CVE-2026-44490 moderate 2026-06-11T15:36:13Z 2487941 axios: Axios: Information disclosure and denial of service due to prototype pollution CWE-915 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44490.xml 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L CVE-2026-44489 low 2026-06-11T15:30:44Z 2487940 axios: Axios: Information disclosure via Prototype Pollution CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44489.xml 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2026-11986 moderate 2026-06-11T14:17:32Z 2487906 keycloak-rest-admin-ui-ext: Authorization Bypass vulnerability in the admin-ui-ext bulk role-mapping-delete endpoints of Keycloak CWE-425 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11986.xml 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVE-2026-47734 moderate 2026-06-10T22:11:02Z 2487774 dulwich: Dulwich: Denial of Service via crafted Git thin pack CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47734.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-53465 moderate 2026-06-10T22:07:50Z 2487772 ImageMagick: ImageMagick: Denial of Service via crafted multi-frame image leading to heap buffer overwrite CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53465.xml 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-53464 low 2026-06-10T22:07:06Z 2487768 ImageMagick: ImageMagick: Memory leak via invalid options to wand option parser CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53464.xml 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-53462 low 2026-06-10T22:04:53Z 2487761 ImageMagick: ImageMagick: Denial of Service due to heap-use-after-free in CheckPrimitiveExtent CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53462.xml 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-47712 low 2026-06-10T22:01:49Z 2487762 dulwich: Dulwich: Arbitrary file write via malicious commit subject in format_patch CWE-22 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47712.xml 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-48994 moderate 2026-06-10T21:58:14Z 2487771 ImageMagick: ImageMagick: Denial of Service via heap buffer over-write in MAT decoder CWE-253 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48994.xml 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-48734 moderate 2026-06-10T21:55:59Z 2487756 ImageMagick: ImageMagick: Denial of Service via crafted MVG file leading to stack overflow CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48734.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-48733 moderate 2026-06-10T21:53:35Z 2487767 ImageMagick: ImageMagick: Denial of Service via crafted image in subimage-search CWE-835 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48733.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-48724 moderate 2026-06-10T21:52:32Z 2487759 ImageMagick: ImageMagick: Denial of Service via heap buffer overwrite in Floyd-Steinberg dithering CWE-124 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48724.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-47165 low 2026-06-10T21:50:30Z 2487760 ImageMagick: ImageMagick: Information disclosure due to missing authentication in distributed pixel cache CWE-306 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47165.xml 4.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N CVE-2026-46521 moderate 2026-06-10T21:40:44Z 2487766 ImageMagick: ImageMagick: Denial of Service via out-of-bounds write in LZMA MIFF encoder CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46521.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-46520 important 2026-06-10T21:31:57Z 2487729 ImageMagick: ImageMagick: Denial of Service via out-of-bounds write when processing multiple images CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46520.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-45664 important 2026-06-10T21:30:51Z 2487732 ImageMagick: ImageMagick: Denial of Service due to excessive resource use in MNG coder CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45664.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-46522 important 2026-06-10T21:30:41Z 2487730 ImageMagick: ImageMagick: Denial of Service via crafted MIFF file CWE-835 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46522.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-45624 moderate 2026-06-10T21:29:28Z 2487739 ImageMagick: ImageMagick: Data exposure due to image processing vulnerability CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45624.xml 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L CVE-2026-45359 important 2026-06-10T21:26:32Z 2487737 ImageMagick: ImageMagick: Information Disclosure via Invalid Connected-Components Value CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45359.xml 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-42326 moderate 2026-06-10T21:25:35Z 2487735 ImageMagick: ImageMagick: Information disclosure via malicious IPTC input file CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42326.xml 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L CVE-2026-45031 important 2026-06-10T21:25:20Z 2487734 ImageMagick: ImageMagick: Denial of Service due to resource policy bypass in PSD decoder CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45031.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-46523 important 2026-06-10T21:22:02Z 2487743 ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46523.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-10143 important 2026-06-10T20:22:39Z 2487722 kafka-python: kafka-python: Denial of Service via excessive SCRAM authentication iteration count CWE-606 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10143.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-46529 important 2026-06-10T19:46:23Z 2487669 atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen CWE-77 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46529.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-6893 important 2026-06-10T19:39:00Z 2459963 dracut: dracut: Root code execution via DHCP options command injection CWE-78 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6893.xml 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-53442 moderate 2026-06-10T13:06:02Z 2487556 jenkins: Jenkins: Information disclosure of secrets via unencrypted storage CWE-312 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53442.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2026-53439 moderate 2026-06-10T13:06:00Z 2487549 jenkins: Jenkins: Information Disclosure via Missing Permission Checks CWE-862 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53439.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2026-11850 moderate 2026-06-10T00:00:00Z 2459970 krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read CWE-191 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11850.xml 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H CVE-2026-11837 important 2026-06-10T00:00:00Z 2487424 ansible-collection-ansible-posix: ansible.posix authorized_key: local privilege escalation via symlink-following chown CWE-59 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11837.xml 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2026-53701 moderate 2026-06-10T00:00:00Z 2487611 gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds write in H.266/VVC PPS picture partition parser CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53701.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-53702 moderate 2026-06-10T00:00:00Z 2487612 gstreamer1-plugins-bad-free: GStreamer: Stack buffer overflow in H.265 buffering period SEI parser CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53702.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-41726 moderate 2026-06-09T23:48:51Z 2487380 spring-kafka: Spring-kafka: Denial of Service due to unbounded heap growth via unique header values CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41726.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45591 important 2026-06-09T17:05:29Z RHSA-2026:25110 RHSA-2026:25220 RHSA-2026:25111 RHSA-2026:25221 RHSA-2026:25112 RHSA-2026:25222 RHSA-2026:17527 RHSA-2026:25113 RHSA-2026:25114 RHSA-2026:25115 2487224 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption CWE-770 dotnet8.0-0:8.0.128-1.el10_2 dotnet8.0-0:8.0.128-1.el8_10 dotnet10.0-0:10.0.109-1.el9_8 dotnet10.0-0:10.0.109-1.el8_10 dotnet9.0-0:9.0.118-1.el9_8 dotnet9.0-0:9.0.118-1.el10_2 dotnet9.0-0:9.0.118-1.el8_10 dotnet8.0-0:8.0.128-1.el9_8 dotnet9-0-main-9.0.117-1.hum1 dotnet10.0-0:10.0.109-1.el10_2 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45591.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-45491 moderate 2026-06-09T17:04:44Z RHSA-2026:25110 RHSA-2026:25220 RHSA-2026:25111 RHSA-2026:25221 RHSA-2026:25112 RHSA-2026:25222 RHSA-2026:17527 RHSA-2026:25113 RHSA-2026:25114 RHSA-2026:25115 2487164 dotnet: .NET: Local file tampering via link following vulnerability CWE-59 dotnet8.0-0:8.0.128-1.el10_2 dotnet8.0-0:8.0.128-1.el8_10 dotnet10.0-0:10.0.109-1.el9_8 dotnet10.0-0:10.0.109-1.el8_10 dotnet9.0-0:9.0.118-1.el9_8 dotnet9.0-0:9.0.118-1.el10_2 dotnet9.0-0:9.0.118-1.el8_10 dotnet8.0-0:8.0.128-1.el9_8 dotnet9-0-main-9.0.117-1.hum1 dotnet10.0-0:10.0.109-1.el10_2 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45491.xml 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2026-45490 important 2026-06-09T17:04:43Z 2487184 dotnet: .NET SDK workload elevate: arbitrary file creation/truncation via LogFile named pipe. CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45490.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-42599 moderate 2026-06-09T16:22:46Z 2487076 svelte: Svelte: Cross-Site Scripting via untrusted data in spread attributes CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42599.xml 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-42570 important 2026-06-09T16:12:26Z 2487050 devalue: devalue: Excessive memory consumption via deserialization of sparse arrays CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42570.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-10263 important 2026-06-09T09:23:18Z 2486958 kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10263.xml 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N CVE-2026-52903 important 2026-06-09T07:23:47Z 2486730 manageiq: YAML safe_load production fallback to unsafe_load enables RCE via deserialization CWE-502 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-52903.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-52902 moderate 2026-06-09T07:17:10Z 2486729 awxkit: path traversal via YAML !include directive CWE-22 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-52902.xml 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-7383 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481879 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing CWE-190 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7383.xml 5.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H CVE-2026-9076 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481880 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption CWE-131 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9076.xml 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-34180 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481881 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. CWE-190 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34180.xml 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H CVE-2026-34181 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481882 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys CWE-347 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34181.xml 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-34182 moderate 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481884 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages CWE-130 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34182.xml 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2026-34183 moderate 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481885 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler CWE-770 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34183.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-42764 moderate 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481887 openssl: NULL pointer dereference in QUIC server initial packet handling CWE-476 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42764.xml 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-42766 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481890 openssl: Possible NULL Dereference in Password-Based CMS Decryption CWE-476 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42766.xml 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-42767 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481891 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption CWE-476 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42767.xml 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-42768 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481892 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() CWE-205 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42768.xml 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-42769 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481893 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate CWE-295 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42769.xml 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N CVE-2026-42770 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481894 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q CWE-354 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42770.xml 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2026-45445 moderate 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481896 openssl: AES-OCB IV Ignored on EVP_Cipher() Path CWE-1204 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45445.xml 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2026-45446 low 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481897 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes CWE-347 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45446.xml 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2026-45447 important 2026-06-09T00:00:00Z RHSA-2026:25239 RHSA-2026:25237 2481898 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() CWE-825 openssl-1:3.5.5-4.el10_2 openssl-1:3.5.5-4.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45447.xml 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-46315 moderate 2026-06-09T00:00:00Z 2486933 kernel: io_uring/waitid: clear waitid info before copying it to userspace CWE-909 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46315.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46317 moderate 2026-06-09T00:00:00Z 2486976 kernel: KVM: arm64: Reassign nested_mmus array behind mmu_lock CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46317.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46321 moderate 2026-06-09T00:00:00Z 2486977 kernel: tun: free page on short-frame rejection in tun_xdp_one() CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46321.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46319 important 2026-06-09T00:00:00Z 2486979 kernel: net/sched: act_ct: Only release RCU read lock after ct_ft CWE-826 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46319.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46324 moderate 2026-06-09T00:00:00Z 2486980 kernel: netfilter: nf_tables: use list_del_rcu for netlink hooks https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46324.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46316 important 2026-06-09T00:00:00Z 2486982 kernel: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46316.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46318 low 2026-06-09T00:00:00Z 2486983 kernel: Revert "mm/hugetlbfs: update hugetlbfs to use mmap_prepare" CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46318.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46320 moderate 2026-06-09T00:00:00Z 2486985 kernel: tap: free page on error paths in tap_get_user_xdp() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46320.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46322 moderate 2026-06-09T00:00:00Z 2486987 kernel: tun: free page on build_skb failure in tun_xdp_one() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46322.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46327 low 2026-06-09T00:00:00Z 2486994 kernel: dm: fix unlocked test for dm_suspended_md CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46327.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46332 2026-06-09T00:00:00Z 2486995 kernel: greybus: gb-beagleplay: bound bootloader receive buffering CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46332.xml CVE-2026-46326 2026-06-09T00:00:00Z 2486997 kernel: iio: pressure: mprls0025pa: fix spi_transfer struct initialisation CWE-909 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46326.xml CVE-2026-52906 2026-06-09T00:00:00Z 2486998 kernel: 9p: fix access mode flags being ORed instead of replaced CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-52906.xml CVE-2026-46330 important 2026-06-09T00:00:00Z 2486999 kernel: Revert "net/smc: Introduce TCP ULP support" CWE-915 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46330.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46328 2026-06-09T00:00:00Z 2487000 kernel: apparmor: fix rlimit for posix cpu timers CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46328.xml CVE-2026-52907 2026-06-09T00:00:00Z 2487001 kernel: media: rockchip: rkcif: fix off by one bugs CWE-193 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-52907.xml CVE-2026-46325 moderate 2026-06-09T00:00:00Z 2487002 kernel: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE CWE-823 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46325.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-52904 2026-06-09T00:00:00Z 2487003 kernel: drm/nouveau: fix nvkm_device leak on aperture removal failure CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-52904.xml CVE-2026-52905 2026-06-09T00:00:00Z 2487004 kernel: mm/damon/core: disallow non-power of two min_region_sz on damon_start() CWE-1284 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-52905.xml CVE-2026-46329 moderate 2026-06-09T00:00:00Z 2487005 kernel: erofs: handle end of filesystem properly for file-backed mounts CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46329.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-11577 important 2026-06-08T00:00:00Z 2459993 keycloak: keycloak: privilege escalation via partialImport FGAP permission bypass CWE-863 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11577.xml 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2026-11569 moderate 2026-06-08T00:00:00Z 2486194 quay: quay: Stored XSS via Filedrop SVG Upload CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11569.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2025-71315 low 2026-06-08T00:00:00Z 2486385 kernel: drm/vkms: Convert to DRM's vblank timer https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71315.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46275 moderate 2026-06-08T00:00:00Z 2486398 kernel: Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46275.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46274 moderate 2026-06-08T00:00:00Z 2486404 kernel: io-wq: check that the predecessor is hashed in io_wq_remove_pending() CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46274.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46292 low 2026-06-08T00:00:00Z 2486428 kernel: pmdomain: core: Fix detach procedure for virtual devices in genpd CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46292.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46313 low 2026-06-08T00:00:00Z 2486429 kernel: media: intel/ipu6: fix error pointer dereference CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46313.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46299 low 2026-06-08T00:00:00Z 2486430 kernel: hfsplus: fix held lock freed on hfsplus_fill_super() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46299.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46302 low 2026-06-08T00:00:00Z 2486432 kernel: selinux: allow multiple opens of /sys/fs/selinux/policy CWE-821 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46302.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46295 moderate 2026-06-08T00:00:00Z 2486435 kernel: KVM: x86: Do IRR scan in __kvm_apic_update_irr even if PIR is empty CWE-821 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46295.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46289 moderate 2026-06-08T00:00:00Z 2486436 kernel: lib/scatterlist: fix length calculations in extract_kvec_to_sg CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46289.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46279 low 2026-06-08T00:00:00Z 2486437 kernel: mm/alloc_tag: clear codetag for pages allocated before page_ext initialization CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46279.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46312 moderate 2026-06-08T00:00:00Z 2486438 kernel: media: videobuf2: Set vma_flags in vb2_dma_sg_mmap CWE-628 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46312.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46305 2026-06-08T00:00:00Z 2486439 kernel: staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46305.xml CVE-2026-46308 2026-06-08T00:00:00Z 2486440 kernel: pmdomain: mediatek: fix use-after-free in scpsys_get_bus_protection_legacy() CWE-826 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46308.xml CVE-2026-46310 2026-06-08T00:00:00Z 2486441 kernel: media: renesas: vsp1: Fix NULL pointer deref on module unload CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46310.xml CVE-2026-46296 2026-06-08T00:00:00Z 2486443 kernel: spi: s3c64xx: fix NULL-deref on driver unbind CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46296.xml CVE-2026-46277 2026-06-08T00:00:00Z 2486444 kernel: mm/zone_device: do not touch device folio after calling ->folio_free() CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46277.xml CVE-2026-46283 moderate 2026-06-08T00:00:00Z 2486445 kernel: tpm: Use kfree_sensitive() to free auth session in tpm_dev_release() CWE-212 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46283.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46285 2026-06-08T00:00:00Z 2486447 kernel: mtd: docg3: fix use-after-free in docg3_release() CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46285.xml CVE-2026-46304 moderate 2026-06-08T00:00:00Z 2486448 kernel: nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free CWE-833 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46304.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46280 moderate 2026-06-08T00:00:00Z 2486449 kernel: lib: test_hmm: evict device pages on file close to avoid use-after-free CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46280.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46301 2026-06-08T00:00:00Z 2486450 kernel: spi: topcliff-pch: fix use-after-free on unbind CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46301.xml CVE-2026-46278 2026-06-08T00:00:00Z 2486451 kernel: drm/imagination: Fix segfault when updating ftrace mask CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46278.xml CVE-2026-46314 2026-06-08T00:00:00Z 2486452 kernel: drm/v3d: Reject empty multisync extension to prevent infinite loop CWE-606 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46314.xml CVE-2026-46294 moderate 2026-06-08T00:00:00Z 2486454 kernel: dm: fix a buffer overflow in ioctl processing CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46294.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46281 moderate 2026-06-08T00:00:00Z 2486455 kernel: vmalloc: fix buffer overflow in vrealloc_node_align() CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46281.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46307 moderate 2026-06-08T00:00:00Z 2486456 kernel: wifi: ath5k: do not access array OOB CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46307.