cpuidle: Skip governor when only one idle state is available
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-788
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71303
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482015
Bugzilla Description:
kernel: accel/amdxdna: Fix race condition when checking rpm_on
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71304
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482016
Bugzilla Description:
kernel: smack: /smack/doi: accept previously used values
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45921
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482017
Bugzilla Description:
kernel: mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45960
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482018
Bugzilla Description:
kernel: hfsplus: return error when node already exists in hfs_bnode_create
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46047
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482019
Bugzilla Description:
kernel: net: qrtr: ns: Fix use-after-free in driver remove()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45888
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482020
Bugzilla Description:
kernel: md/raid1: fix memory leak in raid1_run()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45909
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482021
Bugzilla Description:
kernel: clk: mediatek: Drop __initconst from gates
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45850
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482022
Bugzilla Description:
kernel: ipvs: skip ipv6 extension headers for csum checks
CVSS Score:
Vector:
CWE: CWE-354
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46049
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482023
Bugzilla Description:
kernel: ALSA: ctxfi: Add fallback to default RSR for S/PDIF
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1095
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45998
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482024
Bugzilla Description:
kernel: rxrpc: Fix potential UAF after skb_unshare() failure
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46054
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482025
Bugzilla Description:
kernel: selinux: fix overlayfs mmap() and mprotect() access checks
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-280
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46008
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482026
Bugzilla Description:
kernel: mm/damon/core: fix damos_walk() vs kdamond_fn() exit race
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46066
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482027
Bugzilla Description:
kernel: ceph: fix num_ops off-by-one when crypto allocation fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46052
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482028
Bugzilla Description:
kernel: ceph: only d_add() negative dentries when they are unhashed
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-464
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46042
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482029
Bugzilla Description:
kernel: mm/mempolicy: fix memory leaks in weighted_interleave_auto_store()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45939
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482030
Bugzilla Description:
kernel: gpib: Fix memory leak in ni_usb_init()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45898
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482031
Bugzilla Description:
kernel: RDMA/iwcm: Fix workqueue list corruption by removing work_list
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46040
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482032
Bugzilla Description:
kernel: inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46032
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482033
Bugzilla Description:
kernel: KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXIT
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-248
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46083
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482034
Bugzilla Description:
kernel: spi: fix resource leaks on device setup failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45882
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482035
Bugzilla Description:
kernel: power: supply: pm8916_bms_vm: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45946
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482036
Bugzilla Description:
kernel: power: supply: ab8500: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45863
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482037
Bugzilla Description:
kernel: i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45994
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482038
Bugzilla Description:
kernel: ibmasm: fix OOB reads in command_file_write due to missing size checks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45997
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482039
Bugzilla Description:
kernel: scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45849
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482040
Bugzilla Description:
kernel: net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()
CVSS Score:
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45871
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482041
Bugzilla Description:
kernel: tpm: st33zp24: Fix missing cleanup on get_burstcount() error
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45887
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482042
Bugzilla Description:
kernel: af_unix: Fix memleak of newsk in unix_stream_connect()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45969
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482043
Bugzilla Description:
kernel: HID: playstation: Add missing check for input_ff_create_memless
CVSS Score:
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45900
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482044
Bugzilla Description:
kernel: crypto: caam - fix netdev memory leak in dpaa2_caam_probe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45867
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482045
Bugzilla Description:
kernel: power: supply: act8945a: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45897
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482046
Bugzilla Description:
kernel: netfilter: nft_counter: serialize reset with spinlock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45929
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482047
Bugzilla Description:
kernel: ovpn: fix possible use-after-free in ovpn_net_xmit
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45899
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482048
Bugzilla Description:
kernel: ext4: drop extent cache when splitting extent fails
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45926
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482049
Bugzilla Description:
kernel: rust: pwm: Fix potential memory leak on init error
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46071
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482050
Bugzilla Description:
kernel: KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-440
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45901
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482051
Bugzilla Description:
kernel: netfilter: nf_tables: revert commit_mutex usage in reset path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45915
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482052
Bugzilla Description:
kernel: fat: avoid parent link count underflow in rmdir
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45947
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482055
Bugzilla Description:
kernel: drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46098
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482056
Bugzilla Description:
kernel: net: caif: clear client service pointer on teardown
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45890
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482057
Bugzilla Description:
kernel: xen-netback: reject zero-queue configuration from guest
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45953
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482058
Bugzilla Description:
kernel: md/raid5: fix IO hang with degraded array with llbitmap
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46088
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482059
Bugzilla Description:
kernel: ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46038
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482060
Bugzilla Description:
kernel: net: qrtr: ns: Free the node during ctrl_cmd_bye()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46037
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482061
Bugzilla Description:
kernel: ipv4: icmp: validate reply type before using icmp_pointers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45950
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482062
Bugzilla Description:
kernel: crypto: starfive - Fix memory leak in starfive_aes_aead_do_one_req()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46103
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482063
Bugzilla Description:
kernel: can: ucan: fix devres lifetime
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46005
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482064
Bugzilla Description:
kernel: xfs: fix a resource leak in xfs_alloc_buftarg()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46030
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482065
Bugzilla Description:
kernel: EDAC/versalnet: Fix device_node leak in mc_probe()
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45943
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482067
Bugzilla Description:
kernel: erofs: fix inline data read failure for ztailpacking pclusters
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46075
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482068
Bugzilla Description:
kernel: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45965
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482069
Bugzilla Description:
kernel: apparmor: fix invalid deref of rawdata when export_binary is unset
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45976
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482071
Bugzilla Description:
kernel: drm/amdgpu: Fix memory leak in amdgpu_ras_init()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45893
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482072
Bugzilla Description:
kernel: apparmor: Fix & Optimize table creation from possibly unaligned memory
CVSS Score:
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45907
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482073
Bugzilla Description:
kernel: net/mlx5e: Fix deadlocks between devlink and netdev instance locks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46095
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482074
Bugzilla Description:
kernel: md/md-llbitmap: raise barrier before state machine transition
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45936
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482075
Bugzilla Description:
kernel: power: supply: goldfish: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45941
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482076
Bugzilla Description:
kernel: tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46036
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482077
Bugzilla Description:
kernel: vfio/cdx: Serialize VFIO_DEVICE_SET_IRQS with a per-device mutex
CVSS Score:
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46028
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482078
Bugzilla Description:
kernel: crypto: algif_aead - snapshot IV for async AEAD requests
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45980
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482079
Bugzilla Description:
kernel: accel/amdxdna: Stop job scheduling across aie2_release_resource()
CVSS Score:
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46091
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482080
Bugzilla Description:
kernel: media: rc: igorplugusb: heed coherency rules
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46002
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482081
Bugzilla Description:
kernel: ext2: reject inodes with zero i_nlink and valid mode in ext2_iget()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46004
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482082
Bugzilla Description:
kernel: ALSA: caiaq: Handle probe errors properly
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45866
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482083
Bugzilla Description:
kernel: serial: caif: fix use-after-free in caif_serial ldisc_close()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46097
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482084
Bugzilla Description:
kernel: Input: edt-ft5x06 - fix use-after-free in debugfs teardown
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46061
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482085
Bugzilla Description:
kernel: jbd2: fix deadlock in jbd2_journal_cancel_revoke()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46041
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482086
Bugzilla Description:
kernel: greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames()
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46013
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482087
Bugzilla Description:
kernel: mm/memfd_luo: fix physical address conversion in put_folios cleanup
CVSS Score:
Vector:
CWE: CWE-681
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45964
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482088
Bugzilla Description:
kernel: SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46003
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482089
Bugzilla Description:
kernel: net: qrtr: ns: Limit the total number of nodes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71309
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482090
Bugzilla Description:
kernel: fs/ntfs3: fix deadlock in ni_read_folio_cmpr
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46044
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482091
Bugzilla Description:
kernel: ipmi:ssif: Clean up kthread on errors
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46026
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482092
Bugzilla Description:
kernel: net: qrtr: ns: Limit the maximum number of lookups
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45979
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482094
Bugzilla Description:
kernel: drm/amdgpu: clean up the amdgpu_cs_parser_bos
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46019
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482095
Bugzilla Description:
kernel: crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45862
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482096
Bugzilla Description:
kernel: iommu/vt-d: Flush cache for PASID table before using it
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46017
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482097
Bugzilla Description:
kernel: mm: fix deferred split queue races during migration
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45910
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482098
Bugzilla Description:
kernel: RDMA/rxe: Fix race condition in QP timer handlers
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45879
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482099
Bugzilla Description:
kernel: power: supply: bq25980: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45858
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482100
Bugzilla Description:
kernel: ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-909
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-45961
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482101
Bugzilla Description:
kernel: gfs2: fix memory leaks in gfs2_fill_super error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45923
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482103
Bugzilla Description:
kernel: net: usb: catc: enable basic endpoint checking
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45942
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482104
Bugzilla Description:
kernel: ext4: fix e4b bitmap inconsistency reports
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45967
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482105
Bugzilla Description:
kernel: bpf: Return proper address for non-zero offsets in insn array
CVSS Score:
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46050
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482106
Bugzilla Description:
kernel: md/raid10: fix deadlock with check operation and nowait requests
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45880
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482107
Bugzilla Description:
kernel: PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45911
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482108
Bugzilla Description:
kernel: usb: cdns3: fix role switching during resume
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46082
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482109
Bugzilla Description:
kernel: KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46000
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482110
Bugzilla Description:
kernel: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-319
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46089
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482111
Bugzilla Description:
kernel: zram: do not forget to endio for partial discard requests
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45883
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482112
Bugzilla Description:
kernel: iio: sca3000: Fix a resource leak in sca3000_probe()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45991
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482113
Bugzilla Description:
kernel: udf: fix partition descriptor append bookkeeping
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45931
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482114
Bugzilla Description:
kernel: accel/amdxdna: Hold mm structure across iommu_sva_unbind_device()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45860
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482115
Bugzilla Description:
kernel: netfilter: nf_conncount: increase the connection clean up limit to 64
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46069
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482116
Bugzilla Description:
kernel: wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46102
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482117
Bugzilla Description:
kernel: net: strparser: fix skb_head leak in strp_abort_strp()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46021
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482118
Bugzilla Description:
kernel: thermal: core: Fix thermal zone governor cleanup issues
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46048
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482119
Bugzilla Description:
kernel: ALSA: caiaq: fix usb_dev refcount leak on probe failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45874
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482121
Bugzilla Description:
kernel: phy: freescale: imx8qm-hsio: fix NULL pointer dereference
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45988
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482123
Bugzilla Description:
kernel: rxrpc: Fix re-decryption of RESPONSE packets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45878
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482124
Bugzilla Description:
kernel: drm/amdkfd: Fix watch_id bounds checking in debug address watch v2
CVSS Score:
Vector:
CWE: CWE-681
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45903
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482125