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46290 2026-06-08T00:00:00Z 2486457 kernel: x86/efi: Fix graceful fault handling after FPU softirq changes CWE-663 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46290.xml CVE-2026-46282 2026-06-08T00:00:00Z 2486460 kernel: iio: frequency: admv1013: fix NULL pointer dereference on str CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46282.xml CVE-2026-46306 moderate 2026-06-08T00:00:00Z 2486463 kernel: flow_dissector: do not dissect PPPoE PFC frames CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46306.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46291 moderate 2026-06-08T00:00:00Z 2486465 kernel: crypto: caam - guard HMAC key hex dumps in hash_digest_key CWE-215 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46291.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46287 2026-06-08T00:00:00Z 2486467 kernel: net: txgbe: fix RTNL assertion warning when remove module CWE-414 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46287.xml CVE-2026-46309 important 2026-06-08T00:00:00Z 2486468 kernel: drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise CWE-524 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46309.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46288 2026-06-08T00:00:00Z 2486469 kernel: of: unittest: fix use-after-free in of_unittest_changeset() CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46288.xml CVE-2026-46311 2026-06-08T00:00:00Z 2486470 kernel: drm/amdgpu/userq: fix access to stale wptr mapping CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46311.xml CVE-2026-46293 2026-06-08T00:00:00Z 2486474 kernel: clk: microchip: mpfs-ccc: fix out of bounds access during output registration CWE-131 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46293.xml CVE-2026-46284 low 2026-06-08T00:00:00Z 2486475 kernel: mm/hugetlb: fix early boot crash on parameters without '=' separator CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46284.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46297 2026-06-08T00:00:00Z 2486476 kernel: net: libwx: use request_irq for VF misc interrupt CWE-628 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46297.xml CVE-2026-46276 2026-06-08T00:00:00Z 2486479 kernel: drm/amdgpu: fix zero-size GDS range init on RDNA4 CWE-1284 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46276.xml CVE-2026-46298 low 2026-06-08T00:00:00Z 2486480 kernel: pseries/papr-hvpipe: Fix race with interrupt handler CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46298.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-11697 important 2026-06-08T00:00:00Z 2486597 chromium-browser: Insufficient validation of untrusted input in UI CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11697.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11670 important 2026-06-08T00:00:00Z 2486598 chromium-browser: Use after free in PDF CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11670.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11662 important 2026-06-08T00:00:00Z 2486599 chromium-browser: Type Confusion in Bindings CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11662.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11678 important 2026-06-08T00:00:00Z 2486600 chromium-browser: Integer overflow in libyuv CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11678.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11637 important 2026-06-08T00:00:00Z 2486601 chromium-browser: Use after free in Views CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11637.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11699 important 2026-06-08T00:00:00Z 2486602 chromium-browser: Use after free in Bluetooth CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11699.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11629 important 2026-06-08T00:00:00Z 2486603 chromium-browser: Use after free in Ozone CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11629.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11628 important 2026-06-08T00:00:00Z 2486604 chromium-browser: Use after free in Ozone CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11628.xml 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-11642 important 2026-06-08T00:00:00Z 2486605 chromium-browser: Use after free in Web Apps CWE-1341 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11642.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11647 important 2026-06-08T00:00:00Z 2486606 chromium-browser: Use after free in Printing CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11647.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11635 important 2026-06-08T00:00:00Z 2486607 chromium-browser: Use after free in Bluetooth CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11635.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11646 important 2026-06-08T00:00:00Z 2486608 chromium-browser: Use after free in ViewTransitions CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11646.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11648 important 2026-06-08T00:00:00Z 2486609 chromium-browser: Use after free in FullScreen CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11648.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11696 important 2026-06-08T00:00:00Z 2486610 chromium-browser: Uninitialized Use in Video CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11696.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11701 moderate 2026-06-08T00:00:00Z 2486611 chromium-browser: Insufficient validation of untrusted input in Guest View CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11701.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11644 important 2026-06-08T00:00:00Z 2486612 chromium-browser: Use after free in Views CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11644.xml 8.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11694 important 2026-06-08T00:00:00Z 2486613 chromium-browser: Use after free in ServiceWorker CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11694.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11666 important 2026-06-08T00:00:00Z 2486614 chromium-browser: Insufficient validation of untrusted input in Input CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11666.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11652 important 2026-06-08T00:00:00Z 2486615 chromium-browser: Use after free in Extensions CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11652.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11649 important 2026-06-08T00:00:00Z 2486616 chromium-browser: Use after free in V8 CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11649.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11681 important 2026-06-08T00:00:00Z 2486617 chromium-browser: Use after free in Ozone CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11681.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11665 important 2026-06-08T00:00:00Z 2486618 chromium-browser: Out of bounds read in Dawn CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11665.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11695 important 2026-06-08T00:00:00Z 2486619 chromium-browser: Inappropriate implementation in Passwords CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11695.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11685 important 2026-06-08T00:00:00Z 2486620 chromium-browser: Insufficient data validation in MediaCapture CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11685.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11643 important 2026-06-08T00:00:00Z 2486621 chromium-browser: Use after free in Proxy CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11643.xml 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-11673 important 2026-06-08T00:00:00Z 2486622 chromium-browser: Use after free in InterestGroups CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11673.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11641 important 2026-06-08T00:00:00Z 2486623 chromium-browser: Use after free in Bluetooth CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11641.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11676 important 2026-06-08T00:00:00Z 2486624 chromium-browser: Insufficient validation of untrusted input in Dawn CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11676.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11638 important 2026-06-08T00:00:00Z 2486625 chromium-browser: Use after free in Printing CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11638.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11654 important 2026-06-08T00:00:00Z 2486626 chromium-browser: Use after free in CameraCapture CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11654.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11671 important 2026-06-08T00:00:00Z 2486627 chromium-browser: Use after free in Navigation CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11671.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11690 important 2026-06-08T00:00:00Z 2486628 chromium-browser: Out of bounds read and write in Media CWE-823 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11690.xml 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2026-11669 important 2026-06-08T00:00:00Z 2486629 chromium-browser: Integer overflow in Media CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11669.xml 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11686 important 2026-06-08T00:00:00Z 2486630 chromium-browser: Insufficient validation of untrusted input in Dawn CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11686.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11650 important 2026-06-08T00:00:00Z 2486631 chromium-browser: Use after free in V8 CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11650.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11661 important 2026-06-08T00:00:00Z 2486632 chromium-browser: Use after free in Views CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11661.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11645 important 2026-06-08T00:00:00Z 2486633 chromium-browser: Out of bounds memory access in V8 CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11645.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11657 important 2026-06-08T00:00:00Z 2486634 chromium-browser: Use after free in Payments CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11657.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11683 important 2026-06-08T00:00:00Z 2486635 chromium-browser: Use after free in WebCodecs CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11683.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11664 important 2026-06-08T00:00:00Z 2486636 chromium-browser: Use after free in Payments CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11664.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11680 important 2026-06-08T00:00:00Z 2486637 chromium-browser: Use after free in Media CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11680.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11634 important 2026-06-08T00:00:00Z 2486638 chromium-browser: Use after free in Gamepad CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11634.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11632 important 2026-06-08T00:00:00Z 2486639 chromium-browser: Use after free in TabStrip CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11632.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11674 important 2026-06-08T00:00:00Z 2486640 chromium-browser: Use after free in Guest View CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11674.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11687 important 2026-06-08T00:00:00Z 2486641 chromium-browser: Use after free in Dawn CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11687.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11663 important 2026-06-08T00:00:00Z 2486642 chromium-browser: Use after free in Skia CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11663.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11653 important 2026-06-08T00:00:00Z 2486643 chromium-browser: Insufficient validation of untrusted input in Extensions CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11653.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11675 important 2026-06-08T00:00:00Z 2486644 chromium-browser: Insufficient validation of untrusted input in Skia CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11675.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11667 important 2026-06-08T00:00:00Z 2486645 chromium-browser: Out of bounds read in WebRTC CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11667.xml 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11682 important 2026-06-08T00:00:00Z 2486646 chromium-browser: Insufficient validation of untrusted input in Views CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11682.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11700 moderate 2026-06-08T00:00:00Z 2486647 chromium-browser: Use after free in Tracing CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11700.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11636 important 2026-06-08T00:00:00Z 2486648 chromium-browser: Use after free in Autofill CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11636.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11630 important 2026-06-08T00:00:00Z 2486649 chromium-browser: Use after free in File Input CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11630.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11691 important 2026-06-08T00:00:00Z 2486650 chromium-browser: Insufficient validation of untrusted input in New Tab Page CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11691.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11698 important 2026-06-08T00:00:00Z 2486651 chromium-browser: Use after free in Bluetooth CWE-1341 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11698.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11640 important 2026-06-08T00:00:00Z 2486652 chromium-browser: Integer overflow in libyuv CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11640.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11679 important 2026-06-08T00:00:00Z 2486653 chromium-browser: Use after free in Codecs CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11679.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11651 important 2026-06-08T00:00:00Z 2486654 chromium-browser: Use after free in Network CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11651.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11684 important 2026-06-08T00:00:00Z 2486655 chromium-browser: Insufficient policy enforcement in Network CWE-940 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11684.xml 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11660 important 2026-06-08T00:00:00Z 2486656 chromium-browser: Insufficient validation of untrusted input in New Tab Page CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11660.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11672 important 2026-06-08T00:00:00Z 2486657 chromium-browser: Out of bounds write in GPU CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11672.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11633 important 2026-06-08T00:00:00Z 2486658 chromium-browser: Use after free in Bluetooth CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11633.xml 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-11655 important 2026-06-08T00:00:00Z 2486659 chromium-browser: Integer overflow in Media CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11655.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11677 important 2026-06-08T00:00:00Z 2486660 chromium-browser: Race in Network CWE-368 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11677.xml 7.3 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N CVE-2026-11658 important 2026-06-08T00:00:00Z 2486661 chromium-browser: Insufficient validation of untrusted input in Extensions CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11658.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11688 important 2026-06-08T00:00:00Z 2486662 chromium-browser: Object lifecycle issue in SVG CWE-823 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11688.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11692 important 2026-06-08T00:00:00Z 2486663 chromium-browser: Use after free in Read Anything CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11692.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11689 important 2026-06-08T00:00:00Z 2486664 chromium-browser: Insufficient validation of untrusted input in Passwords CWE-1100 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11689.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11668 important 2026-06-08T00:00:00Z 2486665 chromium-browser: Uninitialized Use in Codecs CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11668.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11659 important 2026-06-08T00:00:00Z 2486666 chromium-browser: Insufficient validation of untrusted input in UI CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11659.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11693 important 2026-06-08T00:00:00Z 2486667 chromium-browser: Inappropriate implementation in Plugins CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11693.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11656 important 2026-06-08T00:00:00Z 2486668 chromium-browser: Use after free in ServiceWorker CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11656.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11639 important 2026-06-08T00:00:00Z 2486669 chromium-browser: Use after free in Compositing CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11639.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11631 important 2026-06-08T00:00:00Z 2486670 chromium-browser: Use after free in Aura CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11631.xml 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2026-53469 important 2026-06-07T00:00:00Z 2487065 migration-planner: Unprotected DELETE Endpoint Wipes All Tenant Data CWE-306 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53469.xml 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H CVE-2026-53470 important 2026-06-07T00:00:00Z 2487069 migration-planner: GetSourceDownloadURL Missing Organization Check CWE-639 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53470.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N CVE-2026-53471 important 2026-06-07T00:00:00Z 2487070 migration-planner: Agent API Ignores JWT source_id Claim CWE-639 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53471.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N CVE-2026-53472 important 2026-06-07T00:00:00Z 2487073 migration-planner: credentialUrl Validator Accepts javascript: URLs CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53472.xml 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N CVE-2026-53473 important 2026-06-07T00:00:00Z 2487107 migration-planner-ui-app: Stored XSS via javascript: URL in Agent Credential Link CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53473.xml 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N CVE-2026-53474 important 2026-06-07T00:00:00Z 2487231 migration-planner: Second-Order SQL Injection via RVTools Upload CWE-89 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53474.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N CVE-2026-53475 important 2026-06-07T00:00:00Z 2487232 assisted-migration-agent: TLS Verification Disabled on All vCenter Connections CWE-295 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53475.xml 9.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVE-2026-53476 important 2026-06-07T00:00:00Z 2487233 assisted-migration-agent: VDDK Tarball Chained-Symlink Arbitrary File Write CWE-59 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-53476.xml 9.6 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2026-9088 low 2026-06-05T07:45:40Z RHSA-2026:25098 RHSA-2026:25097 2480179 keycloak: Keycloak: Information disclosure due to user profile permission bypass CWE-1220 rhbk/keycloak-rhel9 rhbk/keycloak-operator-bundle:26.6.3-3 rhbk/keycloak-rhel9:26.6-6 rhbk/keycloak-rhel9-operator:26.6-6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9088.xml 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N CVE-2026-11332 important 2026-06-05T07:12:55Z 2485379 ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution CWE-88 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11332.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10732 important 2026-06-05T05:00:02Z 2485376 decompress: Decompress: Arbitrary file write leading to remote code execution via crafted ZIP archive (Zip Slip) CWE-22 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10732.xml 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-50292 moderate 2026-06-05T00:00:00Z 2485390 libinput: local privilege escalation via crafted uinput devices CWE-78 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50292.xml 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2026-11774 important 2026-06-04T21:00:00Z 2484916 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11774.xml 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2026-11884 moderate 2026-06-04T20:32:00Z 2484913 389-ds-base: 389-ds-base: heap buffer overflow in schema objectclass serialization due to missing oc_superior in size calculation CWE-122 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11884.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVE-2026-50266 moderate 2026-06-04T16:18:39Z 2484852 openstack-neutron: OpenStack Neutron: Network spoofing via incorrect port RBAC policies CWE-639 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50266.xml 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2026-10803 low 2026-06-04T11:45:10Z 2484755 mlflow: MLflow: Use of weak hash in Dataset Digest Computation CWE-328 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10803.xml 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N CVE-2026-50219 moderate 2026-06-04T04:20:32Z 2484620 expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50219.xml 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2026-41283 important 2026-06-04T00:00:00Z 2484607 openstack-mistral: OpenStack Mistral: Arbitrary Remote Code Execution via exposed API endpoints CWE-749 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41283.xml 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2026-48681 moderate 2026-06-04T00:00:00Z 2484608 openstack-ironic: OpenStack Ironic: File overwrite via directory traversal vulnerability CWE-22 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48681.xml 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N CVE-2026-10805 moderate 2026-06-04T00:00:00Z 2484613 NetworkManager: NetworkManager: Local privilege escalation via malformed MUD URLs in dhclient backend CWE-78 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10805.xml 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2026-36499 moderate 2026-06-04T00:00:00Z 2484881 openvswitch: Open vSwitch: Denial of service via resource exhaustion due to missing upper-bound check CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-36499.xml 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2026-47774 important 2026-06-04T00:00:00Z 2487465 envoy: envoy: HTTP/2 Remote Denial of Service via HPACK compression bomb and Slowloris-style attack CWE-409 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47774.