Bugzilla Description:
kernel: bpf: Fix memory access flags in helper prototypes
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-733
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46031
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482126
Bugzilla Description:
kernel: net: ks8851: Reinstate disabling of BHs around IRQ handler
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46043
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482127
Bugzilla Description:
kernel: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46014
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482128
Bugzilla Description:
kernel: KVM: SVM: Add missing save/restore handling of LBR MSRs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45856
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482129
Bugzilla Description:
kernel: RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71312
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482130
Bugzilla Description:
kernel: fs/ntfs3: fix ntfs_mount_options leak in ntfs_fill_super()
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45884
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482132
Bugzilla Description:
kernel: apparmor: avoid per-cpu hold underflow in aa_get_buffer
CVSS Score:
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45989
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482133
Bugzilla Description:
kernel: of: unittest: fix use-after-free in testdrv_probe()
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45951
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482134
Bugzilla Description:
kernel: bpf: Fix a potential use-after-free of BTF object
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46081
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482135
Bugzilla Description:
kernel: crypto: acomp - fix wrong pointer stored by acomp_save_req()
CVSS Score:
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46078
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482136
Bugzilla Description:
kernel: erofs: fix the out-of-bounds nameoff handling for trailing dirents
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71308
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482137
Bugzilla Description:
kernel: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45851
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482138
Bugzilla Description:
kernel: efi: Fix reservation of unaccepted memory table
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46065
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482139
Bugzilla Description:
kernel: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46101
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482140
Bugzilla Description:
kernel: netfilter: reject zero shift in nft_bitwise
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1335
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46087
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482141
Bugzilla Description:
kernel: mm/damon/stat: fix memory leak on damon_start() failure in damon_stat_start()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46085
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482142
Bugzilla Description:
kernel: rxrpc: Fix rxkad crypto unalignment handling
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45861
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482143
Bugzilla Description:
kernel: gfs2: Fix slab-use-after-free in qd_put
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45877
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482144
Bugzilla Description:
kernel: HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clients
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45971
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482145
Bugzilla Description:
kernel: bpf: Limit bpf program signature size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45954
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482146
Bugzilla Description:
kernel: fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46094
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482148
Bugzilla Description:
kernel: ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45854
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482149
Bugzilla Description:
kernel: crypto: inside-secure/eip93 - unregister only available algorithm
CVSS Score:
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46062
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482150
Bugzilla Description:
kernel: ntfs3: fix integer overflow in run_unpack() volume boundary check
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45999
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482151
Bugzilla Description:
kernel: erofs: fix unsigned underflow in z_erofs_lz4_handle_overlap()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45906
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482152
Bugzilla Description:
kernel: power: supply: pf1550: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45916
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482154
Bugzilla Description:
kernel: power: supply: sbs-battery: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45958
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482155
Bugzilla Description:
kernel: drm/exynos: vidi: fix to avoid directly dereferencing user pointer
CVSS Score:
Vector:
CWE: CWE-822
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45904
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482156
Bugzilla Description:
kernel: powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45872
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482157
Bugzilla Description:
kernel: scsi: smartpqi: Fix memory leak in pqi_report_phys_luns()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45870
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482158
Bugzilla Description:
kernel: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46009
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482159
Bugzilla Description:
kernel: PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown
CVSS Score:
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45847
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482161
Bugzilla Description:
kernel: net: remove WARN_ON_ONCE when accessing forward path array
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46092
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482162
Bugzilla Description:
kernel: wifi: rtw88: check for PCI upstream bridge existence
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45855
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482163
Bugzilla Description:
kernel: ata: libata-scsi: avoid Non-NCQ command starvation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45940
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482164
Bugzilla Description:
kernel: net: stmmac: fix oops when split header is enabled
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46073
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482165
Bugzilla Description:
kernel: hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt
CVSS Score:
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45852
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482166
Bugzilla Description:
kernel: RDMA/rxe: Fix double free in rxe_srq_from_init
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45913
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482167
Bugzilla Description:
kernel: net: bridge: mcast: always update mdb_n_entries for vlan contexts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46027
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482168
Bugzilla Description:
kernel: net/smc: avoid early lgr access in smc_clc_wait_msg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45895
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482169
Bugzilla Description:
kernel: quota: fix livelock between quotactl and freeze_super
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45889
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482170
Bugzilla Description:
kernel: mptcp: do not account for OoO in mptcp_rcvbuf_grow()
CVSS Score:
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45937
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482171
Bugzilla Description:
kernel: crypto: inside-secure/eip93 - fix kernel panic in driver detach
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45914
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482172
Bugzilla Description:
kernel: Revert "hwmon: (ibmpex) fix use-after-free in high/low store"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46070
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482173
Bugzilla Description:
kernel: md/raid5: validate payload size before accessing journal metadata
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46012
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482174
Bugzilla Description:
kernel: rxrpc: Fix memory leaks in rxkad_verify_response()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46029
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482175
Bugzilla Description:
kernel: mm/slab: return NULL early from kmalloc_nolock() in NMI on UP
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45987
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482176
Bugzilla Description:
kernel: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46007
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482177
Bugzilla Description:
kernel: hwmon: (powerz) Avoid cacheline sharing for DMA buffer
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45927
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482178
Bugzilla Description:
kernel: bpf: Require frozen map for calculating map hash
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46010
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482180
Bugzilla Description:
kernel: rxrpc: Fix error handling in rxgk_extract_token()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46056
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482181
Bugzilla Description:
kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46074
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482182
Bugzilla Description:
kernel: spi: ch341: fix memory leaks on probe failures
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45891
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482184
Bugzilla Description:
kernel: net: hns3: fix double free issue for tx spare buffer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45945
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482185
Bugzilla Description:
kernel: iommu/vt-d: Fix race condition during PASID entry replacement
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45986
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482186
Bugzilla Description:
kernel: crypto: ccree - fix a memory leak in cc_mac_digest()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45857
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482187
Bugzilla Description:
kernel: scsi: csiostor: Fix dereference of null pointer rn
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45848
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482188
Bugzilla Description:
kernel: apparmor: fix NULL sock in aa_sock_file_perm
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71306
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482189
Bugzilla Description:
kernel: ima: Fix stack-out-of-bounds in is_bprm_creds_for_exec()
CVSS Score:
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-46064
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482190
Bugzilla Description:
kernel: ibmasm: fix heap over-read in ibmasm_send_i2o_message()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45978
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2482193
Bugzilla Description:
kernel: staging: greybus: lights: avoid NULL deref
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45933
Severity: low
Released on: 27/05/2026
Advisory:
Bugzilla: 2482194
Bugzilla Description:
kernel: bpf: Preserve id of register in sync_linked_regs()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-9990
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482966
Bugzilla Description:
chromium-browser: Use after free in WebAppInstalls
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9938
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482967
Bugzilla Description:
chromium-browser: Inappropriate implementation in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-94
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9976
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482968
Bugzilla Description:
chromium-browser: Inappropriate implementation in USB
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-94
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9980
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482969
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Printing
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9917
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482970
Bugzilla Description:
chromium-browser: Uninitialized Use in WebGL
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9957
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482972
Bugzilla Description:
chromium-browser: Use after free in PDF
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9923
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482973
Bugzilla Description:
chromium-browser: Use after free in Skia
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10004
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482974
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Passwords
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10020
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482975
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Skia
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9930
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482976
Bugzilla Description:
chromium-browser: Out of bounds write in Dawn
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9915
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482977
Bugzilla Description:
chromium-browser: Heap buffer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9887
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2482978
Bugzilla Description:
chromium-browser: Use after free in Proxy
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9881
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2482979
Bugzilla Description:
chromium-browser: Use after free in Bluetooth
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10021
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482980
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in USB
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10013
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482981
Bugzilla Description:
chromium-browser: Use after free in WebCodecs
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9885
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2482982
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in UI
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9875
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2482983
Bugzilla Description:
chromium-browser: Out of bounds read in WebGL
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9928
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482984
Bugzilla Description:
chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9970
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482985
Bugzilla Description:
chromium-browser: Use after free in WebGL
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9932
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482986
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9904
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482987
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9874
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2482988
Bugzilla Description:
chromium-browser: Use after free in Dawn
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9922
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482989
Bugzilla Description:
chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9959
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482990
Bugzilla Description:
chromium-browser: Race in WebRTC
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-366
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9951
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482991
Bugzilla Description:
chromium-browser: Use after free in UI
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10000
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482992
Bugzilla Description:
chromium-browser: Use after free in Passwords
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9986
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482993
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in OptimizationGuide
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10018
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482995
Bugzilla Description:
chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9905
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482996
Bugzilla Description:
chromium-browser: Use after free in Accessibility
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9879
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2482997
Bugzilla Description:
chromium-browser: Out of bounds write in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9889
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2482998
Bugzilla Description:
chromium-browser: Out of bounds read and write in Dawn
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9899
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482999
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-364
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9940
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483000
Bugzilla Description:
chromium-browser: Heap buffer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-131
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9925
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483001
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9888
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483002
Bugzilla Description:
chromium-browser: Use after free in WebView
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9872
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483003
Bugzilla Description:
chromium-browser: Out of bounds write in GPU
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9934
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483004
Bugzilla Description:
chromium-browser: Use after free in Aura
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9939
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483005
Bugzilla Description:
chromium-browser: Heap buffer overflow in WebCodecs
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9948
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483006
Bugzilla Description:
chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9965
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483007
Bugzilla Description:
chromium-browser: Out of bounds write in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9994
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483008
Bugzilla Description:
chromium-browser: Use after free in Core
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9920
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483009
Bugzilla Description:
chromium-browser: Uninitialized Use in GPU
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10003
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483010
Bugzilla Description:
chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9926
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483011
Bugzilla Description:
chromium-browser: Heap buffer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9877
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483012
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9927
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483013
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9946
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483014
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9999
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483015
Bugzilla Description:
chromium-browser: Inappropriate implementation in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-94
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9882
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483016
Bugzilla Description:
chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9891
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483017
Bugzilla Description:
chromium-browser: Use after free in Extensions
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9910
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483018
Bugzilla Description:
chromium-browser: Out of bounds memory access in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9890
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483019
Bugzilla Description:
chromium-browser: Use after free in XR
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10006
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483020
Bugzilla Description:
chromium-browser: Race in WebAudio
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10022
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2483021
Bugzilla Description:
chromium-browser: Type Confusion in V8
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9958
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483022
Bugzilla Description:
chromium-browser: Use after free in PDFium
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9909
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483023
Bugzilla Description:
chromium-browser: Integer overflow in Skia
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9985
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483024
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Media
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10008
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483025
Bugzilla Description:
chromium-browser: Uninitialized Use in GPU
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9876
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483026
Bugzilla Description:
chromium-browser: Use after free in WebGL
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9908
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483027
Bugzilla Description:
chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9924
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483028
Bugzilla Description:
chromium-browser: Heap buffer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9977
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483030
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in WebShare
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9988
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483031
Bugzilla Description:
chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9993
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483032
Bugzilla Description:
chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9896
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483033
Bugzilla Description:
chromium-browser: Out of bounds write in V8
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10012
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483035
Bugzilla Description:
chromium-browser: Use after free in Skia
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-364
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9944
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483036
Bugzilla Description:
chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9898
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483037
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9933
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483038
Bugzilla Description:
chromium-browser: Use after free in Input
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9953
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483039
Bugzilla Description:
chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9931
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483040
Bugzilla Description:
chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9975
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483041
Bugzilla Description:
chromium-browser: Out of bounds read and write in ANGLE
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9982
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483042
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in ANGLE
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9918
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483043
Bugzilla Description:
chromium-browser: Inappropriate implementation in Tint
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9984
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483044
Bugzilla Description:
chromium-browser: Use after free in UI
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9893
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483045
Bugzilla Description:
chromium-browser: Use after free in Skia
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9987
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483046
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in WebAppInstalls
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10002
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483047
Bugzilla Description:
chromium-browser: Use after free in PDFium
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9903
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483048
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Site Isolation
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9914
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483049
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9947
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483050
Bugzilla Description:
chromium-browser: Use after free in XML
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9996
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483051
Bugzilla Description:
chromium-browser: Out of bounds read in WebRTC
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9966
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483052
Bugzilla Description:
chromium-browser: Integer overflow in XML
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9936
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483055
Bugzilla Description:
chromium-browser: Use after free in GFX
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9981
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483056
Bugzilla Description:
chromium-browser: Inappropriate implementation in Skia
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9941
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483057
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10019
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2483058
Bugzilla Description:
chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9878
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483059
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9901
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483060
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9960
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483061
Bugzilla Description:
chromium-browser: Integer overflow in PDFium
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9998
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483062
Bugzilla Description:
chromium-browser: Integer overflow in Skia
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10017
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2483063
Bugzilla Description:
chromium-browser: Out of bounds read in Headless
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9883
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483064
Bugzilla Description:
chromium-browser: Use after free in Base
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9995
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483065
Bugzilla Description:
chromium-browser: Use after free in WebXR
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9961
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483066
Bugzilla Description:
chromium-browser: Use after free in SurfaceCapture
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9900
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483067
Bugzilla Description:
chromium-browser: Out of bounds write in ANGLE
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9969
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483068
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9897
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483069
Bugzilla Description:
chromium-browser: Use after free in DOM
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10011
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483070
Bugzilla Description:
chromium-browser: Inappropriate implementation in Skia
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9954
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483071
Bugzilla Description:
chromium-browser: Use after free in TabStrip
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9886
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483072
Bugzilla Description:
chromium-browser: Use after free in Base
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9929
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483073
Bugzilla Description:
chromium-browser: Inappropriate implementation in WebGL
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9952
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483074
Bugzilla Description:
chromium-browser: Use after free in WebAudio
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9992
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483075
Bugzilla Description:
chromium-browser: Use after free in Network
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9907
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483076
Bugzilla Description:
chromium-browser: Out of bounds read in Dawn
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9978
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483077
Bugzilla Description:
chromium-browser: Use after free in Glic
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10015
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483078
Bugzilla Description:
chromium-browser: Integer overflow in WTF
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9989
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483079
Bugzilla Description:
chromium-browser: Inappropriate implementation in Media
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9935
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483080
Bugzilla Description:
chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10014
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483081
Bugzilla Description:
chromium-browser: Use after free in WebMIDI
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9979
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483082
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Input
CVSS Score:
CVSSv3 Score: 7.9
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9911
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483083
Bugzilla Description:
chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9921
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483084
Bugzilla Description:
chromium-browser: Uninitialized Use in WebGL
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9949
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483085
Bugzilla Description:
chromium-browser: Use after free in Core
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9964
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483086
Bugzilla Description:
chromium-browser: Use after free in Bluetooth
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9967
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483087
Bugzilla Description:
chromium-browser: Out of bounds write in GPU
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9913
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483088
Bugzilla Description:
chromium-browser: Inappropriate implementation in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-805
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9873
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483089
Bugzilla Description:
chromium-browser: Use after free in Network
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9906
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483090
Bugzilla Description:
chromium-browser: Out of bounds write in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9937
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483091
Bugzilla Description:
chromium-browser: Use after free in UI
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9912
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483092
Bugzilla Description:
chromium-browser: Inappropriate implementation in GPU
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9919
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483093
Bugzilla Description:
chromium-browser: Out of bounds read in WebGL
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9962
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483094
Bugzilla Description:
chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9968
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483095
Bugzilla Description:
chromium-browser: Integer overflow in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9895
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483096
Bugzilla Description:
chromium-browser: Out of bounds read in GPU
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9894
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483097
Bugzilla Description:
chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9880
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483098
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in WebGL
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9972
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483099
Bugzilla Description:
chromium-browser: Uninitialized Use in Gamepad
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10016
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483100
Bugzilla Description:
chromium-browser: Use after free in DOM
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9942
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483101
Bugzilla Description:
chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10005
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483102
Bugzilla Description:
chromium-browser: Use after free in WebAppInstalls
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9892
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483103
Bugzilla Description:
chromium-browser: Inappropriate implementation in Skia
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10010
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483104
Bugzilla Description:
chromium-browser: Inappropriate implementation in Input
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9974
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483105
Bugzilla Description:
chromium-browser: Out of bounds write in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9991
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483106
Bugzilla Description:
chromium-browser: Inappropriate implementation in Media
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10001
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483107
Bugzilla Description:
chromium-browser: Use after free in PerformanceManager
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9983
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483108
Bugzilla Description:
chromium-browser: Type Confusion in Skia
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9945
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483109
Bugzilla Description:
chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9884
Severity: critical
Released on: 27/05/2026
Advisory:
Bugzilla: 2483110
Bugzilla Description:
chromium-browser: Use after free in Browser
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9916
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483111
Bugzilla Description:
chromium-browser: Out of bounds write in ANGLE
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9973
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483112
Bugzilla Description:
chromium-browser: Out of bounds write in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9997
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483113
Bugzilla Description:
chromium-browser: Use after free in Input
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-10009
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483114
Bugzilla Description:
chromium-browser: Integer overflow in Skia
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9943
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483115
Bugzilla Description:
chromium-browser: Out of bounds read in WebGL
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9902
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2483116
Bugzilla Description:
chromium-browser: Use after free in Accessibility
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-48710
Severity: critical
Released on: 26/05/2026
Advisory:
Bugzilla: 2481742
Bugzilla Description:
starlette: Starlette: Security restriction bypass via malformed HTTP Host header
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1289
Affected Packages:
Package States: Exploit Intelligence,Migration Toolkit for Applications 8,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2026-48863
Severity: important
Released on: 26/05/2026
Advisory:
Bugzilla: 2460975
Bugzilla Description:
libsolv: Stack-based buffer overflow in libsolv EdDSA PGP signature verification allows denial of service
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document
CVE-2026-48864
Severity: moderate
Released on: 26/05/2026
Advisory: RHSA-2026:21333,
Bugzilla: 2460425
Bugzilla Description:
libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-787
Affected Packages: libsolv-main-0.7.38-2.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document
CVE-2026-4480
Severity: important
Released on: 26/05/2026
Advisory:
Bugzilla: 2452232
Bugzilla Description:
samba: Samba: Remote Code Execution in printing subsystem via unescaped job description
CVSS Score:
CVSSv3 Score: 8.5
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-7374
Severity: important
Released on: 26/05/2026
Advisory: RHSA-2026:20866, RHSA-2026:20767, RHSA-2026:20886, RHSA-2026:20975, RHSA-2026:20736, RHSA-2026:20825, RHSA-2026:20782, RHSA-2026:20890, RHSA-2026:20763, RHSA-2026:20720,
Bugzilla: 2463728
Bugzilla Description:
kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability
CVSS Score:
CVSSv3 Score: 9.9
Vector:
CWE: CWE-59
Affected Packages: container-native-virtualization/virt-handler:1779375376,container-native-virtualization/virt-handler-rhel9:1779288737,container-native-virtualization/virt-handler-rhel9:1779174925,container-native-virtualization/virt-handler-rhel9:1779289071,container-native-virtualization/virt-handler-rhel9:1779420069,container-native-virtualization/virt-handler-rhel9:1778859977,container-native-virtualization/virt-handler-rhel9:1778861274,container-native-virtualization/virt-handler-rhel9:1778999881,container-native-virtualization/virt-handler-rhel9:1779321599,container-native-virtualization/virt-handler-rhel9:1778887155,
Package States:
Full Details
CVE document
CVE-2026-3592
Severity: moderate
Released on: 26/05/2026
Advisory: RHSA-2026:20334,
Bugzilla: 2479768
Bugzilla Description:
bind: Amplification vulnerabilities via self-pointed glue records
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages: bind-main-9.18.49-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-5950
Severity: moderate
Released on: 26/05/2026
Advisory: RHSA-2026:20334,
Bugzilla: 2479773
Bugzilla Description:
bind: Unbounded resend loop in BIND 9 resolver
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-835
Affected Packages: bind-main-9.18.49-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-32792
Severity: moderate
Released on: 26/05/2026
Advisory: RHSA-2026:20357,
Bugzilla: 2479779
Bugzilla Description:
unbound: Packet of death with DNSCrypt
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE:
Affected Packages: unbound-main-1.25.1-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-4408
Severity: important
Released on: 26/05/2026
Advisory:
Bugzilla: 2479762
Bugzilla Description:
samba: Remote Code Execution in SAMR
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-45836