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-6657 moderate 2026-06-03T15:06:56Z 2484420 jupyter-server: jupyter-server: Arbitrary code execution due to CORS origin validation bypass CWE-625 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6657.xml 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2026-3276 moderate 2026-06-03T14:29:39Z 2484424 python: Python unicodedata: Denial of Service due to excessive CPU consumption CWE-606 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3276.xml 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-44546 low 2026-06-03T13:17:55Z 2484368 daphne: daphne: Information disclosure via header injection due to parser differential CWE-444 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44546.xml 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-48587 low 2026-06-03T13:16:47Z 2484372 django: Django: Information disclosure via improper handling of Vary header whitespace CWE-524 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48587.xml 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-35193 low 2026-06-03T13:16:38Z 2484374 django: Django: Information disclosure due to improper caching of authenticated responses CWE-524 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35193.xml 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-8404 low 2026-06-03T13:16:29Z 2484370 Django: Django: Information disclosure due to improper handling of Cache-Control directives CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8404.xml 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-7666 low 2026-06-03T13:16:15Z 2484369 django: Django: Information disclosure via failed STARTTLS handshake in EmailBackend CWE-325 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7666.xml 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-6873 low 2026-06-03T13:16:03Z 2484373 python-django: Django: Information disclosure via non-injective cookie salt derivation CWE-303 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6873.xml 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2026-5241 important 2026-06-03T12:33:10Z 2484384 python-transformers: python-transformers: Arbitrary code execution due to overridden trust_remote_code setting CWE-829 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5241.xml 7.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-10722 moderate 2026-06-03T10:45:10Z 2484348 github.com/cilium/ebpf: Cilium ebpf: Denial of Service via integer overflow CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10722.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-4035 important 2026-06-03T07:18:08Z 2484318 python-mlflow: MLflow: Sensitive credential exfiltration via environment variable resolution in AI Gateway secrets CWE-201 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4035.xml 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2026-5078 moderate 2026-06-03T05:56:49Z 2484311 morgan: morgan: Log forgery due to unneutralized control characters CWE-93 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5078.xml 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2026-50031 moderate 2026-06-03T03:07:25Z 2484296 freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50031.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-46258 2026-06-03T00:00:00Z 2484436 kernel: gpio: cdev: Avoid NULL dereference in linehandle_create() CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46258.xml CVE-2026-46261 2026-06-03T00:00:00Z 2484437 kernel: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46261.xml CVE-2026-46260 moderate 2026-06-03T00:00:00Z 2484438 kernel: ipv6: Fix out-of-bound access in fib6_add_rt2node() CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46260.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46273 moderate 2026-06-03T00:00:00Z 2484442 kernel: ibmveth: Disable GSO for packets with small MSS CWE-1284 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46273.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46245 2026-06-03T00:00:00Z 2484444 kernel: drm/amd/display: Fix dc_link NULL handling in HPD init CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46245.xml CVE-2026-46254 2026-06-03T00:00:00Z 2484445 kernel: AppArmor: Allow apparmor to handle unaligned dfa tables CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46254.xml CVE-2026-46250 2026-06-03T00:00:00Z 2484446 kernel: MIPS: Work around LLVM bug when gp is used as global register variable CWE-823 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46250.xml CVE-2026-46271 low 2026-06-03T00:00:00Z 2484447 kernel: wifi: ath12k: do WoW offloads only on primary link CWE-372 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46271.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46268 low 2026-06-03T00:00:00Z 2484449 kernel: PCI/P2PDMA: Fix p2pmem_alloc_mmap() warning condition CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46268.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46262 low 2026-06-03T00:00:00Z 2484450 kernel: ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put() CWE-833 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46262.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46244 important 2026-06-03T00:00:00Z 2484451 kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync CWE-823 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46244.xml 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H CVE-2026-46270 2026-06-03T00:00:00Z 2484453 kernel: power: supply: rt9455: Fix use-after-free in power_supply_changed() CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46270.xml CVE-2026-46269 2026-06-03T00:00:00Z 2484454 kernel: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46269.xml CVE-2026-46266 moderate 2026-06-03T00:00:00Z 2484456 kernel: inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP CWE-1287 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46266.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46252 moderate 2026-06-03T00:00:00Z 2484457 kernel: regulator: core: fix locking in regulator_resolve_supply() error path CWE-413 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46252.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46256 low 2026-06-03T00:00:00Z 2484459 kernel: NFS/localio: prevent direct reclaim recursion into NFS via nfs_writepages CWE-833 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46256.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46247 low 2026-06-03T00:00:00Z 2484463 kernel: clk: qcom: gfx3d: add parent to parent request map CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46247.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46264 2026-06-03T00:00:00Z 2484464 kernel: drm/xe/pf: Fix sysfs initialization CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46264.xml CVE-2026-46251 moderate 2026-06-03T00:00:00Z 2484466 kernel: btrfs: fix block_group_tree dirty_list corruption CWE-237 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46251.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46267 2026-06-03T00:00:00Z 2484467 kernel: nfc: hci: shdlc: Stop timers and work before freeing context CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46267.xml CVE-2026-46257 2026-06-03T00:00:00Z 2484468 kernel: clocksource/drivers/timer-sp804: Fix an Oops when read_current_timer is called on ARM32 platforms where the SP804 is not registered as the sched_clock CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46257.xml CVE-2026-46246 2026-06-03T00:00:00Z 2484471 kernel: power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46246.xml CVE-2025-71314 2026-06-03T00:00:00Z 2484472 kernel: drm/panthor: Recover from panthor_gpu_flush_caches() failures CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71314.xml CVE-2025-71313 low 2026-06-03T00:00:00Z 2484473 kernel: PCI: endpoint: Add missing NULL check for alloc_workqueue() CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71313.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46253 moderate 2026-06-03T00:00:00Z 2484474 kernel: pstore/ram: fix buffer overflow in persistent_ram_save_old() CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46253.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46249 low 2026-06-03T00:00:00Z 2484476 kernel: octeontx2-af: Fix PF driver crash with kexec kernel booting CWE-909 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46249.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46259 moderate 2026-06-03T00:00:00Z 2484477 kernel: procfs: fix missing RCU protection when reading real_parent in do_task_stat() CWE-820 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46259.xml 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-46248 low 2026-06-03T00:00:00Z 2484478 kernel: wifi: ath12k: clear stale link mapping of ahvif->links_map CWE-459 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46248.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46265 2026-06-03T00:00:00Z 2484481 kernel: RDMA/hns: Fix WQ_MEM_RECLAIM warning CWE-821 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46265.xml CVE-2026-46272 2026-06-03T00:00:00Z 2484482 kernel: coresight: tmc-etr: Fix race condition between sysfs and perf mode CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46272.xml CVE-2026-46263 2026-06-03T00:00:00Z 2484484 kernel: drm/amd/display: Fix out-of-bounds stream encoder index v3 CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46263.xml CVE-2026-46255 low 2026-06-03T00:00:00Z 2484485 kernel: dmaengine: fsl-edma: don't explicitly disable clocks in .remove() CWE-832 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46255.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-49975 important 2026-06-03T00:00:00Z RHSA-2026:25057 RHSA-2026:25042 RHSA-2026:25090 RHSA-2026:25225 2485371 httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CWE-409 mod_http2-0:2.0.26-6.el9_8.1 mod_http2-0:2.0.29-4.el10_2.1 httpd-main-2.4.68-1.hum1 httpd:2.4-8100020260608081321.489197e6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-49975.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-10650 moderate 2026-06-02T21:15:10Z 2484180 libwebsockets: libwebsockets: Denial of Service via SSH Protocol Handler resource consumption CWE-130 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10650.xml 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-47265 moderate 2026-06-02T18:32:50Z 2484127 python-aiohttp: AIOHTTP: Information disclosure via improper handling of cookies during cross-origin redirects CWE-201 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47265.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-34993 important 2026-06-02T18:29:15Z RHSA-2026:24977 2484099 aiohttp: AIOHTTP: Arbitrary code execution via untrusted input to CookieJar.load() CWE-502 rhoai/odh-training-rocm62-torch24-py311-rhel9:1780069179 rhoai/odh-training-cuda124-torch25-py311-rhel9:1780078840 rhoai/odh-training-cuda121-torch24-py311-rhel9:1780078807 rhoai/odh-training-rocm62-torch25-py311-rhel9:1780069181 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34993.xml 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H CVE-2026-34077 moderate 2026-06-02T17:31:35Z 2484123 react-router: React Router: Denial of Service via client-side Cross-Site Scripting in RSC redirect handling CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34077.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-46718 moderate 2026-06-02T09:17:51Z 2484010 calcite: org.apache.calcite.avatica/avatica-core: Apache Calcite: Unsafe Reflection vulnerability allows externally-controlled input to select classes or code. CWE-470 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46718.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVE-2026-5422 moderate 2026-06-02T09:11:15Z 2484037 jupyter-server: jupyter-server: Sensitive data exposure via path traversal vulnerability CWE-22 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5422.xml 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-1784 important 2026-06-02T07:12:31Z RHSA-2026:23241 RHSA-2026:23246 2436075 ose-cluster-ingress-operator: Remote Code Execution Through HAProxy Configuration Injection CWE-15 openshift4/ose-cluster-ingress-rhel9-operator:1780444348 openshift4/ose-cluster-ingress-rhel9-operator:1780043338 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1784.xml 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2026-3198 moderate 2026-06-02T02:50:47Z 2483903 mlflow: MLflow: Information disclosure via insufficient authorization checks in Gateway API endpoints CWE-425 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3198.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2026-28946 important 2026-06-02T00:00:00Z 2471790 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CWE-416 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28946.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28847 important 2026-06-02T00:00:00Z 2483955 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28847.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28883 important 2026-06-02T00:00:00Z 2483956 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CWE-416 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28883.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28901 important 2026-06-02T00:00:00Z 2483957 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28901.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28902 important 2026-06-02T00:00:00Z 2483958 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28902.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28903 important 2026-06-02T00:00:00Z 2483959 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28903.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28904 important 2026-06-02T00:00:00Z 2483960 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28904.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28905 important 2026-06-02T00:00:00Z 2483961 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28905.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28907 moderate 2026-06-02T00:00:00Z 2483962 webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced CWE-20 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28907.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-28942 important 2026-06-02T00:00:00Z 2483963 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CWE-416 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28942.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28947 important 2026-06-02T00:00:00Z 2483964 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CWE-416 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28947.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28953 important 2026-06-02T00:00:00Z 2483965 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28953.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28955 important 2026-06-02T00:00:00Z 2483966 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28955.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-28958 moderate 2026-06-02T00:00:00Z 2483967 webkitgtk: An app may be able to access sensitive user data CWE-200 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28958.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-43658 important 2026-06-02T00:00:00Z 2483968 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43658.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-43660 moderate 2026-06-02T00:00:00Z 2483969 webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced CWE-693 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43660.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-10996 moderate 2026-06-02T00:00:00Z 2484945 chromium-browser: Inappropriate implementation in Workers CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10996.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-11021 moderate 2026-06-02T00:00:00Z 2484946 chromium-browser: Insufficient validation of untrusted input in GPU CWE-179 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11021.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10926 important 2026-06-02T00:00:00Z 2484947 chromium-browser: Use after free in Cast CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10926.xml 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-11235 low 2026-06-02T00:00:00Z 2484948 chromium-browser: Insufficient validation of untrusted input in Compositing CWE-280 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11235.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10985 important 2026-06-02T00:00:00Z 2484949 chromium-browser: Out of bounds read in Skia CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10985.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11016 moderate 2026-06-02T00:00:00Z 2484950 chromium-browser: Insufficient validation of untrusted input in Network CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11016.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11300 low 2026-06-02T00:00:00Z 2484951 chromium-browser: Inappropriate implementation in Permissions CWE-279 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11300.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-10995 moderate 2026-06-02T00:00:00Z 2484952 chromium-browser: Heap buffer overflow in TabStrip CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10995.xml 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H CVE-2026-11101 moderate 2026-06-02T00:00:00Z 2484953 chromium-browser: Uninitialized Use in Dawn CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11101.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11116 moderate 2026-06-02T00:00:00Z 2484954 chromium-browser: Use after free in Chromoting CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11116.xml 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-10911 important 2026-06-02T00:00:00Z 2484955 chromium-browser: Insufficient validation of untrusted input in Media CWE-1173 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10911.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10984 important 2026-06-02T00:00:00Z 2484956 chromium-browser: Inappropriate implementation in Accessibility CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10984.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11025 moderate 2026-06-02T00:00:00Z 2484957 chromium-browser: Insufficient policy enforcement in Navigation CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11025.xml 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2026-11156 moderate 2026-06-02T00:00:00Z 2484958 chromium-browser: Inappropriate implementation in CSS CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11156.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11086 moderate 2026-06-02T00:00:00Z 2484959 chromium-browser: Insufficient validation of untrusted input in Dawn CWE-94 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11086.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11162 moderate 2026-06-02T00:00:00Z 2484960 chromium-browser: Insufficient policy enforcement in CSS CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11162.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-10894 important 2026-06-02T00:00:00Z 2484961 chromium-browser: Use after free in Printing CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10894.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11007 moderate 2026-06-02T00:00:00Z 2484962 chromium-browser: Insufficient validation of untrusted input in WebView CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11007.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-10989 important 2026-06-02T00:00:00Z 2484963 chromium-browser: Inappropriate implementation in V8 CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10989.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11192 moderate 2026-06-02T00:00:00Z 2484964 chromium-browser: Insufficient validation of untrusted input in Password Manager CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11192.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11286 low 2026-06-02T00:00:00Z 2484965 chromium-browser: Insufficient validation of untrusted input in Wallet CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11286.xml CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N CVE-2026-11106 moderate 2026-06-02T00:00:00Z 2484966 chromium-browser: Inappropriate implementation in Media CWE-940 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11106.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11266 low 2026-06-02T00:00:00Z 2484967 chromium-browser: Policy bypass in SafeBrowsing CWE-807 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11266.xml 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVE-2026-11113 moderate 2026-06-02T00:00:00Z 2484968 chromium-browser: Insufficient validation of untrusted input in ANGLE CWE-1173 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11113.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10943 important 2026-06-02T00:00:00Z 2484969 chromium-browser: Use after free in WebRTC CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10943.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11030 moderate 2026-06-02T00:00:00Z 2484970 chromium-browser: Use after free in Network CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11030.xml 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-11200 moderate 2026-06-02T00:00:00Z 2484971 chromium-browser: Inappropriate implementation in WebRTC CWE-940 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11200.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11263 low 2026-06-02T00:00:00Z 2484972 chromium-browser: Insufficient policy enforcement in WebAuthentication CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11263.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11218 low 2026-06-02T00:00:00Z 2484973 chromium-browser: Inappropriate implementation in PlatformIntegration CWE-356 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11218.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10889 important 2026-06-02T00:00:00Z 2484974 chromium-browser: Out of bounds read in ANGLE CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10889.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11129 moderate 2026-06-02T00:00:00Z 2484975 chromium-browser: Inappropriate implementation in Extensions CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11129.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11173 moderate 2026-06-02T00:00:00Z 2484976 chromium-browser: Out of bounds write in V8 CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11173.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10994 moderate 2026-06-02T00:00:00Z 2484977 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10994.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11141 moderate 2026-06-02T00:00:00Z 2484978 chromium-browser: Uninitialized Use in Audio CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11141.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11234 low 2026-06-02T00:00:00Z 2484979 chromium-browser: Insufficient policy enforcement in FoldableAPIs CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11234.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11305 low 2026-06-02T00:00:00Z 2484980 chromium-browser: Use after free in PDFium CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11305.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10993 moderate 2026-06-02T00:00:00Z 2484981 chromium-browser: Heap buffer overflow in Skia CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10993.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11253 low 2026-06-02T00:00:00Z 2484982 chromium-browser: Race in Permissions CWE-940 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11253.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-10933 important 2026-06-02T00:00:00Z 2484983 chromium-browser: Use after free in Audio CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10933.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11054 moderate 2026-06-02T00:00:00Z 2484984 chromium-browser: Use after free in WebRTC CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11054.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11180 moderate 2026-06-02T00:00:00Z 2484985 chromium-browser: Policy bypass in SVG CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11180.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11011 moderate 2026-06-02T00:00:00Z 2484986 chromium-browser: Insufficient policy enforcement in Password Manager CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11011.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11185 moderate 2026-06-02T00:00:00Z 2484987 chromium-browser: Use after free in V8 CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11185.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11309 low 2026-06-02T00:00:00Z 2484988 chromium-browser: Insufficient policy enforcement in History CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11309.