Severity: moderate
Released on: 26/05/2026
Advisory:
Bugzilla: 2481545
Bugzilla Description:
kernel: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45834
Severity: moderate
Released on: 26/05/2026
Advisory:
Bugzilla: 2481554
Bugzilla Description:
kernel: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45835
Severity: moderate
Released on: 26/05/2026
Advisory:
Bugzilla: 2481560
Bugzilla Description:
kernel: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-2651
Severity: critical
Released on: 25/05/2026
Advisory:
Bugzilla: 2481117
Bugzilla Description:
github.com/mlflow/mlflow: MLflow: Arbitrary code execution via unauthorized multipart upload access
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-9298
Severity: moderate
Released on: 23/05/2026
Advisory:
Bugzilla: 2480897
Bugzilla Description:
AMF: omec-project amf: Memory corruption vulnerability in PathSwitchRequest Handler
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI) 3,
Full Details
CVE document
CVE-2026-43503
Severity: important
Released on: 23/05/2026
Advisory:
Bugzilla: 2480902
Bugzilla Description:
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-664
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-9256
Severity: important
Released on: 22/05/2026
Advisory: RHSA-2026:20351,
Bugzilla: 2480746
Bugzilla Description:
nginx: ngx_http_rewrite_module: code execution and denial of service
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-122
Affected Packages: nginx-main-1.30.2-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Lightspeed proxy 1,
Full Details
CVE document
CVE-2026-9277
Severity: important
Released on: 22/05/2026
Advisory:
Bugzilla: 2480741
Bugzilla Description:
shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-78
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Containers,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat Build of Podman Desktop,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Self-service automation portal 2,
Full Details
CVE document
CVE-2026-5946
Severity: important
Released on: 21/05/2026
Advisory: RHSA-2026:20334,
Bugzilla: 2479771
Bugzilla Description:
bind: Invalid handling of CLASS != IN
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages: bind-main-9.18.49-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-3039
Severity: important
Released on: 21/05/2026
Advisory: RHSA-2026:20334,
Bugzilla: 2479767
Bugzilla Description:
bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages: bind-main-9.18.49-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-5947
Severity: important
Released on: 21/05/2026
Advisory: RHSA-2026:7412,
Bugzilla: 2479772
Bugzilla Description:
bind: SIG(0) validation during query flood may lead to undefined behavior
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-367
Affected Packages: bind-main-9.18.48-1.1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-3593
Severity: important
Released on: 21/05/2026
Advisory: RHSA-2026:7412,
Bugzilla: 2479770
Bugzilla Description:
bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-825
Affected Packages: bind-main-9.18.48-1.1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-2734
Severity: moderate
Released on: 21/05/2026
Advisory:
Bugzilla: 2480345
Bugzilla Description:
mlflow: mlflow: Information Disclosure via improper authorization checks
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-639
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-43494
Severity: important
Released on: 21/05/2026
Advisory:
Bugzilla: 2480434
Bugzilla Description:
kernel: net/rds: reset op_nents when zerocopy page pin fails
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43495
Severity:
Released on: 21/05/2026
Advisory:
Bugzilla: 2480452
Bugzilla Description:
kernel: net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43499
Severity:
Released on: 21/05/2026
Advisory:
Bugzilla: 2480453
Bugzilla Description:
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43498
Severity:
Released on: 21/05/2026
Advisory:
Bugzilla: 2480454
Bugzilla Description:
kernel: accel/ivpu: Disallow re-exporting imported GEM objects
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43502
Severity: moderate
Released on: 21/05/2026
Advisory:
Bugzilla: 2480456
Bugzilla Description:
kernel: net/rds: handle zerocopy send cleanup before the message is queued
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43501
Severity: important
Released on: 21/05/2026
Advisory:
Bugzilla: 2480457
Bugzilla Description:
kernel: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43497
Severity:
Released on: 21/05/2026
Advisory:
Bugzilla: 2480458
Bugzilla Description:
kernel: fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43496
Severity: low
Released on: 21/05/2026
Advisory:
Bugzilla: 2480459
Bugzilla Description:
kernel: net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-628
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-9150
Severity: moderate
Released on: 20/05/2026
Advisory:
Bugzilla: 2460379
Bugzilla Description:
libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document
CVE-2026-9149
Severity: moderate
Released on: 20/05/2026
Advisory:
Bugzilla: 2460380
Bugzilla Description:
libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document
CVE-2026-8632
Severity: important
Released on: 20/05/2026
Advisory:
Bugzilla: 2480297
Bugzilla Description:
HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8631
Severity: important
Released on: 20/05/2026
Advisory:
Bugzilla: 2480300
Bugzilla Description:
HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-47099
Severity: moderate
Released on: 20/05/2026
Advisory:
Bugzilla: 2480251
Bugzilla Description:
telejson: TeleJSON: Arbitrary code execution via DOM-based cross-site scripting
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States: Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-9087
Severity: moderate
Released on: 20/05/2026
Advisory:
Bugzilla: 2480172
Bugzilla Description:
keycloak: Cross-Session Email Verification Proof Not Bound to Upstream Identity in First-Broker-Login
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-639
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-33278
Severity: important
Released on: 20/05/2026
Advisory: RHSA-2026:19752,
Bugzilla: 2479808
Bugzilla Description:
unbound: Unbound DNSSEC Validator Use-After-Free via Deep Copy Pointer Overwrite Leading to DoS and Possible Remote Code Execution
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-416
Affected Packages: unbound-main-1.25.1-0.1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-42944
Severity: important
Released on: 20/05/2026
Advisory: RHSA-2026:19752,
Bugzilla: 2479774
Bugzilla Description:
unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages: unbound-main-1.25.1-0.1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-44608
Severity: moderate
Released on: 20/05/2026
Advisory: RHSA-2026:19752,
Bugzilla: 2480126
Bugzilla Description:
unbound: Unbound: Denial of Service due to locking inconsistency during RPZ XFR reload
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-367
Affected Packages: unbound-main-1.25.1-0.1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-9064
Severity: important
Released on: 20/05/2026
Advisory:
Bugzilla: 2480093
Bugzilla Description:
389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Directory Server 13,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-47784
Severity: moderate
Released on: 20/05/2026
Advisory:
Bugzilla: 2480088
Bugzilla Description:
memcached: Memcached: Information disclosure via timing side channel
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-208
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-47783
Severity: important
Released on: 20/05/2026
Advisory:
Bugzilla: 2480089
Bugzilla Description:
memcached: memcached: Username enumeration via timing side channel
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-208
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-45232
Severity: moderate
Released on: 20/05/2026
Advisory:
Bugzilla: 2480057
Bugzilla Description:
rsync: Rsync: Denial of Service via malformed HTTP proxy response
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-43618
Severity: important
Released on: 20/05/2026
Advisory:
Bugzilla: 2469054
Bugzilla Description:
rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-29518
Severity: important
Released on: 20/05/2026
Advisory:
Bugzilla: 2469055
Bugzilla Description:
rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-43620
Severity: moderate
Released on: 20/05/2026
Advisory:
Bugzilla: 2469057
Bugzilla Description:
rsync: rsync: Remote Denial of Service via Out-of-bounds Read
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-43619
Severity: moderate
Released on: 20/05/2026
Advisory:
Bugzilla: 2469058
Bugzilla Description:
rsync: rsync: Symlink race vulnerability allows unauthorized file operations
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-59
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-43617
Severity: moderate
Released on: 20/05/2026
Advisory:
Bugzilla: 2469060
Bugzilla Description:
rsync: rsync: Hostname-based ACL bypass in daemon chroot configuration
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-289
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-42959
Severity: important
Released on: 20/05/2026
Advisory: RHSA-2026:19752,
Bugzilla: 2479806
Bugzilla Description:
unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-824
Affected Packages: unbound-main-1.25.1-0.1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-42960
Severity: moderate
Released on: 20/05/2026
Advisory: RHSA-2026:20357,
Bugzilla: 2479821
Bugzilla Description:
unbound: Unbound DNS Cache Poisoning via Promiscuous Additional Section RRSet Acceptance
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-349
Affected Packages: unbound-main-1.25.1-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-42923
Severity: moderate
Released on: 20/05/2026
Advisory: RHSA-2026:20357,
Bugzilla: 2479825
Bugzilla Description:
unbound: Unbound DNSSEC Validator NSEC3 Hash Calculation Limit Bypass via Negative Cache Code Path Leading to DoS
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-400
Affected Packages: unbound-main-1.25.1-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-32882
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480000
Bugzilla Description:
libheif: libheif: Denial of Service and Information Disclosure vulnerability
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document
CVE-2026-32741
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480002
Bugzilla Description:
libheif: libheif: Heap buffer overflow vulnerability in image decoding
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document
CVE-2026-32814
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2480001
Bugzilla Description:
libheif: libheif: Information Disclosure via Crafted HEIF/AVIF Files
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document
CVE-2026-32740
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2479969
Bugzilla Description:
libheif: libheif: Arbitrary code execution or denial of service via crafted HEIF/AVIF file
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document
CVE-2026-32739
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2479971
Bugzilla Description:
libheif: libheif: Denial of Service via crafted HEIF sequence file
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document
CVE-2026-32738
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2479968
Bugzilla Description:
libheif: libheif: Unsigned integer underflow leads to Denial of Service
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document
CVE-2026-8975
Severity: important
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479840
Bugzilla Description:
firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-787
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8974
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479855
Bugzilla Description:
firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-787
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8970
Severity: low
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479852
Bugzilla Description:
firefox: Privilege escalation in the Security component
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE: CWE-266
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8968
Severity: low
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479846
Bugzilla Description:
firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE:
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8962
Severity: low
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479876
Bugzilla Description:
firefox: Mitigation bypass in the DOM: Security component
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE: CWE-358
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8961
Severity: low
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479871
Bugzilla Description:
firefox: Spoofing issue in the Form Autofill component
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE: CWE-472
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8959
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:21381,
Bugzilla: 2479861
Bugzilla Description:
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-653
Affected Packages: thunderbird-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8958
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479848
Bugzilla Description:
firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-403
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8957
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479880
Bugzilla Description:
firefox: Privilege escalation in the Enterprise Policies component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-266
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8956
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479839
Bugzilla Description:
firefox: Integer overflow in the Networking: JAR component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-190
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8955
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479842
Bugzilla Description:
firefox: thunderbird: Privilege escalation in the DOM: Workers component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-266
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2026-8954
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479847
Bugzilla Description:
firefox: Incorrect boundary conditions, integer overflow in the Audio/Video component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-190
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8953
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479860
Bugzilla Description:
firefox: Sandbox escape due to use-after-free in the Disability Access APIs component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-825
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8950
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479853
Bugzilla Description:
firefox: Same-origin policy bypass in the Networking: HTTP component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE:
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8947
Severity: important
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479873
Bugzilla Description:
firefox: thunderbird: Use-after-free in the DOM: Bindings (WebIDL) component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-825
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8946
Severity: important
Released on: 19/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2479849
Bugzilla Description:
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-787
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-7504
Severity: important
Released on: 19/05/2026
Advisory: RHSA-2026:19594, RHSA-2026:19595, RHSA-2026:19596, RHSA-2026:19597,
Bugzilla: 2464128
Bugzilla Description:
org.keycloak/keycloak-services: Open redirect when using wildcard valid redirect URIs in Keycloak
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-601
Affected Packages: rhbk/keycloak-rhel9-operator,rhbk/keycloak-operator-bundle:26.4.12-1,rhbk/keycloak-operator-bundle:26.2.16-1,rhbk/keycloak-rhel9-operator:26.2-21,rhbk/keycloak-rhel9:26.4-17,rhbk/keycloak-rhel9:26.2-21,rhbk/keycloak-rhel9-operator:26.4-17,
Package States:
Full Details
CVE document
CVE-2026-7507
Severity: important
Released on: 19/05/2026
Advisory: RHSA-2026:19594, RHSA-2026:19595, RHSA-2026:19596, RHSA-2026:19597,
Bugzilla: 2464145
Bugzilla Description:
org.keycloak/keycloak-services: Session fixation in OIDC login flow that can lead to account takeover
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-290
Affected Packages: rhbk/keycloak-rhel9-operator,rhbk/keycloak-operator-bundle:26.4.12-1,rhbk/keycloak-operator-bundle:26.2.16-1,rhbk/keycloak-rhel9-operator:26.2-21,rhbk/keycloak-rhel9:26.4-17,rhbk/keycloak-rhel9:26.2-21,rhbk/keycloak-rhel9-operator:26.4-17,
Package States:
Full Details
CVE document
CVE-2026-7571
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:19596, RHSA-2026:19597,
Bugzilla: 2464263
Bugzilla Description:
keycloak: Keycloak: Access token disclosure and implicit flow bypass via forged client data
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-472
Affected Packages: rhbk/keycloak-operator-bundle:26.4.12-1,rhbk/keycloak-rhel9-operator,rhbk/keycloak-rhel9:26.4-17,rhbk/keycloak-rhel9-operator:26.4-17,
Package States:
Full Details
CVE document
CVE-2026-37978
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:19596, RHSA-2026:19597,
Bugzilla: 2455327
Bugzilla Description:
keycloak: org.keycloak.services: Keycloak: Information Disclosure via evaluate-scopes Admin API
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-639
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.4.12-1,rhbk/keycloak-rhel9:26.4-17,rhbk/keycloak-rhel9-operator:26.4-17,
Package States:
Full Details
CVE document
CVE-2026-7307
Severity: important
Released on: 19/05/2026
Advisory: RHSA-2026:19594, RHSA-2026:19595, RHSA-2026:19596, RHSA-2026:19597,
Bugzilla: 2476526
Bugzilla Description:
keycloak: Keycloak: Denial of Service via specially crafted SAML input
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1286
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.4.12-1,rhbk/keycloak-operator-bundle:26.2.16-1,rhbk/keycloak-rhel9-operator:26.2-21,rhbk/keycloak-rhel9:26.4-17,rhbk/keycloak-rhel9:26.2-21,rhbk/keycloak-rhel9-operator:26.4-17,
Package States:
Full Details
CVE document
CVE-2026-37981
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:19596, RHSA-2026:19597,
Bugzilla: 2455326
Bugzilla Description:
keycloak: org.keycloak.authorization: Keycloak: Information disclosure via broken access control in user lookup endpoint
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1220
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.4.12-1,rhbk/keycloak-rhel9:26.4-17,rhbk/keycloak-rhel9-operator:26.4-17,
Package States:
Full Details
CVE document
CVE-2026-2611
Severity: critical
Released on: 19/05/2026
Advisory:
Bugzilla: 2479797
Bugzilla Description:
mlflow: MLflow: Arbitrary Code Execution via Improper Origin Validation
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-940
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-8922
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2479586
Bugzilla Description:
org.keycloak/keycloak-services: keycloak: org.keycloak.protocol.oidc: Security flaw in org.keycloak/keycloak-services
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-303
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-8830
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2479565
Bugzilla Description:
keycloak: org.keycloak/keycloak-services: Keycloak: Policy bypass during WebAuthn credential registration via client-side JavaScript manipulation
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-603
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-37979
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:19596, RHSA-2026:19597,
Bugzilla: 2455328
Bugzilla Description:
keycloak: Keycloak: Information disclosure via OIDC token introspection endpoint audience bypass
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.4.12-1,rhbk/keycloak-rhel9:26.4-17,rhbk/keycloak-rhel9-operator:26.4-17,
Package States:
Full Details
CVE document
CVE-2026-37982
Severity: moderate
Released on: 19/05/2026
Advisory: RHSA-2026:19596, RHSA-2026:19597,
Bugzilla: 2455329
Bugzilla Description:
keycloak: org.keycloak.authentication: Keycloak: Unauthorized account takeover via WebAuthn token replay
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE:
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.4.12-1,rhbk/keycloak-rhel9:26.4-17,rhbk/keycloak-rhel9-operator:26.4-17,
Package States:
Full Details
CVE document
CVE-2026-43493
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2479812
Bugzilla Description:
kernel: crypto: pcrypt - Fix handling of MAY_BACKLOG requests
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43491
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2479813
Bugzilla Description:
kernel: net: qrtr: ns: Limit the maximum server registration per node
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43492
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2479815
Bugzilla Description:
kernel: lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-51427
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2479894
Bugzilla Description:
ModelScope: ModelScope: Arbitrary code execution via crafted configuration module
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-31072
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2479907
Bugzilla Description:
apscheduler: APScheduler: Remote Code Execution via Insecure Deserialization
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2026-9122
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2480237
Bugzilla Description:
chromium-browser: Out of bounds read in GPU
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9121
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2480238
Bugzilla Description:
chromium-browser: Out of bounds read in GPU
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9116
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480240
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in ServiceWorker
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9117
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480242
Bugzilla Description:
chromium-browser: Type Confusion in GFX
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9123
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2480243
Bugzilla Description:
chromium-browser: Heap buffer overflow in Chromecast
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9118
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480244
Bugzilla Description:
chromium-browser: Use after free in XR
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9113
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480249
Bugzilla Description:
chromium-browser: Out of bounds read in GPU
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9112
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480252
Bugzilla Description:
chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9120
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480256
Bugzilla Description:
chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9115
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480257
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in Service Worker
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-940
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9119
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480258
Bugzilla Description:
chromium-browser: Heap buffer overflow in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9111
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480261
Bugzilla Description:
chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9114
Severity: important
Released on: 19/05/2026
Advisory:
Bugzilla: 2480262
Bugzilla Description:
chromium-browser: Use after free in QUIC
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9124
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2480263
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Input
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9126
Severity: moderate
Released on: 19/05/2026
Advisory:
Bugzilla: 2480264
Bugzilla Description:
chromium-browser: Use after free in DOM
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-364
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-9110
Severity: low
Released on: 19/05/2026
Advisory:
Bugzilla: 2480265
Bugzilla Description:
chromium-browser: Inappropriate implementation in UI
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-25244
Severity: important
Released on: 18/05/2026
Advisory:
Bugzilla: 2479692
Bugzilla Description:
WebdriverIO: WebdriverIO: Remote Code Execution via command injection in Git branch name processing
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-45829
Severity: critical
Released on: 18/05/2026
Advisory:
Bugzilla: 2479623
Bugzilla Description:
chromadb: ChromaDB Python Project: Arbitrary code execution via pre-authentication code injection
CVSS Score:
CVSSv3 Score: 10.0
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,
Full Details
CVE document
CVE-2021-47952
Severity: critical
Released on: 16/05/2026
Advisory:
Bugzilla: 2478170
Bugzilla Description:
python-jsonpickle: python-jsonpickle: Arbitrary Code Execution via Malicious JSON Deserialization
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,
Full Details
CVE document
CVE-2026-46483
Severity: moderate
Released on: 15/05/2026
Advisory:
Bugzilla: 2477915
Bugzilla Description:
vim: command injection when decompressing .tgz archives
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-46333
Severity: important
Released on: 15/05/2026
Advisory: RHSA-2026:20051, RHSA-2026:19540, RHSA-2026:19664, RHSA-2026:19521, RHSA-2026:19666, RHSA-2026:19875, RHSA-2026:19568, RHSA-2026:19711, RHSA-2026:19569, RHSA-2026:20129, RHSA-2026:19705, RHSA-2026:20130, RHSA-2026:20593, RHSA-2026:20054, RHSA-2026:20299,
Bugzilla: 2477802
Bugzilla Description:
kernel: Read root-owned files as an unprivileged user
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-269
Affected Packages: kernel-0:5.14.0-284.172.1.el9_2,kernel-rt-0:5.14.0-70.180.1.rt21.252.el9_0,kernel-0:5.14.0-427.126.1.el9_4,kernel-0:4.18.0-305.192.1.el8_4,kernel-0:5.14.0-687.10.1.el9_8,kernel-rt-0:4.18.0-553.125.1.rt7.466.el8_10,kernel-0:4.18.0-553.125.1.el8_10,kernel-0:5.14.0-570.116.1.el9_6,kernel-0:4.18.0-372.193.1.el8_6,kernel-0:6.12.0-211.16.1.el10_2,kernel-0:6.12.0-211.8.el10nv,kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2,kernel-0:4.18.0-477.143.1.el8_8,kernel-0:6.12.0-55.75.1.el10_0,kernel-0:5.14.0-70.180.1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-43490
Severity:
Released on: 15/05/2026
Advisory:
Bugzilla: 2477790
Bugzilla Description:
kernel: ksmbd: validate inherited ACE SID length
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-34253
Severity: important
Released on: 15/05/2026
Advisory:
Bugzilla: 2477925
Bugzilla Description:
vorbis-tools: vorbis-tools ogg123: Arbitrary code execution via buffer underflow in remote control functionality
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-124
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-44673
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477617
Bugzilla Description:
libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-42327
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477618
Bugzilla Description:
rust-openssl: rust-openssl: Arbitrary code execution via specially crafted certificate
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: CWE-475
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8587
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477665
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Extensions
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8586
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477616
Bugzilla Description:
chromium-browser: chromium-browser: Inappropriate implementation in Chromoting
CVSS Score:
CVSSv3 Score: 3.9
Vector:
CWE: CWE-639
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8582
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477650
Bugzilla Description:
chromium-browser: chromium-browser: Object lifecycle issue in Dawn
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8583
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477697
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient policy enforcement in WebXR
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8581
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477655
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8578
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477660
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds read in GPU
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8579
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477666
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient validation of untrusted input in Skia
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8580
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477667
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Mojo
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8576
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477688
Bugzilla Description:
chromium-browser: chromium-browser: Inappropriate implementation in CORS
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-940
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8577
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477689
Bugzilla Description:
chromium-browser: chromium-browser: Integer overflow in Fonts
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8575
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477623
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in UI
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8574
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477632
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Core
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8573
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477684
Bugzilla Description:
chromium-browser: chromium-browser: Integer overflow in Codecs
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8570
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477651
Bugzilla Description:
chromium-browser: chromium-browser: Type Confusion in V8
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8572
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477661
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient policy enforcement in Network
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8571
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477668
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient policy enforcement in GPU
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8568
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477621
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient policy enforcement in AI
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-1100
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8569
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477627
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds write in Codecs
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8565
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477640
Bugzilla Description:
chromium-browser: chromium-browser: Inappropriate implementation in Downloads
CVSS Score:
CVSSv3 Score: 4.6
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8567
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477670
Bugzilla Description:
chromium-browser: chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8566
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477692
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient policy enforcement in Payments
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-1220
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8564
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477626
Bugzilla Description:
chromium-browser: chromium-browser: Incorrect security UI in Downloads
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8562
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477652
Bugzilla Description:
chromium-browser: chromium-browser: Side-channel information leakage in Navigation
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8563
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477706
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient policy enforcement in IFrame Sandbox
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8561
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477631
Bugzilla Description:
chromium-browser: chromium-browser: Incorrect security UI in Fullscreen
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8559
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477657
Bugzilla Description:
chromium-browser: chromium-browser: Integer overflow in Internationalization
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8555
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477643
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in GTK
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8557
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477658
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Accessibility
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8556
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477663
Bugzilla Description:
chromium-browser: chromium-browser: Inappropriate implementation in ANGLE
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8554
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477635
Bugzilla Description:
chromium-browser: chromium-browser: Type Confusion in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8553
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477681
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8550
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477649
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Google Lens
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8551
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477671
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Downloads
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8552
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477680
Bugzilla Description:
chromium-browser: chromium-browser: Heap buffer overflow in GPU
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8548
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477630
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds write in Media
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8549
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477679
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8547
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477685
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient policy enforcement in Passwords
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8545
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477673
Bugzilla Description:
chromium-browser: chromium-browser: Object corruption in Compositing
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-386
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8544
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477674
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8546
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477703
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds read in GPU
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8541
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477628
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds read in UI
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8543
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477639
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds read in FileSystem
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8542
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477642
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Core
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8540
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477633
Bugzilla Description:
chromium-browser: chromium-browser: Type Confusion in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8538
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477648
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient validation of untrusted input in GPU
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8539
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477653
Bugzilla Description:
chromium-browser: chromium-browser: Script injection in SanitizerAPI
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8536
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477677
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient validation of untrusted input in ReadingMode
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8537
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477707
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient policy enforcement in ViewTransitions
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8534
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477622
Bugzilla Description:
chromium-browser: chromium-browser: Integer overflow in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8533
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477638
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Accessibility
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8535
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477691
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds read in Media
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8530
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477693
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Network
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8531
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477696
Bugzilla Description:
chromium-browser: chromium-browser: Heap buffer overflow in WebML
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8532
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477699
Bugzilla Description:
chromium-browser: chromium-browser: Integer overflow in XML
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8528
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477646
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient validation of untrusted input in SiteIsolation
CVSS Score:
CVSSv3 Score: 7.9
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8529
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477662
Bugzilla Description:
chromium-browser: chromium-browser: Heap buffer overflow in Codecs
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-131
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8525
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477634
Bugzilla Description:
chromium-browser: chromium-browser: Heap buffer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8526
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477672
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds write in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8527
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477702
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient validation of untrusted input in Downloads
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8524
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477695
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds write in WebAudio
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8558
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477704
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds write in Fonts
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8523
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477629
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Mojo
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8521
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477701
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Tab Groups
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8522
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477708
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Downloads
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8518
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477641
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Blink
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8520
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477676
Bugzilla Description:
chromium-browser: chromium-browser: Race in Payments
CVSS Score:
CVSSv3 Score: 8.3
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8519
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477687
Bugzilla Description:
chromium-browser: chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8517