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11239 low 2026-06-02T00:00:00Z 2484989 chromium-browser: Insufficient validation of untrusted input in Extensions CWE-358 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11239.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-10931 important 2026-06-02T00:00:00Z 2484990 chromium-browser: Use after free in FileSystem CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10931.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11117 moderate 2026-06-02T00:00:00Z 2484991 chromium-browser: Use after free in Views CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11117.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11024 moderate 2026-06-02T00:00:00Z 2484992 chromium-browser: Stack buffer overflow in Skia CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11024.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11209 moderate 2026-06-02T00:00:00Z 2484993 chromium-browser: Insufficient policy enforcement in Passwords CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11209.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11028 moderate 2026-06-02T00:00:00Z 2484994 chromium-browser: Use after free in Media CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11028.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10945 important 2026-06-02T00:00:00Z 2484995 chromium-browser: Use after free in PDF CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10945.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11069 moderate 2026-06-02T00:00:00Z 2484996 chromium-browser: Insufficient validation of untrusted input in Cast CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11069.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-10892 important 2026-06-02T00:00:00Z 2484997 chromium-browser: Out of bounds write in GPU CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10892.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11240 low 2026-06-02T00:00:00Z 2484998 chromium-browser: Insufficient validation of untrusted input in Loader CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11240.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-10956 important 2026-06-02T00:00:00Z 2484999 chromium-browser: Use after free in MimeHandlerView CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10956.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10918 important 2026-06-02T00:00:00Z 2485000 chromium-browser: Use after free in Viz CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10918.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11003 moderate 2026-06-02T00:00:00Z 2485001 chromium-browser: Use after free in WebRTC CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11003.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11097 moderate 2026-06-02T00:00:00Z 2485002 chromium-browser: Inappropriate implementation in WebView CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11097.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-10957 important 2026-06-02T00:00:00Z 2485003 chromium-browser: Use after free in Glic CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10957.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10978 important 2026-06-02T00:00:00Z 2485004 chromium-browser: Use after free in Chromoting CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10978.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11085 moderate 2026-06-02T00:00:00Z 2485005 chromium-browser: Integer overflow in GPU CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11085.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11207 moderate 2026-06-02T00:00:00Z 2485006 chromium-browser: Insufficient validation of untrusted input in Autofill CWE-501 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11207.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11088 moderate 2026-06-02T00:00:00Z 2485007 chromium-browser: Integer overflow in ANGLE CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11088.xml 8.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L CVE-2026-11215 moderate 2026-06-02T00:00:00Z 2485008 chromium-browser: Inappropriate implementation in Cronet CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11215.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11093 moderate 2026-06-02T00:00:00Z 2485009 chromium-browser: Insufficient validation of untrusted input in Printing CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11093.xml 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11297 low 2026-06-02T00:00:00Z 2485010 chromium-browser: Insufficient validation of untrusted input in Reader Mode CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11297.xml 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N CVE-2026-11194 moderate 2026-06-02T00:00:00Z 2485011 chromium-browser: Inappropriate implementation in Network CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11194.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11251 low 2026-06-02T00:00:00Z 2485012 chromium-browser: Insufficient validation of untrusted input in Password Manager CWE-551 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11251.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11134 moderate 2026-06-02T00:00:00Z 2485013 chromium-browser: Insufficient data validation in Media CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11134.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11049 moderate 2026-06-02T00:00:00Z 2485014 chromium-browser: Use after free in Password Manager CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11049.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11121 moderate 2026-06-02T00:00:00Z 2485015 chromium-browser: Insufficient validation of untrusted input in Skia CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11121.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-10924 important 2026-06-02T00:00:00Z 2485016 chromium-browser: Integer overflow in Chromecast CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10924.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11264 low 2026-06-02T00:00:00Z 2485017 chromium-browser: Policy bypass in Content Security Policy CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11264.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11140 moderate 2026-06-02T00:00:00Z 2485018 chromium-browser: Insufficient validation of untrusted input in Chromecast CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11140.xml 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N CVE-2026-11128 moderate 2026-06-02T00:00:00Z 2485019 chromium-browser: Insufficient validation of untrusted input in Web Share CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11128.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11242 low 2026-06-02T00:00:00Z 2485020 chromium-browser: Insufficient validation of untrusted input in Plugins CWE-1173 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11242.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11026 moderate 2026-06-02T00:00:00Z 2485021 chromium-browser: Insufficient policy enforcement in Extensions CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11026.xml 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N CVE-2026-10942 important 2026-06-02T00:00:00Z 2485022 chromium-browser: Insufficient validation of untrusted input in UI CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10942.xml 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2026-11075 moderate 2026-06-02T00:00:00Z 2485023 chromium-browser: Out of bounds read in V8 CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11075.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11127 moderate 2026-06-02T00:00:00Z 2485024 chromium-browser: Inappropriate implementation in WebAPKs CWE-290 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11127.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-10972 important 2026-06-02T00:00:00Z 2485025 chromium-browser: Use after free in Ozone CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10972.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10967 important 2026-06-02T00:00:00Z 2485026 chromium-browser: Use after free in SurfaceCapture CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10967.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11284 low 2026-06-02T00:00:00Z 2485027 chromium-browser: Side-channel information leakage in PerformanceAPIs CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11284.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-10909 important 2026-06-02T00:00:00Z 2485028 chromium-browser: Use after free in Dawn CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10909.xml 8.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10965 important 2026-06-02T00:00:00Z 2485029 chromium-browser: Integer overflow in DevTools CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10965.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11009 moderate 2026-06-02T00:00:00Z 2485030 chromium-browser: Use after free in USB CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11009.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11150 moderate 2026-06-02T00:00:00Z 2485031 chromium-browser: Inappropriate implementation in XML CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11150.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-11008 moderate 2026-06-02T00:00:00Z 2485032 chromium-browser: Insufficient validation of untrusted input in WebAppInstalls CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11008.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11233 low 2026-06-02T00:00:00Z 2485033 chromium-browser: Insufficient validation of untrusted input in FoldableAPIs CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11233.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11046 moderate 2026-06-02T00:00:00Z 2485034 chromium-browser: Insufficient validation of untrusted input in Media CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11046.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10986 important 2026-06-02T00:00:00Z 2485035 chromium-browser: Integer overflow in Media CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10986.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11057 moderate 2026-06-02T00:00:00Z 2485036 chromium-browser: Uninitialized Use in Skia CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11057.xml 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-10919 important 2026-06-02T00:00:00Z 2485037 chromium-browser: Use after free in ANGLE CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10919.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-10940 important 2026-06-02T00:00:00Z 2485038 chromium-browser: Race in Codecs CWE-368 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10940.xml 7.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11294 low 2026-06-02T00:00:00Z 2485039 chromium-browser: Inappropriate implementation in Passwords CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11294.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11250 low 2026-06-02T00:00:00Z 2485040 chromium-browser: Inappropriate implementation in DevTools CWE-497 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11250.xml 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N CVE-2026-10968 important 2026-06-02T00:00:00Z 2485041 chromium-browser: Insufficient validation of untrusted input in Dawn CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10968.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-10999 moderate 2026-06-02T00:00:00Z 2485042 chromium-browser: Out of bounds memory access in ANGLE CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10999.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11124 moderate 2026-06-02T00:00:00Z 2485043 chromium-browser: Heap buffer overflow in Skia CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11124.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10946 important 2026-06-02T00:00:00Z 2485044 chromium-browser: Heap buffer overflow in Media CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10946.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10971 important 2026-06-02T00:00:00Z 2485045 chromium-browser: Insufficient validation of untrusted input in Printing CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10971.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11307 low 2026-06-02T00:00:00Z 2485046 chromium-browser: Use after free in PDFium CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11307.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11206 moderate 2026-06-02T00:00:00Z 2485047 chromium-browser: Policy bypass in ServiceWorker CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11206.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11000 moderate 2026-06-02T00:00:00Z 2485048 chromium-browser: Use after free in Fonts CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11000.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10948 important 2026-06-02T00:00:00Z 2485049 chromium-browser: Use after free in WebRTC CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10948.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11164 moderate 2026-06-02T00:00:00Z 2485050 chromium-browser: Use after free in Blink CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11164.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11271 low 2026-06-02T00:00:00Z 2485051 chromium-browser: Incorrect security UI in Passwords CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11271.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11220 low 2026-06-02T00:00:00Z 2485052 chromium-browser: Insufficient validation of untrusted input in Navigation CWE-807 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11220.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11122 moderate 2026-06-02T00:00:00Z 2485053 chromium-browser: Inappropriate implementation in Keyboard CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11122.xml 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2026-10884 important 2026-06-02T00:00:00Z 2485054 chromium-browser: Use after free in Chromecast CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10884.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11290 low 2026-06-02T00:00:00Z 2485055 chromium-browser: Integer overflow in WebView CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11290.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H CVE-2026-11111 moderate 2026-06-02T00:00:00Z 2485056 chromium-browser: Out of bounds read in ANGLE CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11111.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-11262 low 2026-06-02T00:00:00Z 2485057 chromium-browser: Use after free in TabStrip CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11262.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11158 moderate 2026-06-02T00:00:00Z 2485058 chromium-browser: Insufficient validation of untrusted input in Downloads CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11158.xml 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2026-11100 moderate 2026-06-02T00:00:00Z 2485059 chromium-browser: Use after free in File Input CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11100.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10955 important 2026-06-02T00:00:00Z 2485060 chromium-browser: Type Confusion in ANGLE CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10955.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10988 important 2026-06-02T00:00:00Z 2485061 chromium-browser: Use after free in Views CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10988.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11098 moderate 2026-06-02T00:00:00Z 2485062 chromium-browser: Insufficient validation of untrusted input in GPU CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11098.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11035 moderate 2026-06-02T00:00:00Z 2485063 chromium-browser: Insufficient validation of untrusted input in Custom Tabs CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11035.xml 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-10974 important 2026-06-02T00:00:00Z 2485064 chromium-browser: Insufficient validation of untrusted input in ANGLE CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10974.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11157 moderate 2026-06-02T00:00:00Z 2485065 chromium-browser: Script injection in Accessibility CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11157.xml 7.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11135 moderate 2026-06-02T00:00:00Z 2485066 chromium-browser: Insufficient policy enforcement in Autofill CWE-551 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11135.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-10959 important 2026-06-02T00:00:00Z 2485067 chromium-browser: Use after free in Input CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10959.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11228 low 2026-06-02T00:00:00Z 2485068 chromium-browser: Incorrect security UI in File Input CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11228.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11084 moderate 2026-06-02T00:00:00Z 2485069 chromium-browser: Inappropriate implementation in Password Manager CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11084.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11056 moderate 2026-06-02T00:00:00Z 2485070 chromium-browser: Insufficient validation of untrusted input in SiteIsolation CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11056.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11039 moderate 2026-06-02T00:00:00Z 2485071 chromium-browser: Uninitialized Use in Skia CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11039.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11104 moderate 2026-06-02T00:00:00Z 2485072 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11104.xml 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-10908 important 2026-06-02T00:00:00Z 2485073 chromium-browser: Use after free in FullScreen CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10908.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10983 important 2026-06-02T00:00:00Z 2485074 chromium-browser: Insufficient validation of untrusted input in Dawn CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10983.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10987 important 2026-06-02T00:00:00Z 2485075 chromium-browser: Integer overflow in V8 CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10987.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11107 moderate 2026-06-02T00:00:00Z 2485076 chromium-browser: Inappropriate implementation in Downloads CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11107.xml CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N CVE-2026-11087 moderate 2026-06-02T00:00:00Z 2485077 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11087.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11037 moderate 2026-06-02T00:00:00Z 2485078 chromium-browser: Out of bounds write in Codecs CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11037.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10953 important 2026-06-02T00:00:00Z 2485079 chromium-browser: Use after free in Core CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10953.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11177 moderate 2026-06-02T00:00:00Z 2485080 chromium-browser: Use after free in Omnibox CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11177.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11159 moderate 2026-06-02T00:00:00Z 2485081 chromium-browser: Uninitialized Use in Skia CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11159.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-10990 moderate 2026-06-02T00:00:00Z 2485082 chromium-browser: Use after free in Glic CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10990.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11273 low 2026-06-02T00:00:00Z 2485083 chromium-browser: Insufficient validation of untrusted input in Omnibox CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11273.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-10976 important 2026-06-02T00:00:00Z 2485084 chromium-browser: Uninitialized Use in Dawn CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10976.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11081 moderate 2026-06-02T00:00:00Z 2485085 chromium-browser: Policy bypass in Canvas CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11081.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-11034 moderate 2026-06-02T00:00:00Z 2485086 chromium-browser: Insufficient validation of untrusted input in Tab Group Sync CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11034.xml 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2026-11114 moderate 2026-06-02T00:00:00Z 2485087 chromium-browser: Use after free in Device Trust CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11114.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10898 important 2026-06-02T00:00:00Z 2485088 chromium-browser: Stack buffer overflow in GPU CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10898.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11076 moderate 2026-06-02T00:00:00Z 2485089 chromium-browser: Type Confusion in CSS CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11076.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11070 moderate 2026-06-02T00:00:00Z 2485090 chromium-browser: Insufficient validation of untrusted input in Chromoting CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11070.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N CVE-2026-11080 moderate 2026-06-02T00:00:00Z 2485091 chromium-browser: Use after free in WebView CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11080.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10969 important 2026-06-02T00:00:00Z 2485092 chromium-browser: Insufficient validation of untrusted input in Extensions CWE-807 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10969.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11222 low 2026-06-02T00:00:00Z 2485093 chromium-browser: Incorrect security UI in Tab Strip CWE-449 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11222.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11247 low 2026-06-02T00:00:00Z 2485094 chromium-browser: Insufficient policy enforcement in CustomTabs CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11247.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11226 low 2026-06-02T00:00:00Z 2485095 chromium-browser: Insufficient policy enforcement in PreviewTab CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11226.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-11171 moderate 2026-06-02T00:00:00Z 2485096 chromium-browser: Integer overflow in Blink CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11171.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10954 important 2026-06-02T00:00:00Z 2485097 chromium-browser: Use after free in Actor CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10954.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10997 moderate 2026-06-02T00:00:00Z 2485098 chromium-browser: Insufficient policy enforcement in Extensions CWE-280 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10997.xml 7.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-10935 important 2026-06-02T00:00:00Z 2485099 chromium-browser: Inappropriate implementation in V8 CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10935.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11191 moderate 2026-06-02T00:00:00Z 2485100 chromium-browser: Out of bounds memory access in ANGLE CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11191.xml 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVE-2026-10939 important 2026-06-02T00:00:00Z 2485102 chromium-browser: Use after free in WebRTC CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10939.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11259 low 2026-06-02T00:00:00Z 2485103 chromium-browser: Insufficient validation of untrusted input in Cast CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11259.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-11270 low 2026-06-02T00:00:00Z 2485104 chromium-browser: Inappropriate implementation in UI CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11270.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11288 low 2026-06-02T00:00:00Z 2485105 chromium-browser: Policy bypass in CSS CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11288.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-11183 moderate 2026-06-02T00:00:00Z 2485106 chromium-browser: Out of bounds read in GWP-ASan CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11183.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11244 low 2026-06-02T00:00:00Z 2485107 chromium-browser: Insufficient validation of untrusted input in WebAuthentication CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11244.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11060 moderate 2026-06-02T00:00:00Z 2485108 chromium-browser: Use after free in Media CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11060.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11033 moderate 2026-06-02T00:00:00Z 2485109 chromium-browser: Uninitialized Use in WebML CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11033.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11227 low 2026-06-02T00:00:00Z 2485110 chromium-browser: Incorrect security UI in Tab Hover Cards CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11227.xml CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N CVE-2026-11078 moderate 2026-06-02T00:00:00Z 2485111 chromium-browser: Insufficient validation of untrusted input in FileSystem CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11078.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-10890 important 2026-06-02T00:00:00Z 2485112 chromium-browser: Use after free in Cast CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10890.xml 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-11260 low 2026-06-02T00:00:00Z 2485113 chromium-browser: Policy bypass in Permissions CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11260.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11082 moderate 2026-06-02T00:00:00Z 2485114 chromium-browser: Use after free in GPU CWE-368 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11082.xml 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11147 moderate 2026-06-02T00:00:00Z 2485115 chromium-browser: Use after free in WebML CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11147.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11130 moderate 2026-06-02T00:00:00Z 2485116 chromium-browser: Use after free in Media CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11130.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10921 important 2026-06-02T00:00:00Z 2485117 chromium-browser: Integer overflow in Dawn CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10921.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11276 low 2026-06-02T00:00:00Z 2485118 chromium-browser: Inappropriate implementation in Cast CWE-303 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11276.xml 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-11176 moderate 2026-06-02T00:00:00Z 2485119 chromium-browser: Inappropriate implementation in Media CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11176.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-10975 important 2026-06-02T00:00:00Z 2485120 chromium-browser: Use after free in WebRTC CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10975.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11190 moderate 2026-06-02T00:00:00Z 2485121 chromium-browser: Insufficient policy enforcement in Extensions CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11190.xml 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVE-2026-11108 moderate 2026-06-02T00:00:00Z 2485122 chromium-browser: Inappropriate implementation in NFC CWE-648 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11108.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11055 moderate 2026-06-02T00:00:00Z 2485123 chromium-browser: Use after free in ANGLE CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11055.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11001 moderate 2026-06-02T00:00:00Z 2485124 chromium-browser: Incorrect security UI in Payments CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11001.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11120 moderate 2026-06-02T00:00:00Z 2485125 chromium-browser: Insufficient validation of untrusted input in Enterprise Reporting CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11120.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10881 important 2026-06-02T00:00:00Z 2485126 chromium-browser: Out of bounds read and write in ANGLE CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10881.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11143 moderate 2026-06-02T00:00:00Z 2485127 chromium-browser: Heap buffer overflow in Extensions CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11143.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11289 low 2026-06-02T00:00:00Z 2485128 chromium-browser: Side-channel information leakage in Paint CWE-205 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11289.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-10899 important 2026-06-02T00:00:00Z 2485129 chromium-browser: Use after free in Ozone CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10899.xml 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11119 moderate 2026-06-02T00:00:00Z 2485130 chromium-browser: Insufficient validation of untrusted input in GPU CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11119.xml 8.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L CVE-2026-11148 moderate 2026-06-02T00:00:00Z 2485131 chromium-browser: Inappropriate implementation in Payments CWE-940 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11148.xml 6.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11027 moderate 2026-06-02T00:00:00Z 2485132 chromium-browser: Insufficient validation of untrusted input in Glic CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11027.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11287 low 2026-06-02T00:00:00Z 2485133 chromium-browser: Insufficient validation of untrusted input in Navigation CWE-274 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11287.xml CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N CVE-2026-11232 low 2026-06-02T00:00:00Z 2485134 chromium-browser: Inappropriate implementation in TabGroups CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11232.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11010 moderate 2026-06-02T00:00:00Z 2485135 chromium-browser: Use after free in WebShare CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11010.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11048 moderate 2026-06-02T00:00:00Z 2485136 chromium-browser: Inappropriate implementation in Extensions CWE-358 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11048.xml 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N CVE-2026-11067 moderate 2026-06-02T00:00:00Z 2485137 chromium-browser: Uninitialized Use in Dawn CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11067.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-11072 moderate 2026-06-02T00:00:00Z 2485138 chromium-browser: Use after free in WebView CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11072.xml 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2026-10963 important 2026-06-02T00:00:00Z 2485139 chromium-browser: Integer overflow in V8 CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10963.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11036 moderate 2026-06-02T00:00:00Z 2485140 chromium-browser: Inappropriate implementation in DOM CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11036.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-10917 important 2026-06-02T00:00:00Z 2485141 chromium-browser: Insufficient validation of untrusted input in Media CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10917.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11002 moderate 2026-06-02T00:00:00Z 2485142 chromium-browser: Use after free in Autofill CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11002.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11237 low 2026-06-02T00:00:00Z 2485143 chromium-browser: Insufficient validation of untrusted input in Media CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11237.xml 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N CVE-2026-11186 moderate 2026-06-02T00:00:00Z 2485144 chromium-browser: Inappropriate implementation in CSS CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11186.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-10930 important 2026-06-02T00:00:00Z 2485145 chromium-browser: Out of bounds read in ANGLE CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10930.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11062 moderate 2026-06-02T00:00:00Z 2485146 chromium-browser: Insufficient policy enforcement in Extensions CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11062.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-11248 low 2026-06-02T00:00:00Z 2485147 chromium-browser: Policy bypass in Google Lens CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11248.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11211 moderate 2026-06-02T00:00:00Z 2485148 chromium-browser: Integer overflow in V8 CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11211.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11092 moderate 2026-06-02T00:00:00Z 2485149 chromium-browser: Insufficient policy enforcement in DevTools CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11092.xml 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N CVE-2026-11005 moderate 2026-06-02T00:00:00Z 2485150 chromium-browser: Out of bounds read in ANGLE CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11005.xml 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11096 moderate 2026-06-02T00:00:00Z 2485151 chromium-browser: Out of bounds read in WebRTC CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11096.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11152 moderate 2026-06-02T00:00:00Z 2485152 chromium-browser: Object lifecycle issue in Dawn CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11152.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10907 important 2026-06-02T00:00:00Z 2485153 chromium-browser: Out of bounds write in ANGLE CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10907.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10901 important 2026-06-02T00:00:00Z 2485154 chromium-browser: Use after free in Passwords CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10901.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11004 moderate 2026-06-02T00:00:00Z 2485155 chromium-browser: Out of bounds read in ANGLE CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11004.xml 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11179 moderate 2026-06-02T00:00:00Z 2485156 chromium-browser: Inappropriate implementation in ORB CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11179.xml 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N CVE-2026-10887 important 2026-06-02T00:00:00Z 2485157 chromium-browser: Use after free in Chromoting CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10887.xml 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-11125 moderate 2026-06-02T00:00:00Z 2485158 chromium-browser: Use after free in Compositing CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11125.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10886 important 2026-06-02T00:00:00Z 2485159 chromium-browser: Use after free in FileSystem CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10886.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11131 moderate 2026-06-02T00:00:00Z 2485160 chromium-browser: Use after free in Autofill CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11131.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11040 moderate 2026-06-02T00:00:00Z 2485161 chromium-browser: Use after free in ANGLE CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11040.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10981 important 2026-06-02T00:00:00Z 2485162 chromium-browser: Insufficient validation of untrusted input in Codecs CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10981.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-10932 important 2026-06-02T00:00:00Z 2485163 chromium-browser: Use after free in UI CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10932.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11172 moderate 2026-06-02T00:00:00Z 2485164 chromium-browser: Incorrect security UI in Contact Picker CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11172.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11145 moderate 2026-06-02T00:00:00Z 2485165 chromium-browser: Race in Geolocation CWE-368 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11145.xml 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11291 low 2026-06-02T00:00:00Z 2485166 chromium-browser: Policy bypass in Android Autofill CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11291.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-11201 moderate 2026-06-02T00:00:00Z 2485167 chromium-browser: Use after free in ServiceWorker CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11201.xml 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2026-11243 low 2026-06-02T00:00:00Z 2485168 chromium-browser: Incorrect security UI in Downloads CWE-358 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11243.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11133 moderate 2026-06-02T00:00:00Z 2485169 chromium-browser: Insufficient policy enforcement in Paint CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11133.xml 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N CVE-2026-11255 low 2026-06-02T00:00:00Z 2485170 chromium-browser: Insufficient validation of untrusted input in Storage Access API CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11255.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11189 moderate 2026-06-02T00:00:00Z 2485171 chromium-browser: Insufficient validation of untrusted input in DevTools CWE-807 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11189.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11050 moderate 2026-06-02T00:00:00Z 2485172 chromium-browser: Use after free in V8 CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11050.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10910 important 2026-06-02T00:00:00Z 2485173 chromium-browser: Type Confusion in V8 CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10910.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11197 moderate 2026-06-02T00:00:00Z 2485174 chromium-browser: Insufficient policy enforcement in Workers CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11197.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-10928 important 2026-06-02T00:00:00Z 2485175 chromium-browser: Script injection in Headless CWE-94 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10928.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11151 moderate 2026-06-02T00:00:00Z 2485176 chromium-browser: Insufficient validation of untrusted input in Password Manager CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11151.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11112 moderate 2026-06-02T00:00:00Z 2485177 chromium-browser: Insufficient validation of untrusted input in Chromoting CWE-501 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11112.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11245 low 2026-06-02T00:00:00Z 2485178 chromium-browser: Inappropriate implementation in Payments CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11245.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11279 low 2026-06-02T00:00:00Z 2485179 chromium-browser: Out of bounds read in DevTools CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11279.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11283 low 2026-06-02T00:00:00Z 2485180 chromium-browser: Policy bypass in Shortcuts CWE-434 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11283.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11074 moderate 2026-06-02T00:00:00Z 2485181 chromium-browser: Use after free in WebRTC CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11074.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11160 moderate 2026-06-02T00:00:00Z 2485182 chromium-browser: Out of bounds read in Input CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11160.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-11299 low 2026-06-02T00:00:00Z 2485183 chromium-browser: Out of bounds read in Fonts CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11299.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-11267 low 2026-06-02T00:00:00Z 2485184 chromium-browser: Insufficient policy enforcement in Extensions CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11267.xml 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVE-2026-10929 important 2026-06-02T00:00:00Z 2485185 chromium-browser: Heap buffer overflow in ANGLE CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10929.xml 8.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10991 moderate 2026-06-02T00:00:00Z 2485186 chromium-browser: Use after free in V8 CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10991.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11212 moderate 2026-06-02T00:00:00Z 2485187 chromium-browser: Insufficient policy enforcement in DevTools CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11212.xml 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-10913 important 2026-06-02T00:00:00Z 2485188 chromium-browser: Use after free in ANGLE CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10913.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11091 moderate 2026-06-02T00:00:00Z 2485189 chromium-browser: Inappropriate implementation in Dawn CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11091.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11077 moderate 2026-06-02T00:00:00Z 2485190 chromium-browser: Out of bounds read in Dawn CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11077.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11196 moderate 2026-06-02T00:00:00Z 2485191 chromium-browser: Type Confusion in XML CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11196.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11136 moderate 2026-06-02T00:00:00Z 2485192 chromium-browser: Use after free in Canvas CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11136.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11038 moderate 2026-06-02T00:00:00Z 2485193 chromium-browser: Insufficient validation of untrusted input in Subresource Integrity CWE-354 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11038.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2026-11231 low 2026-06-02T00:00:00Z 2485194 chromium-browser: Inappropriate implementation in Safe Browsing CWE-184 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11231.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11175 moderate 2026-06-02T00:00:00Z 2485195 chromium-browser: Incorrect security UI in Messages CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11175.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11118 moderate 2026-06-02T00:00:00Z 2485196 chromium-browser: Use after free in WebRTC CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11118.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11166 moderate 2026-06-02T00:00:00Z 2485197 chromium-browser: Inappropriate implementation in SVG CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11166.xml 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2026-11059 moderate 2026-06-02T00:00:00Z 2485198 chromium-browser: Use after free in Blink CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11059.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10900 important 2026-06-02T00:00:00Z 2485199 chromium-browser: Use after free in Passwords CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10900.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10936 important 2026-06-02T00:00:00Z 2485200 chromium-browser: Type Confusion in V8 CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10936.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11210 moderate 2026-06-02T00:00:00Z 2485201 chromium-browser: Insufficient policy enforcement in Safe Browsing CWE-551 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11210.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11013 moderate 2026-06-02T00:00:00Z 2485202 chromium-browser: Insufficient validation of untrusted input in Network CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11013.xml 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-10893 important 2026-06-02T00:00:00Z 2485203 chromium-browser: Use after free in Chromoting CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10893.xml 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2026-11090 moderate 2026-06-02T00:00:00Z 2485204 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11090.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-10949 important 2026-06-02T00:00:00Z 2485205 chromium-browser: Heap buffer overflow in Video CWE-131 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10949.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11184 moderate 2026-06-02T00:00:00Z 2485206 chromium-browser: Insufficient policy enforcement in Actor CWE-280 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11184.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11105 moderate 2026-06-02T00:00:00Z 2485207 chromium-browser: Insufficient validation of untrusted input in WebUI CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11105.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11281 low 2026-06-02T00:00:00Z 2485208 chromium-browser: Integer overflow in Chromoting CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11281.xml 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2026-11308 low 2026-06-02T00:00:00Z 2485209 chromium-browser: Inappropriate implementation in Extensions CWE-648 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11308.xml 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N CVE-2026-11181 moderate 2026-06-02T00:00:00Z 2485210 chromium-browser: Inappropriate implementation in Media Session CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11181.xml 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N CVE-2026-11256 low 2026-06-02T00:00:00Z 2485211 chromium-browser: Out of bounds read in GPU CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11256.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L CVE-2026-11032 moderate 2026-06-02T00:00:00Z 2485212 chromium-browser: Insufficient data validation in Password Manager CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11032.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11083 moderate 2026-06-02T00:00:00Z 2485213 chromium-browser: Inappropriate implementation in Password Manager CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11083.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11268 low 2026-06-02T00:00:00Z 2485214 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11268.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11153 moderate 2026-06-02T00:00:00Z 2485215 chromium-browser: Side-channel information leakage in Forms CWE-205 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11153.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11006 moderate 2026-06-02T00:00:00Z 2485216 chromium-browser: Out of bounds read in Dawn CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11006.xml 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVE-2026-11044 moderate 2026-06-02T00:00:00Z 2485217 chromium-browser: Integer overflow in ANGLE CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11044.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11102 moderate 2026-06-02T00:00:00Z 2485218 chromium-browser: Inappropriate implementation in Isolated Web Apps CWE-434 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11102.