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477664
Bugzilla Description:
chromium-browser: chromium-browser: Object lifecycle issue in WebShare
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8516
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477690
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient validation of untrusted input in DataTransfer
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8515
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477675
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in HID
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8514
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477683
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Aura
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8512
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477682
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in FileSystem
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8513
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477698
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Input
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8510
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477624
Bugzilla Description:
chromium-browser: chromium-browser: Integer overflow in Skia
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8511
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477686
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in UI
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8509
Severity: critical
Released on: 14/05/2026
Advisory:
Bugzilla: 2477678
Bugzilla Description:
chromium-browser: chromium-browser: Heap buffer overflow in WebML
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-41888
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477528
Bugzilla Description:
github.com/distribution/distribution: Distribution: Security bypass allows unauthorized tag deletion
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-15
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-44484
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477476
Bugzilla Description:
pytorch-lightning: PyTorch Lightning: Credential harvesting via introduced functionality
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-829
Affected Packages:
Package States: Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-44216
Severity: important
Released on: 14/05/2026
Advisory:
Bugzilla: 2477467
Bugzilla Description:
wasmtime: Wasmtime: Denial of Service via large WebAssembly table allocation
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-6478
Severity: important
Released on: 14/05/2026
Advisory: RHSA-2026:21182,
Bugzilla: 2477447
Bugzilla Description:
postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-385
Affected Packages: postgresql17-main-17.10-0.1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-6474
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477441
Bugzilla Description:
postgresql: PostgreSQL: Information disclosure via externally-controlled format string in timeofday() function
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-134
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-8295
Severity: moderate
Released on: 14/05/2026
Advisory:
Bugzilla: 2477418
Bugzilla Description:
simdjson: simdjson: Memory corruption via integer overflow in string processing
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Advanced Cluster Management for Kubernetes 2,
Full Details
CVE document
CVE-2026-28374
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477253
Bugzilla Description:
grafana: Grafana: Unauthorized annotation deletion by editor users
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-28383
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477255
Bugzilla Description:
grafana: Grafana: Denial of Service via unbounded memory allocation in plugin resources endpoint
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-28380
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477240
Bugzilla Description:
grafana: Grafana: Unauthorized snapshot deletion via Broken Access Control in Snapshot API
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-639
Affected Packages:
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-33380
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477248
Bugzilla Description:
grafana: Grafana: Information disclosure via SQL Expressions vulnerability
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-89
Affected Packages:
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-33381
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477239
Bugzilla Description:
grafana: Grafana: Temporary access control bypass for service account token minting
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-272
Affected Packages:
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-28376
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477259
Bugzilla Description:
grafana: Grafana Live: Denial of Service due to unbounded memory allocation via push endpoint
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-28379
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477264
Bugzilla Description:
grafana: Grafana Live: Denial of Service due to a race condition
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-663
Affected Packages:
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-44248
Severity: important
Released on: 13/05/2026
Advisory:
Bugzilla: 2477231
Bugzilla Description:
netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-42587
Severity: important
Released on: 13/05/2026
Advisory:
Bugzilla: 2477220
Bugzilla Description:
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Cryostat 4,Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 2,streams for Apache Kafka 3,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42586
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477213
Bugzilla Description:
netty-codec-redis: Netty: Command injection via CRLF characters in Redis codec encoder
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-93
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-42585
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477227
Bugzilla Description:
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-444
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42584
Severity: important
Released on: 13/05/2026
Advisory:
Bugzilla: 2477224
Bugzilla Description:
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-444
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42580
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477214
Bugzilla Description:
netty: Netty: Request smuggling via chunk size parser integer overflow
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Cryostat 4,Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 2,streams for Apache Kafka 3,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42579
Severity: important
Released on: 13/05/2026
Advisory:
Bugzilla: 2477217
Bugzilla Description:
netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42578
Severity: important
Released on: 13/05/2026
Advisory:
Bugzilla: 2477226
Bugzilla Description:
netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-93
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42581
Severity: important
Released on: 13/05/2026
Advisory:
Bugzilla: 2477232
Bugzilla Description:
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
CVSS Score:
CVSSv3 Score: 7.2
Vector:
CWE: CWE-444
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-44576
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477209
Bugzilla Description:
Next.js: Next.js: Cache poisoning vulnerability in React Server Components
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-444
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Trusted Artifact Signer,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-44572
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477168
Bugzilla Description:
next.js: Next.js: Denial of Service due to improper handling of x-nextjs-data header with redirects
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-444
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Trusted Artifact Signer,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-44664
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477164
Bugzilla Description:
fast-xml-builder: fast-xml-builder: Arbitrary XML/HTML injection via insufficient sanitization of XML comments
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-91
Affected Packages:
Package States: Red Hat Advanced Cluster Security 4,Red Hat Developer Hub,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Self-service automation portal 2,
Full Details
CVE document
CVE-2026-44665
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477155
Bugzilla Description:
fast-xml-builder: fast-xml-builder: Attribute injection leading to information disclosure or content manipulation
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-91
Affected Packages:
Package States: Red Hat Advanced Cluster Security 4,Red Hat Developer Hub,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Self-service automation portal 2,
Full Details
CVE document
CVE-2026-44431
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477167
Bugzilla Description:
urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-201
Affected Packages:
Package States: Exploit Intelligence,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 3,Pen Drive Powered by Red Hat Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Quarkus Native builder,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 17.1,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Update Infrastructure 4 for Cloud Providers,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,
Full Details
CVE document
CVE-2026-44432
Severity: important
Released on: 13/05/2026
Advisory: RHSA-2026:20338,
Bugzilla: 2477154
Bugzilla Description:
urllib3: urllib3: Denial of Service due to excessive HTTP response decompression
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-409
Affected Packages: discovery/discovery-server-rhel9:1779395228,
Package States: Exploit Intelligence,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 3,Pen Drive Powered by Red Hat Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Quarkus Native builder,Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 17.1,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Update Infrastructure 4 for Cloud Providers,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,
Full Details
CVE document
CVE-2026-40460
Severity: moderate
Released on: 13/05/2026
Advisory: RHSA-2026:20351,
Bugzilla: 2477113
Bugzilla Description:
nginx: NGINX: Authorization bypass via IP spoofing in HTTP/3 QUIC module
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-290
Affected Packages: nginx-main-1.30.2-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-42934
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477066
Bugzilla Description:
nginx: ngx_http_charset_module: information disclosure and denial of service
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-126
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Lightspeed proxy 1,
Full Details
CVE document
CVE-2026-42946
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477132
Bugzilla Description:
nginx: ngx_http_scgi_module: ngx_http_uwsgi_module: information disclosure and denial of service
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Lightspeed proxy 1,
Full Details
CVE document
CVE-2026-40701
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477076
Bugzilla Description:
nginx: ngx_http_ssl_module: data corruption and denial of service
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Lightspeed proxy 1,
Full Details
CVE document
CVE-2026-42945
Severity: critical
Released on: 13/05/2026
Advisory: RHSA-2026:19371, RHSA-2026:18063, RHSA-2026:18041, RHSA-2026:19372, RHSA-2026:19374, RHSA-2026:17417, RHSA-2026:19159, RHSA-2026:18029, RHSA-2026:17753, RHSA-2026:17752, RHSA-2026:17751, RHSA-2026:17794, RHSA-2026:17793, RHSA-2026:17792, RHSA-2026:17791, RHSA-2026:17790, RHSA-2026:21275, RHSA-2026:20444, RHSA-2026:20442,
Bugzilla: 2477116
Bugzilla Description:
nginx: NGINX: Arbitrary Code Execution Vulnerability
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-131
Affected Packages: satellite/iop-gateway-rhel9:1779706797,nginx-2:1.20.1-24.el9_7.3,nginx-2:1.26.3-1.el10_0.9,nginx-main-1.30.1-1.hum1,nginx:1.24-8100020260514165201.489197e6,rhui5/rhua-rhel9:1779798222,nginx:1.26-9080020260514152324.9,nginx-2:1.26.3-2.el10_1.2,nginx-2:1.20.1-28.el9_8.2,nginx-1:1.20.1-16.el9_4.6,nginx:1.24-9040020260514192210.9,nginx:1.24-9080020260514160836.9,nginx-1:1.20.1-14.el9_2.6,nginx-2:1.20.1-22.el9_6.6,nginx-2:1.26.3-6.el10_2.3,nginx-1:1.20.1-10.el9_0.4,nginx:1.26-9060020260514170123.9,satellite/iop-gateway-rhel9:1779706745,rhui5/cds-rhel9:1779798159,nginx:1.24-9060020260514175739.9,
Package States: Red Hat Lightspeed proxy 1,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,
Full Details
CVE document
CVE-2026-46300
Severity: important
Released on: 13/05/2026
Advisory: RHSA-2026:20051, RHSA-2026:19540, RHSA-2026:19664, RHSA-2026:19521, RHSA-2026:19666, RHSA-2026:19875, RHSA-2026:19568, RHSA-2026:19711, RHSA-2026:19569, RHSA-2026:20129, RHSA-2026:19705, RHBA-2026:20032, RHSA-2026:20130, RHSA-2026:20593, RHSA-2026:20054, RHSA-2026:20087, RHSA-2026:20299,
Bugzilla: 2477015
Bugzilla Description:
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-123
Affected Packages: kernel-0:5.14.0-284.172.1.el9_2,kernel-rt-0:5.14.0-70.180.1.rt21.252.el9_0,kernel-0:5.14.0-427.126.1.el9_4,kernel-0:4.18.0-305.192.1.el8_4,kernel-0:5.14.0-687.10.1.el9_8,kernel-rt-0:4.18.0-553.125.1.rt7.466.el8_10,kernel-0:4.18.0-553.125.1.el8_10,kernel-0:5.14.0-570.116.1.el9_6,rhcos-416.94.202605200242-0,kernel-0:4.18.0-372.193.1.el8_6,kernel-0:6.12.0-211.16.1.el10_2,openshift-0:4.21.0-202605142021.p2.geab2218.assembly.stream.el10,kernel-0:6.12.0-211.8.el10nv,kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2,kernel-0:4.18.0-477.143.1.el8_8,kernel-0:6.12.0-55.75.1.el10_0,kernel-0:5.14.0-70.180.1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2026-7168
Severity: moderate
Released on: 13/05/2026
Advisory: RHSA-2026:19106,
Bugzilla: 2476979
Bugzilla Description:
curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-201
Affected Packages: curl-main-8.20.0-2.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-2725
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2476938
Bugzilla Description:
gerrit: Gerrit: Code review bypass via incorrect authorization
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-639
Affected Packages:
Package States: Red Hat Build of Podman Desktop,Red Hat Developer Hub,Red Hat Fuse 7,Self-service automation portal 2,
Full Details
CVE document
CVE-2026-43481
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477055
Bugzilla Description:
kernel: net-shapers: don't free reply skb after genlmsg_reply()
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43478
Severity: low
Released on: 13/05/2026
Advisory:
Bugzilla: 2477060
Bugzilla Description:
kernel: ASoC: codecs: rt1011: Use component to get the dapm context in spk_mode_put
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43480
Severity:
Released on: 13/05/2026
Advisory:
Bugzilla: 2477069
Bugzilla Description:
kernel: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43483
Severity: low
Released on: 13/05/2026
Advisory:
Bugzilla: 2477073
Bugzilla Description:
kernel: KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43482
Severity:
Released on: 13/05/2026
Advisory:
Bugzilla: 2477079
Bugzilla Description:
kernel: sched_ext: Disable preemption between scx_claim_exit() and kicking helper work
CVSS Score:
Vector:
CWE: CWE-368
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43484
Severity: low
Released on: 13/05/2026
Advisory:
Bugzilla: 2477080
Bugzilla Description:
kernel: mmc: core: Avoid bitfield RMW for claim/retune flags
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43488
Severity: low
Released on: 13/05/2026
Advisory:
Bugzilla: 2477084
Bugzilla Description:
kernel: usb: xhci: Prevent interrupt storm on host controller error (HCE)
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43485
Severity:
Released on: 13/05/2026
Advisory:
Bugzilla: 2477092
Bugzilla Description:
kernel: nouveau/gsp: drop WARN_ON in ACPI probes
CVSS Score:
Vector:
CWE: CWE-779
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43477
Severity: low
Released on: 13/05/2026
Advisory:
Bugzilla: 2477093
Bugzilla Description:
kernel: drm/i915/vrr: Configure VRR timings after enabling TRANS_DDI_FUNC_CTL
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-841
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43487
Severity: low
Released on: 13/05/2026
Advisory:
Bugzilla: 2477110
Bugzilla Description:
kernel: ata: libata-core: Disable LPM on ST1000DM010-2EP102
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43489
Severity:
Released on: 13/05/2026
Advisory:
Bugzilla: 2477126
Bugzilla Description:
kernel: liveupdate: luo_file: remember retrieve() status
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43479
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477131
Bugzilla Description:
kernel: net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect
CVSS Score:
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43486
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477140
Bugzilla Description:
kernel: arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS faults
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43476
Severity: moderate
Released on: 13/05/2026
Advisory:
Bugzilla: 2477145
Bugzilla Description:
kernel: iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-42268
Severity: moderate
Released on: 12/05/2026
Advisory:
Bugzilla: 2476872
Bugzilla Description:
mod_security: ModSecurity: Denial of Service via unsigned integer underflow in rule verification functions
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8449
Severity:
Released on: 12/05/2026
Advisory:
Bugzilla: 2476870
Bugzilla Description:
kernel: ksmbd: Linux ksmbd: Privilege Escalation via crafted DACL in ACL inheritance
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux for NVIDIA 26,
Full Details
CVE document
CVE-2026-42899
Severity: important
Released on: 12/05/2026
Advisory: RHSA-2026:21291, RHSA-2026:17464, RHSA-2026:21295, RHSA-2026:21294, RHSA-2026:17682, RHSA-2026:21293, RHSA-2026:21286, RHSA-2026:21297, RHSA-2026:21296, RHSA-2026:17527, RHSA-2026:21754,
Bugzilla: 2476605
Bugzilla Description:
dotnet: .NET: infinite loop allows an attacker to cause a denial of service
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-835
Affected Packages: dotnet10.0-0:10.0.108-1.el8_10,dotnet9.0-0:9.0.117-1.el10_2,dotnet9.0-0:9.0.117-1.el8_10,dotnet8.0-0:8.0.127-1.el9_8,dotnet8-0-main-8.0.127-1.hum1,dotnet10.0-0:10.0.108-1.el9_8,dotnet8.0-0:8.0.127-1.el10_2,dotnet8.0-0:8.0.127-1.el8_10,dotnet10-0-main-10.0.108-1.hum1,dotnet9.0-0:9.0.117-1.el9_8,dotnet9-0-main-9.0.117-1.hum1,
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document
CVE-2026-32175
Severity: moderate
Released on: 12/05/2026
Advisory:
Bugzilla: 2476651
Bugzilla Description:
dotnet: .NET: improper handling of files allows an attacker to write to certain locations
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-36
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-35433
Severity: important
Released on: 12/05/2026
Advisory:
Bugzilla: 2476577
Bugzilla Description:
dotnet: .NET: improper input validation allows an attacker to elevate privileges locally
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-32177
Severity: important
Released on: 12/05/2026
Advisory:
Bugzilla: 2476664
Bugzilla Description:
dotnet: .NET: heap-based buffer overflow allows an attacker to elevate privileges locally
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document
CVE-2025-35979
Severity: moderate
Released on: 12/05/2026
Advisory:
Bugzilla: 2476541
Bugzilla Description:
kernel: Kernel: Information disclosure via shared microarchitectural predictor state in Intel(R) Processors
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-1037
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-5089
Severity: moderate
Released on: 12/05/2026
Advisory:
Bugzilla: 2476554
Bugzilla Description:
perl-YAML-Syck: perl-YAML-Syck: Information disclosure via out-of-bounds read in base60 parsing
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-43512
Severity: moderate
Released on: 12/05/2026