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10882 important 2026-06-02T00:00:00Z 2485219 chromium-browser: Use after free in Network CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10882.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11301 low 2026-06-02T00:00:00Z 2485220 chromium-browser: Out of bounds read in LiveCaption CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11301.xml 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2026-10904 important 2026-06-02T00:00:00Z 2485221 chromium-browser: Inappropriate implementation in V8 CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10904.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11170 moderate 2026-06-02T00:00:00Z 2485222 chromium-browser: Inappropriate implementation in Chromoting CWE-250 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11170.xml 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2026-11182 moderate 2026-06-02T00:00:00Z 2485223 chromium-browser: Inappropriate implementation in SVG CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11182.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11188 moderate 2026-06-02T00:00:00Z 2485224 chromium-browser: Use after free in USB CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11188.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11254 low 2026-06-02T00:00:00Z 2485225 chromium-browser: Inappropriate implementation in Permissions CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11254.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11229 low 2026-06-02T00:00:00Z 2485226 chromium-browser: Insufficient policy enforcement in Enterprise CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11229.xml 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-11014 moderate 2026-06-02T00:00:00Z 2485227 chromium-browser: Insufficient policy enforcement in Extensions CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11014.xml 7.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11019 moderate 2026-06-02T00:00:00Z 2485228 chromium-browser: Inappropriate implementation in Payments CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11019.xml 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N CVE-2026-11221 low 2026-06-02T00:00:00Z 2485229 chromium-browser: Insufficient validation of untrusted input in PointerLock CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11221.xml 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N CVE-2026-10980 important 2026-06-02T00:00:00Z 2485230 chromium-browser: Insufficient validation of untrusted input in DevTools CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10980.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11065 moderate 2026-06-02T00:00:00Z 2485231 chromium-browser: Use after free in ANGLE CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11065.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10934 important 2026-06-02T00:00:00Z 2485232 chromium-browser: Use after free in Autofill https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10934.xml 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2026-11167 moderate 2026-06-02T00:00:00Z 2485233 chromium-browser: Inappropriate implementation in WebView CWE-501 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11167.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10937 important 2026-06-02T00:00:00Z 2485234 chromium-browser: Inappropriate implementation in Passwords CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10937.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-11199 moderate 2026-06-02T00:00:00Z 2485235 chromium-browser: Insufficient validation of untrusted input in WebRTC CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11199.xml 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2026-10977 important 2026-06-02T00:00:00Z 2485236 chromium-browser: Uninitialized Use in Skia CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10977.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-10883 important 2026-06-02T00:00:00Z 2485237 chromium-browser: Out of bounds write in ANGLE CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10883.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11017 moderate 2026-06-02T00:00:00Z 2485238 chromium-browser: Inappropriate implementation in Link Preview CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11017.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2026-10960 important 2026-06-02T00:00:00Z 2485239 chromium-browser: Uninitialized Use in Codecs CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10960.xml 7.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11174 moderate 2026-06-02T00:00:00Z 2485240 chromium-browser: Insufficient policy enforcement in Site Isolation CWE-501 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11174.xml 7.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11178 moderate 2026-06-02T00:00:00Z 2485241 chromium-browser: Policy bypass in WebView CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11178.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-10891 important 2026-06-02T00:00:00Z 2485242 chromium-browser: Use after free in GFX CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10891.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11126 moderate 2026-06-02T00:00:00Z 2485243 chromium-browser: Insufficient validation of untrusted input in DevTools CWE-940 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11126.xml 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-10922 important 2026-06-02T00:00:00Z 2485244 chromium-browser: Insufficient validation of untrusted input in DevTools CWE-1173 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10922.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11142 moderate 2026-06-02T00:00:00Z 2485245 chromium-browser: Policy bypass in Paint CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11142.xml 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2026-10897 important 2026-06-02T00:00:00Z 2485246 chromium-browser: Out of bounds write in GPU CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10897.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11223 low 2026-06-02T00:00:00Z 2485247 chromium-browser: Insufficient validation of untrusted input in Network CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11223.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-10895 important 2026-06-02T00:00:00Z 2485248 chromium-browser: Use after free in Ozone CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10895.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11258 low 2026-06-02T00:00:00Z 2485249 chromium-browser: Inappropriate implementation in File System Access CWE-551 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11258.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-10903 important 2026-06-02T00:00:00Z 2485250 chromium-browser: Use after free in WebRTC CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10903.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11238 low 2026-06-02T00:00:00Z 2485251 chromium-browser: Inappropriate implementation in DevTools CWE-201 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11238.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11020 moderate 2026-06-02T00:00:00Z 2485252 chromium-browser: Inappropriate implementation in Extensions CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11020.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11110 moderate 2026-06-02T00:00:00Z 2485253 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11110.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11261 low 2026-06-02T00:00:00Z 2485254 chromium-browser: Insufficient validation of untrusted input in PDF CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11261.xml 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N CVE-2026-11187 moderate 2026-06-02T00:00:00Z 2485255 chromium-browser: Insufficient policy enforcement in Glic CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11187.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11265 low 2026-06-02T00:00:00Z 2485256 chromium-browser: Insufficient data validation in Autofill CWE-940 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11265.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11022 moderate 2026-06-02T00:00:00Z 2485257 chromium-browser: Insufficient validation of untrusted input in DevTools CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11022.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11144 moderate 2026-06-02T00:00:00Z 2485258 chromium-browser: Use after free in Media CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11144.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10992 moderate 2026-06-02T00:00:00Z 2485259 chromium-browser: Insufficient data validation in Animation CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10992.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11217 low 2026-06-02T00:00:00Z 2485260 chromium-browser: Insufficient policy enforcement in Fenced Frames CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11217.xml 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11089 moderate 2026-06-02T00:00:00Z 2485261 chromium-browser: Uninitialized Use in Media CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11089.xml 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11306 low 2026-06-02T00:00:00Z 2485262 chromium-browser: Use after free in PDFium CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11306.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11043 moderate 2026-06-02T00:00:00Z 2485263 chromium-browser: Out of bounds write in ANGLE CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11043.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11073 moderate 2026-06-02T00:00:00Z 2485264 chromium-browser: Use after free in WebGL CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11073.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11023 moderate 2026-06-02T00:00:00Z 2485266 chromium-browser: Insufficient validation of untrusted input in WebAppInstalls CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11023.xml 7.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11041 moderate 2026-06-02T00:00:00Z 2485267 chromium-browser: Insufficient validation of untrusted input in Media CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11041.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10998 moderate 2026-06-02T00:00:00Z 2485268 chromium-browser: Out of bounds read in Media CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10998.xml 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-11275 low 2026-06-02T00:00:00Z 2485269 chromium-browser: Insufficient policy enforcement in Page Info CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11275.xml 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVE-2026-10966 important 2026-06-02T00:00:00Z 2485270 chromium-browser: Insufficient validation of untrusted input in Codecs CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10966.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11304 low 2026-06-02T00:00:00Z 2485271 chromium-browser: Use after free in PDFium CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11304.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11278 low 2026-06-02T00:00:00Z 2485272 chromium-browser: Inappropriate implementation in CustomTabs CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11278.xml 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-10912 important 2026-06-02T00:00:00Z 2485273 chromium-browser: Insufficient validation of untrusted input in Extensions CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10912.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11169 moderate 2026-06-02T00:00:00Z 2485274 chromium-browser: Inappropriate implementation in XML CWE-91 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11169.xml 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2026-11123 moderate 2026-06-02T00:00:00Z 2485275 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11123.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11047 moderate 2026-06-02T00:00:00Z 2485276 chromium-browser: Insufficient validation of untrusted input in Base CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11047.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10973 important 2026-06-02T00:00:00Z 2485277 chromium-browser: Uninitialized Use in Dawn CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10973.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11296 low 2026-06-02T00:00:00Z 2485278 chromium-browser: Inappropriate implementation in ImageCapture CWE-648 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11296.xml CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N CVE-2026-10923 important 2026-06-02T00:00:00Z 2485279 chromium-browser: Use after free in WebAppInstalls CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10923.xml 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2026-11018 moderate 2026-06-02T00:00:00Z 2485280 chromium-browser: Insufficient policy enforcement in Actor CWE-807 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11018.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-10970 important 2026-06-02T00:00:00Z 2485281 chromium-browser: Insufficient validation of untrusted input in InterestGroups CWE-1289 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10970.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11103 moderate 2026-06-02T00:00:00Z 2485282 chromium-browser: Inappropriate implementation in Installer CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11103.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11282 low 2026-06-02T00:00:00Z 2485283 chromium-browser: Policy bypass in Sandbox CWE-501 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11282.xml CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N CVE-2026-11303 low 2026-06-02T00:00:00Z 2485284 chromium-browser: Use after free in PDFium CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11303.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10902 important 2026-06-02T00:00:00Z 2485285 chromium-browser: Use after free in Ozone CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10902.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11154 moderate 2026-06-02T00:00:00Z 2485286 chromium-browser: Use after free in Dawn CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11154.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11295 low 2026-06-02T00:00:00Z 2485287 chromium-browser: Inappropriate implementation in WebView CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11295.xml 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVE-2026-10920 important 2026-06-02T00:00:00Z 2485288 chromium-browser: Insufficient validation of untrusted input in WebShare CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10920.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10925 important 2026-06-02T00:00:00Z 2485289 chromium-browser: Out of bounds write in Skia CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10925.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11203 moderate 2026-06-02T00:00:00Z 2485290 chromium-browser: Policy bypass in GPU CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11203.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-10916 important 2026-06-02T00:00:00Z 2485291 chromium-browser: Insufficient validation of untrusted input in DevTools CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10916.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-11109 moderate 2026-06-02T00:00:00Z 2485292 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11109.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11269 low 2026-06-02T00:00:00Z 2485293 chromium-browser: Inappropriate implementation in Extensions CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11269.xml 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10906 important 2026-06-02T00:00:00Z 2485294 chromium-browser: Use after free in WebAuthentication CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10906.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11029 moderate 2026-06-02T00:00:00Z 2485295 chromium-browser: Insufficient validation of untrusted input in Drag and Drop CWE-807 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11029.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10938 important 2026-06-02T00:00:00Z 2485296 chromium-browser: Insufficient validation of untrusted input in Input CWE-501 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10938.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11095 moderate 2026-06-02T00:00:00Z 2485297 chromium-browser: Insufficient validation of untrusted input in Codecs CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11095.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11246 low 2026-06-02T00:00:00Z 2485298 chromium-browser: Insufficient validation of untrusted input in IndexedDB CWE-1173 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11246.xml 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-10914 important 2026-06-02T00:00:00Z 2485299 chromium-browser: Use after free in ANGLE CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10914.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11138 moderate 2026-06-02T00:00:00Z 2485300 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11138.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-10905 important 2026-06-02T00:00:00Z 2485301 chromium-browser: Use after free in Network CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10905.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10888 important 2026-06-02T00:00:00Z 2485302 chromium-browser: Use after free in Cast Streaming CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10888.xml 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-11051 moderate 2026-06-02T00:00:00Z 2485303 chromium-browser: Out of bounds read in ANGLE CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11051.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11132 moderate 2026-06-02T00:00:00Z 2485304 chromium-browser: Policy bypass in Paint CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11132.xml 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-11163 moderate 2026-06-02T00:00:00Z 2485305 chromium-browser: Use after free in Messages CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11163.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11061 moderate 2026-06-02T00:00:00Z 2485306 chromium-browser: Out of bounds read in ANGLE CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11061.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11012 moderate 2026-06-02T00:00:00Z 2485307 chromium-browser: Use after free in Serial CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11012.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10964 important 2026-06-02T00:00:00Z 2485308 chromium-browser: Integer overflow in V8 CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10964.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11064 moderate 2026-06-02T00:00:00Z 2485309 chromium-browser: Uninitialized Use in GPU CWE-368 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11064.xml 5.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2026-11219 low 2026-06-02T00:00:00Z 2485310 chromium-browser: Insufficient data validation in Navigation CWE-551 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11219.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11225 low 2026-06-02T00:00:00Z 2485311 chromium-browser: Incorrect security UI in WebUI CWE-368 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11225.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11293 low 2026-06-02T00:00:00Z 2485312 chromium-browser: Use after free in Input CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11293.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11292 low 2026-06-02T00:00:00Z 2485313 chromium-browser: Policy bypass in Blink CWE-280 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11292.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-10982 important 2026-06-02T00:00:00Z 2485314 chromium-browser: Use after free in WebXR CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10982.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11149 moderate 2026-06-02T00:00:00Z 2485315 chromium-browser: Insufficient validation of untrusted input in Extensions CWE-807 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11149.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10927 important 2026-06-02T00:00:00Z 2485316 chromium-browser: Out of bounds read in Dawn CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10927.xml 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11241 low 2026-06-02T00:00:00Z 2485317 chromium-browser: Insufficient validation of untrusted input in Cast CWE-807 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11241.xml 7.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2026-10962 important 2026-06-02T00:00:00Z 2485318 chromium-browser: Type Confusion in Media CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10962.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10979 important 2026-06-02T00:00:00Z 2485319 chromium-browser: Out of bounds read in ANGLE CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10979.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11216 low 2026-06-02T00:00:00Z 2485320 chromium-browser: Incorrect security UI in File Input CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11216.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-11094 moderate 2026-06-02T00:00:00Z 2485321 chromium-browser: Use after free in Codecs CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11094.xml 7.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N CVE-2026-11137 moderate 2026-06-02T00:00:00Z 2485322 chromium-browser: Uninitialized Use in ANGLE CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11137.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11252 low 2026-06-02T00:00:00Z 2485323 chromium-browser: Policy bypass in Content Settings CWE-280 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11252.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11079 moderate 2026-06-02T00:00:00Z 2485324 chromium-browser: Insufficient validation of untrusted input in Codecs CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11079.xml 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H CVE-2026-11031 moderate 2026-06-02T00:00:00Z 2485325 chromium-browser: Insufficient validation of untrusted input in Password Manager CWE-79 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11031.xml 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2026-11058 moderate 2026-06-02T00:00:00Z 2485326 chromium-browser: Integer overflow in CredentialProvider CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11058.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11230 low 2026-06-02T00:00:00Z 2485327 chromium-browser: Use after free in Extensions CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11230.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11224 low 2026-06-02T00:00:00Z 2485328 chromium-browser: Use after free in Chromoting CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11224.xml 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2026-11213 moderate 2026-06-02T00:00:00Z 2485329 chromium-browser: Insufficient validation of untrusted input in Reading Mode CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11213.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11071 moderate 2026-06-02T00:00:00Z 2485330 chromium-browser: Use after free in Base CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11071.xml 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11139 moderate 2026-06-02T00:00:00Z 2485331 chromium-browser: Policy bypass in Paint CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11139.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11115 moderate 2026-06-02T00:00:00Z 2485332 chromium-browser: Use after free in Updater CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11115.xml 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2026-11257 low 2026-06-02T00:00:00Z 2485333 chromium-browser: Inappropriate implementation in Browser CWE-1220 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11257.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-11042 moderate 2026-06-02T00:00:00Z 2485334 chromium-browser: Use after free in Views CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11042.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11208 moderate 2026-06-02T00:00:00Z 2485335 chromium-browser: Use after free in Codecs CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11208.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11198 moderate 2026-06-02T00:00:00Z 2485336 chromium-browser: Insufficient validation of untrusted input in Codecs CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11198.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11195 moderate 2026-06-02T00:00:00Z 2485337 chromium-browser: Inappropriate implementation in MHTML CWE-1021 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11195.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11068 moderate 2026-06-02T00:00:00Z 2485338 chromium-browser: Use after free in WebSockets CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11068.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11168 moderate 2026-06-02T00:00:00Z 2485339 chromium-browser: Insufficient policy enforcement in Extensions CWE-497 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11168.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11193 moderate 2026-06-02T00:00:00Z 2485340 chromium-browser: Insufficient policy enforcement in Password Manager CWE-280 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11193.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11249 low 2026-06-02T00:00:00Z 2485341 chromium-browser: Use after free in Network CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11249.xml 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N CVE-2026-11066 moderate 2026-06-02T00:00:00Z 2485342 chromium-browser: Insufficient validation of untrusted input in ANGLE CWE-807 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11066.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10947 important 2026-06-02T00:00:00Z 2485343 chromium-browser: Use after free in WebRTC CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10947.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-11045 moderate 2026-06-02T00:00:00Z 2485344 chromium-browser: Insufficient validation of untrusted input in GPU CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11045.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2026-11015 moderate 2026-06-02T00:00:00Z 2485345 chromium-browser: Out of bounds read in WebGPU CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11015.xml 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L CVE-2026-11155 moderate 2026-06-02T00:00:00Z 2485346 chromium-browser: Insufficient policy enforcement in CSS CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11155.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11063 moderate 2026-06-02T00:00:00Z 2485347 chromium-browser: Insufficient validation of untrusted input in WebNN CWE-1286 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11063.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11236 low 2026-06-02T00:00:00Z 2485348 chromium-browser: Insufficient policy enforcement in Web Bluetooth CWE-280 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11236.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11052 moderate 2026-06-02T00:00:00Z 2485349 chromium-browser: Type Confusion in GPU CWE-843 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11052.xml 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-11161 moderate 2026-06-02T00:00:00Z 2485350 chromium-browser: Insufficient data validation in DataTransfer CWE-346 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11161.xml 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2026-11146 moderate 2026-06-02T00:00:00Z 2485351 chromium-browser: Insufficient validation of untrusted input in Chromoting CWE-349 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11146.xml 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE-2026-10941 important 2026-06-02T00:00:00Z 2485352 chromium-browser: Out of bounds memory access in Skia CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10941.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-50256 important 2026-06-02T00:00:00Z 2485380 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch CWE-121 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50256.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-50257 important 2026-06-02T00:00:00Z 2485382 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() CWE-416 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50257.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-50258 important 2026-06-02T00:00:00Z 2485383 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels CWE-121 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50258.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-50259 important 2026-06-02T00:00:00Z 2485384 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing CWE-121 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50259.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-50260 important 2026-06-02T00:00:00Z 2485385 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() CWE-416 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50260.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-50261 important 2026-06-02T00:00:00Z 2485386 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() CWE-416 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50261.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-50262 moderate 2026-06-02T00:00:00Z 2485387 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50262.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2026-50263 moderate 2026-06-02T00:00:00Z 2485388 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() CWE-416 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50263.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2026-50264 important 2026-06-02T00:00:00Z 2485389 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-50264.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-10885 important 2026-06-02T00:00:00Z 2485628 chromium-browser: chromium-browser: Use after free in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10885.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10896 important 2026-06-02T00:00:00Z 2485629 chromium-browser: chromium-browser: Use after free in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10896.xml 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-10915 important 2026-06-02T00:00:00Z 2485630 chromium-browser: chromium-browser: Use after free in Core https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10915.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10944 important 2026-06-02T00:00:00Z 2485631 chromium-browser: chromium-browser: Insufficient policy enforcement in Autofill https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10944.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10950 important 2026-06-02T00:00:00Z 2485632 chromium-browser: chromium-browser: Insufficient policy enforcement in Autofill https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10950.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10951 important 2026-06-02T00:00:00Z 2485633 chromium-browser: chromium-browser: Use after free in Autofill https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10951.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10952 important 2026-06-02T00:00:00Z 2485634 chromium-browser: chromium-browser: Use after free in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10952.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10958 important 2026-06-02T00:00:00Z 2485635 chromium-browser: chromium-browser: Use after free in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10958.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10961 important 2026-06-02T00:00:00Z 2485636 chromium-browser: chromium-browser: Use after free in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10961.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-11053 moderate 2026-06-02T00:00:00Z 2485637 chromium-browser: chromium-browser: VULNERABILITY in WebRTC https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11053.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11099 moderate 2026-06-02T00:00:00Z 2485638 chromium-browser: chromium-browser: Vulnerability in Skia https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11099.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11165 moderate 2026-06-02T00:00:00Z 2485639 chromium-browser: chromium-browser: Use after free in WebMIDI https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11165.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11202 moderate 2026-06-02T00:00:00Z 2485640 chromium-browser: chromium-browser: Insufficient validation of untrusted input in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11202.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11204 moderate 2026-06-02T00:00:00Z 2485641 chromium-browser: chromium-browser: Inappropriate implementation in Signin https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11204.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11205 moderate 2026-06-02T00:00:00Z 2485642 chromium-browser: chromium-browser: Insufficient validation of untrusted input in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11205.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11214 moderate 2026-06-02T00:00:00Z 2485643 chromium-browser: chromium-browser: Inappropriate implementation in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11214.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-11272 low 2026-06-02T00:00:00Z 2485645 chromium-browser: chromium-browser: Insufficient validation of untrusted input in Reading List https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11272.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-11274 low 2026-06-02T00:00:00Z 2485646 chromium-browser: chromium-browser: Inappropriate implementation in DOM Distiller https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11274.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-11277 low 2026-06-02T00:00:00Z 2485647 chromium-browser: chromium-browser: Insufficient policy enforcement in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11277.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-11280 low 2026-06-02T00:00:00Z 2485648 chromium-browser: chromium-browser: Insufficient validation of untrusted input in Signin https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11280.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-11285 low 2026-06-02T00:00:00Z 2485649 chromium-browser: chromium-browser: Insufficient policy enforcement in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11285.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-11298 low 2026-06-02T00:00:00Z 2485650 chromium-browser: chromium-browser: Insufficient policy enforcement in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11298.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-11302 low 2026-06-02T00:00:00Z 2485651 chromium-browser: chromium-browser: Insufficient policy enforcement in Chrome for iOS https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-11302.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2024-52011 important 2026-06-01T17:17:43Z 2483853 launch-editor: vite: launch-editor: Arbitrary command execution via insufficient file argument sanitization CWE-88 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52011.xml 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L CVE-2026-43958 moderate 2026-06-01T17:04:30Z 2460932 rrdtool: rrdtool: Stack buffer overflow allows local code execution or denial of service CWE-121 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43958.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-10118 important 2026-06-01T15:25:35Z RHSA-2026:24985 RHSA-2026:25058 RHSA-2026:24984 2460428 poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CWE-190 poppler-0:24.02.0-7.el10_2.2 poppler-0:20.11.0-14.el8_10 poppler-0:21.01.0-24.el9_8.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10118.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-48827 moderate 2026-06-01T08:37:41Z 2483783 org.apache.sshd/sshd-git: Apache MINA SSHD: Path Traversal Vulnerability Allows Access to Unauthorized Git Repositories CWE-22 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48827.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2026-10233 low 2026-06-01T06:45:08Z 2486786 assimp: Assimp: Out-of-bounds read in Half-Life 1 MDL Loader allows information disclosure CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10233.xml 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2026-10232 moderate 2026-06-01T06:30:10Z 2486783 assimp: Assimp: Use-after-free vulnerability allows local impact CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10232.xml 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVE-2026-10231 moderate 2026-06-01T06:15:09Z 2486304 assimp: Assimp: Local heap-based buffer overflow allows denial of service or arbitrary code execution CWE-131 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10231.xml 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVE-2026-10230 moderate 2026-06-01T06:00:12Z 2483759 assimp: Assimp: Local heap-based buffer overflow in Half-Life 1 MDL Loader CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10230.xml 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L CVE-2026-10229 moderate 2026-06-01T05:45:07Z 2486785 assimp: Assimp: Heap-based buffer overflow in Half-Life 1 MDL Loader CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10229.xml 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L CVE-2026-10201 moderate 2026-05-31T23:00:12Z 2483758 assimp: Assimp: Denial of Service via divide-by-zero in FBXExporter CWE-369 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10201.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-10200 moderate 2026-05-31T22:45:10Z 2483757 assimp: Assimp: Heap-based buffer overflow in glTFCommon::CopyValue function CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10200.xml 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVE-2026-10199 moderate 2026-05-31T22:30:11Z 2483753 assimp: Assimp: Denial of Service via null pointer dereference in glTF2::LazyDict CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10199.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-10198 moderate 2026-05-31T22:15:12Z 2483754 assimp: Assimp: Denial of Service via null pointer dereference in glTFImporter CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10198.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H CVE-2026-10197 moderate 2026-05-31T22:00:12Z 2483755 assimp: Assimp: Denial of Service via null pointer dereference in glTF2Importer CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10197.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46242 moderate 2026-05-30T00:00:00Z 2483519 kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46242.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46344 moderate 2026-05-29T18:08:02Z 2483418 liboqs: liboqs: Denial of Service due to out-of-bounds read in XMSS/XMSS^MT signature verification CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46344.xml 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-44518 moderate 2026-05-29T18:07:07Z 2483392 liboqs: liboqs: Denial of Service due to out-of-bounds read in XMSS/XMSS^MT signature verification CWE-1284 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44518.xml 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-41150 moderate 2026-05-29T13:54:52Z 2483296 mermaid: Mermaid: Denial of Service via specially crafted gantt charts CWE-835 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41150.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-10101 moderate 2026-05-29T12:00:00Z 2483298 assisted-service: assisted-service: InfraEnv status leaks referenced pull-secret contents to namespace view users CWE-201 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10101.xml 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N CVE-2026-10028 low 2026-05-28T22:27:36Z 2465152 glib-networking: Infinite loop in glib-networking GnuTLS backend allows remote denial of service via circular certificate chain CWE-835 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10028.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-45292 important 2026-05-28T16:37:29Z 2482785 opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45292.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-44477 important 2026-05-28T15:46:12Z 2482763 github.com/cloudnative-pg/cloudnative-pg: CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE CWE-250 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44477.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-48525 moderate 2026-05-28T15:11:12Z 2482752 python-pyjwt: PyJWT: Denial of Service via processing of crafted detached JWS tokens CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48525.xml 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-48523 moderate 2026-05-28T15:10:19Z 2482743 python-pyjwt: PyJWT: Verifier-side algorithm bypass leads to unauthorized information access CWE-347 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48523.xml 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVE-2026-48526 important 2026-05-28T15:09:09Z 2482734 python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens CWE-347 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48526.xml 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2026-48524 moderate 2026-05-28T15:07:35Z 2482733 python-pyjwt: PyJWT: Denial of Service via unverified JSON Web Token key IDs CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48524.xml 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-48522 moderate 2026-05-28T15:00:30Z 2482753 python-pyjwt: PyJWT: Server-Side Request Forgery (SSRF) via uncontrolled URL fetching in PyJWKClient CWE-918 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48522.xml 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-48155 moderate 2026-05-28T14:51:49Z 2482748 pypdf: pypdf: Denial of Service via crafted PDF with large character offsets CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48155.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-48156 low 2026-05-28T14:50:41Z 2482739 pypdf: pypdf: Denial of Service via crafted PDF CWE-606 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48156.xml 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-48735 moderate 2026-05-28T14:49:11Z 2482741 pypdf: pypdf: Denial of Service via crafted PDF with large XMP metadata CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48735.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-41565 important 2026-05-28T14:13:19Z 2482740 perl-CryptX: perl-CryptX: Stack buffer overflow allows arbitrary code execution via a crafted authentication tag. CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41565.xml 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-42250 moderate 2026-05-28T13:15:19Z 2482704 bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file CWE-193 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42250.xml 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H CVE-2026-9804 important 2026-05-28T06:00:00Z 2482487 kubevirt: kubevirt: VMExport directory symlink escape enables exporter pod file read CWE-59 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9804.xml 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2026-44604 moderate 2026-05-28T05:52:00Z 2460967 rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command CWE-78 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44604.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-9673 moderate 2026-05-28T05:00:02Z 2482486 json-2-csv: json-2-csv: CSV Injection vulnerability allows arbitrary code execution via `preventCsvInjection` bypass. CWE-1236 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9673.xml 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N CVE-2026-9801 moderate 2026-05-28T04:18:25Z RHSA-2026:25098 RHSA-2026:25097 2482473 keycloak: Keycloak: Denial of Service via malformed LDAP password policy response CWE-1284 rhbk/keycloak-rhel9 rhbk/keycloak-operator-bundle:26.6.3-3 rhbk/keycloak-rhel9:26.6-6 rhbk/keycloak-rhel9-operator:26.6-6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9801.xml 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2026-9802 moderate 2026-05-28T04:10:26Z RHSA-2026:25098 RHSA-2026:25097 2482467 keycloak: Keycloak: Unauthorized account access via replayed refresh tokens after cluster restart CWE-613 rhbk/keycloak-rhel9 rhbk/keycloak-operator-bundle:26.6.3-3 rhbk/keycloak-rhel9:26.6-6 rhbk/keycloak-rhel9-operator:26.6-6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9802.xml 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2026-9803 moderate 2026-05-28T04:03:01Z RHSA-2026:25098 RHSA-2026:25097 2482465 keycloak: Keycloak: Denial of Service via malformed Authorization header CWE-125 rhbk/keycloak-rhel9 rhbk/keycloak-operator-bundle:26.6.3-3 rhbk/keycloak-rhel9:26.6-6 rhbk/keycloak-rhel9-operator:26.6-6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9803.xml 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-9798 moderate 2026-05-28T03:53:01Z 2482470 keycloak: Keycloak: Brute-force protection bypass in CIBA flow CWE-305 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9798.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-9796 moderate 2026-05-28T03:32:50Z 2482464 keycloak: Keycloak: Privilege escalation via Time-of-Check to Time-of-Use (TOCTOU) vulnerability CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9796.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N CVE-2026-9795 important 2026-05-28T03:16:49Z 2482462 keycloak: Keycloak: Privilege escalation via improper scope mapping enforcement CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9795.xml 7.3 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N CVE-2026-9794 moderate 2026-05-28T03:15:43Z RHSA-2026:25098 RHSA-2026:25097 2482461 keycloak: Keycloak: Information disclosure via SAML ECP endpoint CWE-209 rhbk/keycloak-rhel9 rhbk/keycloak-operator-bundle:26.6.3-3 rhbk/keycloak-rhel9:26.6-6 rhbk/keycloak-rhel9-operator:26.6-6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9794.xml 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-9793 moderate 2026-05-28T03:12:28Z 2482460 keycloak: Keycloak: Security policy bypass in JWE-encrypted request object processing CWE-347 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9793.xml 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2026-9792 moderate 2026-05-28T03:10:21Z RHSA-2026:25098 RHSA-2026:25097 2482459 keycloak: Keycloak: Security restriction bypass allows unauthorized ROPC token acquisition CWE-280 rhbk/keycloak-rhel9 rhbk/keycloak-operator-bundle:26.6.3-3 rhbk/keycloak-rhel9:26.6-6 rhbk/keycloak-rhel9-operator:26.6-6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9792.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-9791 moderate 2026-05-28T03:08:53Z RHSA-2026:25098 RHSA-2026:25097 2482458 keycloak-rhel9: Organization Data Leak After Feature Disabled in Keycloak CWE-863 rhbk/keycloak-rhel9 rhbk/keycloak-operator-bundle:26.6.3-3 rhbk/keycloak-rhel9:26.6-6 rhbk/keycloak-rhel9-operator:26.6-6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9791.xml 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2026-46190 moderate 2026-05-28T00:00:00Z 2482519 kernel: mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show() CWE-788 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46190.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46154 2026-05-28T00:00:00Z 2482520 kernel: sched_ext: Read scx_root under scx_cgroup_ops_rwsem in cgroup setters CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46154.xml CVE-2026-46187 2026-05-28T00:00:00Z 2482521 kernel: wifi: rsi: fix kthread lifetime race between self-exit and external-stop CWE-366 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46187.xml CVE-2026-46157 moderate 2026-05-28T00:00:00Z 2482522 kernel: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger CWE-820 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46157.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46116 important 2026-05-28T00:00:00Z 2482523 kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46116.