Advisory: RHSA-2026:13745, RHSA-2026:16528,
Bugzilla: 2476511
Bugzilla Description:
tomcat-coyote: Apache Tomcat: Authentication bypass via digest authentication
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-303
Affected Packages: tomcat10-main-10.1.55-1.hum1,tomcat11-main-11.0.22-0.1.hum1,
Package States: Red Hat Certificate System 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Web Server 5,Red Hat JBoss Web Server 5,Red Hat JBoss Web Server 6,Red Hat JBoss Web Server 6,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-8401
Severity: important
Released on: 12/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2476492
Bugzilla Description:
firefox: thunderbird: Sandbox escape in the Profile Backup component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-653
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8368
Severity: moderate
Released on: 12/05/2026
Advisory:
Bugzilla: 2476490
Bugzilla Description:
perl-libwww-perl: perl-libwww-perl: Information disclosure via cross-origin redirects
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-201
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-40020
Severity: moderate
Released on: 12/05/2026
Advisory:
Bugzilla: 2476465
Bugzilla Description:
dovecot: dovecot: Denial of Service via IMAP SETACL command injection
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-88
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-40016
Severity: moderate
Released on: 12/05/2026
Advisory:
Bugzilla: 2476470
Bugzilla Description:
dovecot: Dovecot: Denial of Service due to Sieve script CPU limit bypass
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-33603
Severity: moderate
Released on: 12/05/2026
Advisory:
Bugzilla: 2476464
Bugzilla Description:
dovecot: Dovecot: Information disclosure via SCRAM TLS channel binding bypass
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-940
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8391
Severity: important
Released on: 12/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2476475
Bugzilla Description:
firefox: thunderbird: Other issue in the JavaScript Engine component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-475
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-8390
Severity: important
Released on: 12/05/2026
Advisory:
Bugzilla: 2476474
Bugzilla Description:
firefox: Use-after-free in the JavaScript: WebAssembly component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8389
Severity: important
Released on: 12/05/2026
Advisory:
Bugzilla: 2476466
Bugzilla Description:
firefox: JIT miscompilation in the JavaScript Engine: JIT component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-733
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8388
Severity: important
Released on: 12/05/2026
Advisory: RHSA-2026:21382, RHSA-2026:21381, RHSA-2026:21380, RHSA-2026:21378,
Bugzilla: 2476469
Bugzilla Description:
firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-787
Affected Packages: thunderbird-0:140.11.0-1.el9_8,firefox-0:140.11.0-1.el10_2,firefox-0:140.11.0-1.el8_10,firefox-0:140.11.0-1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2026-6402
Severity: moderate
Released on: 12/05/2026
Advisory:
Bugzilla: 2476411
Bugzilla Description:
webpack-dev-server: webpack-dev-server: Information disclosure due to cross-origin source code exposure
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-346
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Containers,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat Build of Podman Desktop,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Self-service automation portal 2,
Full Details
CVE document
CVE-2026-42050
Severity: moderate
Released on: 11/05/2026
Advisory:
Bugzilla: 2471934
Bugzilla Description:
ImageMagick: ImageMagick: Denial of Service due to an overflow vulnerability in MIFF file processing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2026-43896
Severity: moderate
Released on: 11/05/2026
Advisory:
Bugzilla: 2469184
Bugzilla Description:
jq: stack overflow in recursive object merge
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 4,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-43895
Severity: moderate
Released on: 11/05/2026
Advisory:
Bugzilla: 2469199
Bugzilla Description:
jq: embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 4,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-44777
Severity: moderate
Released on: 11/05/2026
Advisory:
Bugzilla: 2469192
Bugzilla Description:
jq: stack overflow in module loading on mutual include
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 4,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-43894
Severity: moderate
Released on: 11/05/2026
Advisory:
Bugzilla: 2469175
Bugzilla Description:
jq: jq: Arbitrary Code Execution or Denial of Service via Signed Integer Overflow
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 4,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-41256
Severity: moderate
Released on: 11/05/2026
Advisory:
Bugzilla: 2469193
Bugzilla Description:
jq: embedded NUL truncates top-level jq programs loaded with -f
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-158
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 4,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-40612
Severity: moderate
Released on: 11/05/2026
Advisory:
Bugzilla: 2469183
Bugzilla Description:
jq: stack overflow via unbounded recursion in jv_contains
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 4,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-41257
Severity: moderate
Released on: 11/05/2026
Advisory:
Bugzilla: 2469187
Bugzilla Description:
jq: signed-int overflow in stack_reallocate
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 4,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-4802
Severity: important
Released on: 11/05/2026
Advisory: RHSA-2026:21390, RHSA-2026:21516, RHSA-2026:21515, RHSA-2026:21647, RHSA-2026:21700, RHSA-2026:21394, RHSA-2026:21392, RHSA-2026:21395, RHSA-2026:21468, RHSA-2026:21676,
Bugzilla: 2451155
Bugzilla Description:
cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-78
Affected Packages: cockpit-0:334.2-1.el10_0,cockpit-0:310.8-1.el8_10,cockpit-0:356.2-1.el9_8,cockpit-0:334.3-1.el9_6,cockpit-0:311.3-1.el9_4,cockpit-0:264.3-1.el8_6,cockpit-0:356.2-1.el10_2,cockpit-0:264.3-1.el9_0,cockpit-0:286.3-1.el9_2,cockpit-0:286.2-1.el8_8,
Package States: Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2026-8261
Severity: moderate
Released on: 11/05/2026
Advisory:
Bugzilla: 2468988
Bugzilla Description:
squirrel: Squirrel: Heap-based buffer overflow allows local denial of service
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-120
Affected Packages:
Package States: Deployment Validation Operator,MCP Server for Red Hat OpenShift,Multicluster Global Hub,OpenShift Developer Tools and Services,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ceph Storage 6,Red Hat Ceph Storage 9,Red Hat Ceph Storage 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2026-43500
Severity: important
Released on: 11/05/2026
Advisory:
Bugzilla: 2468273
Bugzilla Description:
kernel: "Dirty Frag" RxRPC variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-123
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-45190
Severity: moderate
Released on: 10/05/2026
Advisory:
Bugzilla: 2468673
Bugzilla Description:
Net::CIDR::Lite: perl: Net::CIDR::Lite: IP ACL bypass due to improper input validation
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-45186
Severity: important
Released on: 10/05/2026
Advisory:
Bugzilla: 2468575
Bugzilla Description:
libexpat: denial of service via crafted XML input
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-407
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,
Full Details
CVE document
CVE-2026-7263
Severity: important
Released on: 10/05/2026
Advisory:
Bugzilla: 2468572
Bugzilla Description:
php: denial of service via DOMNode::C14N()
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-6104
Severity: important
Released on: 10/05/2026
Advisory:
Bugzilla: 2468573
Bugzilla Description:
php: global buffer over-read in mb_convert_encoding() with attacker-supplied encoding
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-7258
Severity: moderate
Released on: 10/05/2026
Advisory: RHSA-2026:14125,
Bugzilla: 2468561
Bugzilla Description:
PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-839
Affected Packages: php-main-8.5.6-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2026-7259
Severity: moderate
Released on: 10/05/2026
Advisory:
Bugzilla: 2468564
Bugzilla Description:
php: NULL pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-7262
Severity: important
Released on: 10/05/2026
Advisory:
Bugzilla: 2468565
Bugzilla Description:
php: NULL pointer dereference in SOAP apache:Map decoder with missing
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-7568
Severity: important
Released on: 10/05/2026
Advisory:
Bugzilla: 2468566
Bugzilla Description:
php: signed integer overflow in metaphone()
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-6735
Severity: moderate
Released on: 10/05/2026
Advisory: RHSA-2026:14125,
Bugzilla: 2468562
Bugzilla Description:
PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages: php-main-8.5.6-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2026-42257
Severity: moderate
Released on: 09/05/2026
Advisory:
Bugzilla: 2468494
Bugzilla Description:
net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-93
Affected Packages:
Package States: Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-42256
Severity: moderate
Released on: 09/05/2026
Advisory:
Bugzilla: 2468500
Bugzilla Description:
ruby/net-imap: ruby: Net::IMAP: Denial of Service via large iteration count in SCRAM authentication
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-42245
Severity: moderate
Released on: 09/05/2026
Advisory:
Bugzilla: 2468495
Bugzilla Description:
ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-42310
Severity: moderate
Released on: 09/05/2026
Advisory: RHSA-2026:16030, RHSA-2026:16009, RHSA-2026:16008,
Bugzilla: 2468461
Bugzilla Description:
Pillow: Pillow: Denial of Service via malicious PDF processing
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-835
Affected Packages: rhaiis/vllm-rocm-rhel9:1778244531,rhaiis/vllm-cuda-rhel9:1778274666,rhaiis/model-opt-cuda-rhel9:1778244559,
Package States: Exploit Intelligence,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document
CVE-2026-42308
Severity: moderate
Released on: 09/05/2026
Advisory:
Bugzilla: 2468457
Bugzilla Description:
Pillow: python: Pillow: Denial of Service via integer overflow in font processing
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-190
Affected Packages:
Package States: Exploit Intelligence,OpenShift Lightspeed,OpenShift Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2026-42309
Severity: moderate
Released on: 09/05/2026
Advisory: RHSA-2026:16030, RHSA-2026:16009, RHSA-2026:16008,
Bugzilla: 2468458
Bugzilla Description:
Pillow: Pillow: Denial of Service via specially crafted coordinate input
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE: CWE-131
Affected Packages: rhaiis/vllm-rocm-rhel9:1778244531,rhaiis/vllm-cuda-rhel9:1778274666,rhaiis/model-opt-cuda-rhel9:1778244559,
Package States: Exploit Intelligence,OpenShift Lightspeed,OpenShift Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2026-42295
Severity: moderate
Released on: 09/05/2026
Advisory:
Bugzilla: 2468450
Bugzilla Description:
github.com/argoproj/argo-workflows: Argo Workflows: Information disclosure via plaintext logging of artifact repository credentials
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-256
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-42183
Severity: moderate
Released on: 09/05/2026
Advisory:
Bugzilla: 2468445
Bugzilla Description:
github.com/argoproj/argo-workflows: Argo Workflows: Denial of Service via nil pointer dereference for SSO users
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-2291
Severity: moderate
Released on: 09/05/2026
Advisory: RHSA-2026:20589, RHSA-2026:19373, RHSA-2026:19158,
Bugzilla: 2439088
Bugzilla Description:
dnsmasq: dnsmasq: heap buffer overflow in cache via NAME_ESCAPE expansion
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-131
Affected Packages: dnsmasq-0:2.90-7.el10_2,dnsmasq-0:2.85-18.el9_8.1,dnsmasq-0:2.79-36.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-4890
Severity: important
Released on: 09/05/2026
Advisory: RHSA-2026:20589, RHSA-2026:19373, RHSA-2026:19158,
Bugzilla: 2458516
Bugzilla Description:
dnsmasq: NSEC bitmap parsing infinite loop
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-835
Affected Packages: dnsmasq-0:2.90-7.el10_2,dnsmasq-0:2.85-18.el9_8.1,dnsmasq-0:2.79-36.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-4891
Severity: important
Released on: 09/05/2026
Advisory: RHSA-2026:20589, RHSA-2026:19373, RHSA-2026:19158,
Bugzilla: 2458517
Bugzilla Description:
dnsmasq: RRSIG rdlen underflow leading to heap OOB read
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-125
Affected Packages: dnsmasq-0:2.90-7.el10_2,dnsmasq-0:2.85-18.el9_8.1,dnsmasq-0:2.79-36.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-4892
Severity: important
Released on: 09/05/2026
Advisory: RHSA-2026:20589, RHSA-2026:19373, RHSA-2026:19158,
Bugzilla: 2458518
Bugzilla Description:
dnsmasq: DHCPv6 CLID buffer overflow in helper process
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-122
Affected Packages: dnsmasq-0:2.90-7.el10_2,dnsmasq-0:2.85-18.el9_8.1,dnsmasq-0:2.79-36.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-4893
Severity: moderate
Released on: 09/05/2026
Advisory: RHSA-2026:20589, RHSA-2026:19373, RHSA-2026:19158,
Bugzilla: 2458519
Bugzilla Description:
dnsmasq: Broken ECS source validation bypass
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-20
Affected Packages: dnsmasq-0:2.90-7.el10_2,dnsmasq-0:2.85-18.el9_8.1,dnsmasq-0:2.79-36.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-5172
Severity: important
Released on: 09/05/2026
Advisory: RHSA-2026:19158,
Bugzilla: 2458521
Bugzilla Description:
dnsmasq: extract_addresses() OOB read via malformed rdlen
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-125
Affected Packages: dnsmasq-0:2.90-7.el10_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-45130
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468422
Bugzilla Description:
vim: Vim: Heap buffer overflow allows arbitrary code execution or denial of service
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-6659
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468316
Bugzilla Description:
Crypt::PasswdMD5: Perl: Crypt::PasswdMD5: Weak cryptographic salts due to predictable random number generation
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-338
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-41889
Severity: moderate
Released on: 08/05/2026
Advisory: RHSA-2026:16133, RHSA-2026:15856,
Bugzilla: 2468307
Bugzilla Description:
github.com/jackc/pgx: golang: pgx: SQL injection via specific SQL query conditions
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-89
Affected Packages: caddy-main-2.11.3-0.1.hum1,go-fdo-server-main-1.0.1-0.2.hum1,
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Cryostat 4,Custom Metric Autoscaler operator for Red Hat Openshift,Custom Metric Autoscaler operator for Red Hat Openshift,Custom Metric Autoscaler operator for Red Hat Openshift,Custom Metric Autoscaler operator for Red Hat Openshift,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Ceph Storage 9,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document
CVE-2026-41506
Severity: moderate
Released on: 08/05/2026
Advisory: RHSA-2026:17669,
Bugzilla: 2468126
Bugzilla Description:
golang: github.com/go-git/go-git: go-git: Information disclosure of HTTP authentication credentials via redirects
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-601
Affected Packages: syft-main-1.44.0-0.3.hum1,
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Confidential Compute Attestation,Exploit Intelligence,Exploit Intelligence,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,Kernel Module Management Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Machine Deletion Remediation Operator,Machine Deletion Remediation Operator,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Node HealthCheck Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Pen Drive Powered by Red Hat Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Power monitoring for Red Hat OpenShift,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Ceph Storage 9,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,
Full Details
CVE document
CVE-2026-41493
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468081
Bugzilla Description:
yard: YARD: Information Disclosure via Path Traversal in yard server
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-42203
Severity: important
Released on: 08/05/2026
Advisory:
Bugzilla: 2467917
Bugzilla Description:
litellm: LiteLLM: Arbitrary code execution via unsandboxed prompt templates
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-94
Affected Packages:
Package States: Exploit Intelligence,Red Hat Ansible Automation Platform 2,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-43453
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla:
Bugzilla Description:
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43309
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468037
Bugzilla Description:
kernel: md raid: fix hang when stopping arrays with metadata through dm-raid
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43342
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468039
Bugzilla Description:
kernel: usb: gadget: f_rndis: Protect RNDIS options with mutex
CVSS Score:
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43345
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468040
Bugzilla Description:
kernel: net: ipa: fix event ring index not programmed for IPA v5.0+
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43331
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468042
Bugzilla Description:
kernel: x86/kexec: Disable KCOV instrumentation after load_segments()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43332
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468043
Bugzilla Description:
kernel: thermal: core: Fix thermal zone device registration error path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43293
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468044
Bugzilla Description:
kernel: media: chips-media: wave5: Fix kthread worker destruction in polling mode
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43285
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468046
Bugzilla Description:
kernel: mm/slab: do not access current->mems_allowed_seq if !allow_spin
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43321
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468047
Bugzilla Description:
kernel: bpf: Properly mark live registers for indirect jumps
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43298
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468048
Bugzilla Description:
kernel: drm/amdgpu: Skip vcn poison irq release on VF
CVSS Score:
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43325
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468049
Bugzilla Description:
kernel: wifi: iwlwifi: mvm: don't send a 6E related command when not supported
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43334
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468050
Bugzilla Description:
kernel: Bluetooth: SMP: force responder MITM requirements before building the pairing response
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-322
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71297
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468053
Bugzilla Description:
kernel: wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71296
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468054
Bugzilla Description:
kernel: drm/tests: shmem: Hold reservation lock around purge
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43336
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468057
Bugzilla Description:
kernel: lib/crypto: chacha: Zeroize permuted_state before it leaves scope
CVSS Score:
Vector:
CWE: CWE-212
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43299
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468058
Bugzilla Description:
kernel: btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43318
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468060
Bugzilla Description:
kernel: drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43330
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468061
Bugzilla Description:
kernel: crypto: caam - fix overflow on long hmac keys
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43304
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468062
Bugzilla Description:
kernel: libceph: define and enforce CEPH_MAX_KEY_LEN
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43288
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468063
Bugzilla Description:
kernel: ext4: move ext4_percpu_param_init() before ext4_mb_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43343
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468064
Bugzilla Description:
kernel: usb: gadget: f_subset: Fix unbalanced refcnt in geth_free
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43347
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468065
Bugzilla Description:
kernel: arm64: dts: qcom: monaco: Reserve full Gunyah metadata region
CVSS Score:
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43319
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468066
Bugzilla Description:
kernel: spi: spidev: fix lock inversion between spi_lock and buf_lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43349
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468067
Bugzilla Description:
kernel: f2fs: fix to avoid uninit-value access in f2fs_sanity_check_node_footer
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43291
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468069
Bugzilla Description:
kernel: net: nfc: nci: Fix parameter validation for packet data
CVSS Score:
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71302
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468072
Bugzilla Description:
kernel: drm/panthor: fix for dma-fence safe access rules
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43326
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468074
Bugzilla Description:
kernel: sched_ext: Fix SCX_KICK_WAIT deadlock by deferring wait to balance callback
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43295
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468075
Bugzilla Description:
kernel: rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43308
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468076
Bugzilla Description:
kernel: btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71300
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468077
Bugzilla Description:
kernel: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree"
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43348
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468078
Bugzilla Description:
kernel: mshv_vtl: Fix vmemmap_shift exceeding MAX_FOLIO_ORDER
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43328
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468079
Bugzilla Description:
kernel: cpufreq: governor: fix double free in cpufreq_dbs_governor_init() error path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43323
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468082
Bugzilla Description:
kernel: sched/fair: Fix zero_vruntime tracking fix
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71301
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468083
Bugzilla Description:
kernel: drm/tests: shmem: Hold reservation lock around vmap/vunmap
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43297
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468084
Bugzilla Description:
kernel: media: rockchip: rga: Fix possible ERR_PTR dereference in rga_buf_init()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43292
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468085
Bugzilla Description:
kernel: mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43314
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468086
Bugzilla Description:
kernel: dm: remove fake timeout to avoid leak request
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43324
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468087
Bugzilla Description:
kernel: USB: dummy-hcd: Fix interrupt synchronization error
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43305
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468088
Bugzilla Description:
kernel: drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path
CVSS Score:
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43290
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468089
Bugzilla Description:
kernel: media: uvcvideo: Return queued buffers on start_streaming() failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43317
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468090
Bugzilla Description:
kernel: most: core: fix leak on early registration failure
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43303
Severity: moderate
Released on: 08/05/2026
Advisory: RHSA-2026:21557, RHSA-2026:21556,
Bugzilla: 2468091
Bugzilla Description:
kernel: mm/page_alloc: clear page->private in free_pages_prepare()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-909
Affected Packages: kernel-0:6.12.0-211.18.1.el10_2,kernel-0:5.14.0-687.12.1.el9_8,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43320
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468092
Bugzilla Description:
kernel: drm/amd/display: Fix dsc eDP issue
CVSS Score:
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43344
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468093
Bugzilla Description:
kernel: perf/x86/intel/uncore: Fix die ID init and look up bugs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43335
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468095
Bugzilla Description:
kernel: interconnect: qcom: sm8450: Fix NULL pointer dereference in icc_link_nodes()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43341
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468097
Bugzilla Description:
kernel: net/ipv6: ioam6: prevent schema length wraparound in trace fill
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43340
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468098
Bugzilla Description:
kernel: comedi: Reinit dev->spinlock between attachments to low-level drivers
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43327
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468099
Bugzilla Description:
kernel: USB: dummy-hcd: Fix locking/synchronization error
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43306
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468100
Bugzilla Description:
kernel: bpf: crypto: Use the correct destructor kfunc type
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43307
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468101
Bugzilla Description:
kernel: iio: accel: adxl380: Avoid reading more entries than present in FIFO
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43339
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468102
Bugzilla Description:
kernel: ipv6: prevent possible UaF in addrconf_permanent_addr()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43302
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468103
Bugzilla Description:
kernel: drm/v3d: Set DMA segment size to avoid debug warnings
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71299
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468104
Bugzilla Description:
kernel: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43294
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468106
Bugzilla Description:
kernel: drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels
CVSS Score:
Vector:
CWE: CWE-841
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43287
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468108
Bugzilla Description:
kernel: drm: Account property blob allocations to memcg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43346
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468109
Bugzilla Description:
kernel: ice: ptp: don't WARN when controlling PF is unavailable
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43350
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468110
Bugzilla Description:
kernel: smb: client: require a full NFS mode SID before reading mode bits
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43315
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468111
Bugzilla Description:
kernel: KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43313
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468112
Bugzilla Description:
kernel: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43286
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468114
Bugzilla Description:
kernel: mm/hugetlb: restore failed global reservations to subpool
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43289
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468115
Bugzilla Description:
kernel: kexec: derive purgatory entry from symbol
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43300
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468116
Bugzilla Description:
kernel: drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43337
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468117
Bugzilla Description:
kernel: drm/amd/display: Fix NULL pointer dereference in dcn401_init_hw()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43301
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468118
Bugzilla Description:
kernel: media: chips-media: wave5: Fix PM runtime usage count underflow
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43316
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468120
Bugzilla Description:
kernel: media: solo6x10: Check for out of bounds chip_id
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71298
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468121
Bugzilla Description:
kernel: drm/tests: shmem: Hold reservation lock around madvise
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43338
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468122
Bugzilla Description:
kernel: btrfs: reserve enough transaction items for qgroup ioctls
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43312
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468123
Bugzilla Description:
kernel: media: i2c: ov5647: Initialize subdev before controls
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43329
Severity: important
Released on: 08/05/2026
Advisory:
Bugzilla: 2468124
Bugzilla Description:
kernel: netfilter: flowtable: strictly check for maximum number of actions
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43296
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468125
Bugzilla Description:
kernel: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43333
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468128
Bugzilla Description:
kernel: bpf: reject direct access to nullable PTR_TO_BUF pointers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43311
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468129
Bugzilla Description:
kernel: soc/tegra: pmc: Fix unsafe generic_handle_irq() call
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43310
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468130
Bugzilla Description:
kernel: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC
CVSS Score:
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43322
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468131
Bugzilla Description:
kernel: Bluetooth: hci_sync: Fix UAF in le_read_features_complete
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43463
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468141
Bugzilla Description:
kernel: rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43384
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468142
Bugzilla Description:
kernel: net/tcp-ao: Fix MAC comparison to be constant-time
CVSS Score:
Vector:
CWE: CWE-208
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43364
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468143
Bugzilla Description:
kernel: ublk: fix NULL pointer dereference in ublk_ctrl_set_size()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43419
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468144
Bugzilla Description:
kernel: ceph: fix memory leaks in ceph_mdsc_build_path()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43454
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468145
Bugzilla Description:
kernel: netfilter: nf_tables: Fix for duplicate device in netdev hooks
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-694
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43431
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468146
Bugzilla Description:
kernel: xhci: Fix NULL pointer dereference when reading portli debugfs files
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43372
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468147
Bugzilla Description:
kernel: net: dsa: microchip: Fix error path in PTP IRQ setup
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43460
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468148
Bugzilla Description:
kernel: spi: rockchip-sfc: Fix double-free in remove() callback
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43467
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468149
Bugzilla Description:
kernel: net/mlx5: Fix crash when moving to switchdev mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43437
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468150
Bugzilla Description:
kernel: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43444
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468151
Bugzilla Description:
kernel: drm/amdkfd: Unreserve bo if queue update failed
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43429
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468152
Bugzilla Description:
kernel: USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43465
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468153
Bugzilla Description:
kernel: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43357
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468154
Bugzilla Description:
kernel: iio: gyro: mpu3050-core: fix pm_runtime error handling
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43414
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468155
Bugzilla Description:
kernel: scsi: qla2xxx: Completely fix fcport double free
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43404
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468156
Bugzilla Description:
kernel: mm: Fix a hmm_range_fault() livelock / starvation problem
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43445
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468157
Bugzilla Description:
kernel: e1000/e1000e: Fix leak in DMA error cleanup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43446
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468158
Bugzilla Description:
kernel: accel/amdxdna: Fix runtime suspend deadlock when there is pending job
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43441
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468159
Bugzilla Description:
kernel: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43466
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468160
Bugzilla Description:
kernel: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43405
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468161
Bugzilla Description:
kernel: libceph: Use u32 for non-negative values in ceph_monmap_decode()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-681
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43378
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468162
Bugzilla Description:
kernel: smb: server: fix use-after-free in smb2_open()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43457
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468163
Bugzilla Description:
kernel: mctp: i2c: fix skb memory leak in receive path
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43360
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468164
Bugzilla Description:
kernel: btrfs: fix transaction abort on file creation due to name hash collision
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43416
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468165
Bugzilla Description:
kernel: powerpc, perf: Check that current->mm is alive before getting user callchain
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43359
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468167
Bugzilla Description:
kernel: btrfs: fix transaction abort on set received ioctl due to item overflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43358
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468168
Bugzilla Description:
kernel: btrfs: add missing RCU unlock in error path in try_release_subpage_extent_buffer()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43462
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468169
Bugzilla Description:
kernel: net: spacemit: Fix error handling in emac_tx_mem_map()
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43399
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468170
Bugzilla Description:
kernel: drm/amdgpu/userq: Fix reference leak in amdgpu_userq_wait_ioctl
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43374
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468172
Bugzilla Description:
kernel: net: nexthop: fix percpu use-after-free in remove_nh_grp_entry
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43375
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468173
Bugzilla Description:
kernel: net: mctp: fix device leak on probe failure
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43388
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468174
Bugzilla Description:
kernel: mm/damon/core: clear walk_control on inactive context in damos_walk()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43398
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468175
Bugzilla Description:
kernel: drm/amdgpu: add upper bound check on user inputs in wait ioctl
CVSS Score:
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43410
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468176
Bugzilla Description:
kernel: firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43352
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468177
Bugzilla Description:
kernel: i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43365
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468178
Bugzilla Description:
kernel: xfs: fix undersized l_iclog_roundoff values
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43401
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468179
Bugzilla Description:
kernel: cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43432
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468180
Bugzilla Description:
kernel: usb: xhci: Fix memory leak in xhci_disable_slot()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43468
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468181
Bugzilla Description:
kernel: net/mlx5: Fix deadlock between devlink lock and esw->wq
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43475
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468182
Bugzilla Description:
kernel: scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43415
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468183
Bugzilla Description:
kernel: scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43425
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468184
Bugzilla Description:
kernel: usb: image: mdc800: kill download URB on timeout
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43391
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468185
Bugzilla Description:
kernel: nsfs: tighten permission checks for handle opening
CVSS Score:
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43386
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468186
Bugzilla Description:
kernel: staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43411
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468187
Bugzilla Description:
kernel: tipc: fix divide-by-zero in tipc_sk_filter_connect()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document