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46148 2026-05-28T00:00:00Z 2482524 kernel: spi: microchip-core-qspi: control built-in cs manually CWE-372 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46148.xml CVE-2026-46193 moderate 2026-05-28T00:00:00Z 2482525 kernel: xfrm: ah: account for ESN high bits in async callbacks CWE-823 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46193.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46146 moderate 2026-05-28T00:00:00Z 2482526 kernel: ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() CWE-606 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46146.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46159 moderate 2026-05-28T00:00:00Z 2482527 kernel: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46159.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46207 moderate 2026-05-28T00:00:00Z 2482528 kernel: vsock/virtio: fix empty payload in tap skb for non-linear buffers CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46207.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46118 2026-05-28T00:00:00Z 2482529 kernel: pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle() CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46118.xml CVE-2026-46206 2026-05-28T00:00:00Z 2482530 kernel: batman-adv: reject new tp_meter sessions during teardown CWE-372 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46206.xml CVE-2026-46111 moderate 2026-05-28T00:00:00Z 2482531 kernel: Bluetooth: hci_conn: fix potential UAF in create_big_sync CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46111.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46181 important 2026-05-28T00:00:00Z RHSA-2026:25120 RHSA-2026:25121 RHSA-2026:25217 2482532 kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() CWE-366 kernel-rt-0:4.18.0-553.132.1.rt7.473.el8_10 kernel-0:4.18.0-553.132.1.el8_10 kernel-0:5.14.0-687.15.1.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46181.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46230 2026-05-28T00:00:00Z 2482533 kernel: drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46230.xml CVE-2026-46201 low 2026-05-28T00:00:00Z 2482534 kernel: drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46201.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46121 moderate 2026-05-28T00:00:00Z 2482535 kernel: mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46121.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46132 moderate 2026-05-28T00:00:00Z 2482536 kernel: net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo CWE-908 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46132.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46104 moderate 2026-05-28T00:00:00Z 2482537 kernel: selinux: use sk blob accessor in socket permission helpers CWE-1083 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46104.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46232 2026-05-28T00:00:00Z 2482538 kernel: HID: playstation: Clamp num_touch_reports CWE-805 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46232.xml CVE-2026-46177 2026-05-28T00:00:00Z 2482539 kernel: ipmi: Add limits to event and receive message requests CWE-835 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46177.xml CVE-2026-46143 2026-05-28T00:00:00Z 2482540 kernel: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46143.xml CVE-2026-46115 moderate 2026-05-28T00:00:00Z 2482541 kernel: block: add pgmap check to biovec_phys_mergeable CWE-372 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46115.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46170 moderate 2026-05-28T00:00:00Z 2482542 kernel: mptcp: pm: ADD_ADDR rtx: free sk if last CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46170.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46204 2026-05-28T00:00:00Z 2482543 kernel: drm/amdgpu/vcn4: Prevent OOB reads when parsing IB CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46204.xml CVE-2026-46205 2026-05-28T00:00:00Z 2482544 kernel: staging: media: atomisp: Disallow all private IOCTLs CWE-267 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46205.xml CVE-2026-46237 2026-05-28T00:00:00Z 2482545 kernel: drm/amdgpu/vcn3: Avoid overflow on msg bound check CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46237.xml CVE-2026-46106 moderate 2026-05-28T00:00:00Z 2482546 kernel: eventfs: Hold eventfs_mutex and SRCU when remount walks events CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46106.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46162 moderate 2026-05-28T00:00:00Z 2482547 kernel: ice: fix double free in ice_sf_eth_activate() error path CWE-1341 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46162.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46216 low 2026-05-28T00:00:00Z 2482548 kernel: drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status() CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46216.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46174 moderate 2026-05-28T00:00:00Z 2482549 kernel: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache CWE-653 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46174.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46133 moderate 2026-05-28T00:00:00Z 2482550 kernel: RDMA/rxe: Reject unknown opcodes before ICRC processing CWE-191 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46133.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46165 low 2026-05-28T00:00:00Z 2482551 kernel: openvswitch: vport: fix self-deadlock on release of tunnel ports CWE-833 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46165.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46224 low 2026-05-28T00:00:00Z 2482552 kernel: drm/xe: Fix bo leak in xe_dma_buf_init_obj() on allocation failure CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46224.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46194 2026-05-28T00:00:00Z 2482553 kernel: f2fs: fix node_cnt race between extent node destroy and writeback CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46194.xml CVE-2026-46123 moderate 2026-05-28T00:00:00Z 2482554 kernel: Bluetooth: virtio_bt: clamp rx length before skb_put CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46123.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46131 low 2026-05-28T00:00:00Z 2482555 kernel: KVM: x86: check for nEPT/nNPT in slow flush hypercalls CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46131.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46188 moderate 2026-05-28T00:00:00Z 2482557 kernel: octeon_ep_vf: add NULL check for napi_build_skb() CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46188.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46185 moderate 2026-05-28T00:00:00Z 2482558 kernel: smb/client: fix out-of-bounds read in symlink_data() CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46185.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46197 2026-05-28T00:00:00Z 2482559 kernel: drm/amdkfd: validate SVM ioctl nattr against buffer size CWE-1284 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46197.xml CVE-2026-46184 low 2026-05-28T00:00:00Z 2482560 kernel: sound: ua101: fix division by zero at probe CWE-369 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46184.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46233 2026-05-28T00:00:00Z 2482561 kernel: batman-adv: bla: only purge non-released claims CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46233.xml CVE-2026-46231 2026-05-28T00:00:00Z 2482562 kernel: batman-adv: bla: put backbone reference on failed claim hash insert CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46231.xml CVE-2026-46152 important 2026-05-28T00:00:00Z 2482563 kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result CWE-1058 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46152.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46227 important 2026-05-28T00:00:00Z 2482564 kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46227.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46239 2026-05-28T00:00:00Z 2482565 kernel: media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46239.xml CVE-2026-46149 moderate 2026-05-28T00:00:00Z 2482566 kernel: scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show() CWE-120 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46149.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46218 2026-05-28T00:00:00Z 2482567 kernel: drm/amdgpu: Add bounds checking to ib_{get,set}_value CWE-131 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46218.xml CVE-2026-46139 moderate 2026-05-28T00:00:00Z 2482568 kernel: smb: client: use kzalloc to zero-initialize security descriptor buffer CWE-909 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46139.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46153 low 2026-05-28T00:00:00Z 2482569 kernel: 8021q: delete cleared egress QoS mappings CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46153.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46222 2026-05-28T00:00:00Z 2482570 kernel: media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads CWE-166 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46222.xml CVE-2026-46168 moderate 2026-05-28T00:00:00Z 2482571 kernel: mptcp: fix scheduling with atomic in timestamp sockopt CWE-821 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46168.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46142 2026-05-28T00:00:00Z 2482572 kernel: net: libwx: fix VF illegal register access CWE-1220 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46142.xml CVE-2026-46236 2026-05-28T00:00:00Z 2482573 kernel: media: rc: xbox_remote: heed DMA restrictions CWE-131 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46236.xml CVE-2026-46171 2026-05-28T00:00:00Z 2482574 kernel: riscv: kvm: fix vector context allocation leak CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46171.xml CVE-2026-46221 2026-05-28T00:00:00Z 2482575 kernel: EDAC/versalnet: Fix device name memory leak CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46221.xml CVE-2026-46117 important 2026-05-28T00:00:00Z 2482576 kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() CWE-1288 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46117.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46240 2026-05-28T00:00:00Z 2482577 kernel: media: iris: Fix use-after-free in iris_release_internal_buffers() CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46240.xml CVE-2026-46182 moderate 2026-05-28T00:00:00Z 2482578 kernel: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace CWE-908 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46182.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46151 moderate 2026-05-28T00:00:00Z 2482579 kernel: usb: usblp: fix heap leak in IEEE 1284 device ID via short response CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46151.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46112 2026-05-28T00:00:00Z 2482580 kernel: RDMA/hns: Fix unlocked call to hns_roce_qp_remove() CWE-413 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46112.xml CVE-2026-46145 important 2026-05-28T00:00:00Z 2482581 kernel: RDMA/mana: Validate rx_hash_key_len CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46145.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46127 moderate 2026-05-28T00:00:00Z 2482582 kernel: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp() CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46127.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46175 2026-05-28T00:00:00Z 2482583 kernel: f2fs: fix fsck inconsistency caused by FGGC of node block CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46175.xml CVE-2026-46235 low 2026-05-28T00:00:00Z 2482584 kernel: media: saa7164: add ioremap return checks and cleanups CWE-252 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46235.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46208 2026-05-28T00:00:00Z 2482585 kernel: batman-adv: stop tp_meter sessions during mesh teardown CWE-366 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46208.xml CVE-2026-46178 low 2026-05-28T00:00:00Z 2482586 kernel: RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46178.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46113 moderate 2026-05-28T00:00:00Z 2482587 kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN CWE-416 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46113.xml 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2026-46189 important 2026-05-28T00:00:00Z 2482588 kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path CWE-1341 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46189.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46213 2026-05-28T00:00:00Z 2482589 kernel: HID: appletb-kbd: fix UAF in inactivity-timer cleanup path CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46213.xml CVE-2026-46196 low 2026-05-28T00:00:00Z 2482590 kernel: tracepoint: balance regfunc() on func_add() failure in tracepoint_add_func() CWE-459 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46196.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46200 2026-05-28T00:00:00Z 2482591 kernel: spi: mpc52xx: fix controller deregistration CWE-459 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46200.xml CVE-2026-46140 low 2026-05-28T00:00:00Z 2482592 kernel: Bluetooth: btmtk: validate WMT event SKB length before struct access CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46140.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46241 2026-05-28T00:00:00Z 2482593 kernel: spi: mpc52xx: fix use-after-free on registration failure CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46241.xml CVE-2026-46176 important 2026-05-28T00:00:00Z 2482594 kernel: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init() CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46176.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46169 moderate 2026-05-28T00:00:00Z 2482595 kernel: hfsplus: fix uninit-value by validating catalog record size CWE-1284 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46169.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46110 2026-05-28T00:00:00Z 2482596 kernel: net: stmmac: Prevent NULL deref when RX memory exhausted CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46110.xml CVE-2026-46202 2026-05-28T00:00:00Z 2482597 kernel: HID: appletb-kbd: run inactivity autodim from workqueues CWE-413 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46202.xml CVE-2026-46210 2026-05-28T00:00:00Z 2482599 kernel: media: iris: fix use-after-free of fmt_src during MBPF check CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46210.xml CVE-2026-46137 moderate 2026-05-28T00:00:00Z 2482600 kernel: mptcp: pm: ADD_ADDR rtx: fix potential data-race CWE-821 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46137.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46192 2026-05-28T00:00:00Z 2482601 kernel: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations CWE-372 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46192.xml CVE-2026-46183 2026-05-28T00:00:00Z 2482602 kernel: mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock CWE-413 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46183.xml CVE-2026-46228 2026-05-28T00:00:00Z 2482603 kernel: spi: ch341: fix devres lifetime CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46228.xml CVE-2026-46219 2026-05-28T00:00:00Z 2482605 kernel: spi: mpc52xx: fix use-after-free on unbind CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46219.xml CVE-2026-46195 important 2026-05-28T00:00:00Z 2482606 kernel: smb: client: validate dacloffset before building DACL pointers CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46195.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46220 2026-05-28T00:00:00Z 2482607 kernel: drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46220.xml CVE-2026-46125 important 2026-05-28T00:00:00Z 2482608 kernel: wifi: mac80211: remove station if connection prep fails CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46125.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46134 2026-05-28T00:00:00Z 2482609 kernel: platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration CWE-909 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46134.xml CVE-2026-46161 low 2026-05-28T00:00:00Z 2482610 kernel: md/raid10: fix divide-by-zero in setup_geo() with zero far_copies CWE-369 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46161.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46105 moderate 2026-05-28T00:00:00Z 2482611 kernel: scsi: mpt3sas: Limit NVMe request size to 2 MiB CWE-131 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46105.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46150 moderate 2026-05-28T00:00:00Z 2482612 kernel: fanotify: fix false positive on permission events CWE-280 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46150.xml 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-46203 low 2026-05-28T00:00:00Z 2482613 kernel: spi: cadence-quadspi: fix unclocked access on unbind CWE-826 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46203.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46120 moderate 2026-05-28T00:00:00Z 2482614 kernel: ip6_gre: Use cached t->net in ip6erspan_changelink() CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46120.xml 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-46215 moderate 2026-05-28T00:00:00Z 2482615 kernel: drm: Set old handle to NULL before prime swap in change_handle CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46215.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46180 moderate 2026-05-28T00:00:00Z 2482616 kernel: wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46180.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46167 low 2026-05-28T00:00:00Z 2482617 kernel: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46167.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46114 moderate 2026-05-28T00:00:00Z 2482618 kernel: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads CWE-130 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46114.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46126 low 2026-05-28T00:00:00Z 2482619 kernel: RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() CWE-459 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46126.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46147 2026-05-28T00:00:00Z 2482620 kernel: KVM: arm64: Fix pin leak and publication ordering in __pkvm_init_vcpu() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46147.xml CVE-2026-46119 moderate 2026-05-28T00:00:00Z 2482621 kernel: libceph: Fix slab-out-of-bounds access in auth message processing CWE-131 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46119.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46144 low 2026-05-28T00:00:00Z 2482622 kernel: RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46144.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46238 2026-05-28T00:00:00Z 2482623 kernel: batman-adv: stop caching unowned originator pointers in BAT IV CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46238.xml CVE-2026-46136 low 2026-05-28T00:00:00Z 2482624 kernel: wifi: mt76: mt7921: fix a potential clc buffer length underflow CWE-124 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46136.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46141 2026-05-28T00:00:00Z 2482625 kernel: powerpc/xive: fix kmemleak caused by incorrect chip_data lookup CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46141.xml CVE-2026-46198 2026-05-28T00:00:00Z 2482626 kernel: batman-adv: fix integer overflow on buff_pos CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46198.xml CVE-2026-46179 2026-05-28T00:00:00Z 2482627 kernel: ASoC: SOF: Don't allow pointer operations on unconfigured streams CWE-369 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46179.xml CVE-2026-46223 2026-05-28T00:00:00Z 2482628 kernel: cgroup: Defer css percpu_ref kill on rmdir until cgroup is depopulated CWE-833 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46223.xml CVE-2026-46109 2026-05-28T00:00:00Z 2482629 kernel: usb: ulpi: fix memory leak on ulpi_register() error paths CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46109.xml CVE-2026-46211 2026-05-28T00:00:00Z 2482630 kernel: drm/msm/gem: fix error handling in msm_ioctl_gem_info_get_metadata() CWE-390 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46211.xml CVE-2026-46186 moderate 2026-05-28T00:00:00Z 2482631 kernel: Bluetooth: virtio_bt: validate rx pkt_type header length CWE-805 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46186.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46212 2026-05-28T00:00:00Z 2482632 kernel: batman-adv: bla: prevent use-after-free when deleting claims CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46212.xml CVE-2026-46217 2026-05-28T00:00:00Z 2482633 kernel: drm/amdgpu/vcn4: Avoid overflow on msg bound check CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46217.xml CVE-2026-46173 moderate 2026-05-28T00:00:00Z 2482634 kernel: exit: prevent preemption of oopsing TASK_DEAD task CWE-1341 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46173.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46191 moderate 2026-05-28T00:00:00Z 2482635 kernel: fbcon: Avoid OOB font access if console rotation fails CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46191.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46209 moderate 2026-05-28T00:00:00Z 2482636 kernel: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46209.xml 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-46107 moderate 2026-05-28T00:00:00Z 2482637 kernel: dm-thin: fix metadata refcount underflow CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46107.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46156 2026-05-28T00:00:00Z 2482638 kernel: LoongArch: Fix potential ADE in loongson_gpu_fixup_dma_hang() CWE-823 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46156.xml CVE-2026-46158 moderate 2026-05-28T00:00:00Z 2482639 kernel: mptcp: pm: ADD_ADDR rtx: always decrease sk refcount CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46158.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46234 moderate 2026-05-28T00:00:00Z 2482640 kernel: vsock: fix buffer size clamping order CWE-179 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46234.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46163 2026-05-28T00:00:00Z 2482641 kernel: wifi: b43legacy: enforce bounds check on firmware key index in RX path CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46163.xml CVE-2026-46164 2026-05-28T00:00:00Z 2482642 kernel: btrfs: fix double free in create_space_info_sub_group() error path CWE-1341 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46164.xml CVE-2026-46229 2026-05-28T00:00:00Z 2482643 kernel: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure CWE-909 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46229.xml CVE-2026-46172 moderate 2026-05-28T00:00:00Z 2482644 kernel: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46172.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46166 important 2026-05-28T00:00:00Z 2482645 kernel: wifi: mac80211: use safe list iteration in radar detect work CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46166.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46124 2026-05-28T00:00:00Z 2482646 kernel: isofs: validate block number from NFS file handle in isofs_export_iget CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46124.xml CVE-2026-46160 moderate 2026-05-28T00:00:00Z 2482647 kernel: btrfs: fix missing last_unlink_trans update when removing a directory CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46160.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46122 2026-05-28T00:00:00Z 2482648 kernel: wifi: b43: enforce bounds check on firmware key index in b43_rx() CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46122.xml CVE-2026-46199 2026-05-28T00:00:00Z 2482649 kernel: drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46199.xml CVE-2026-46225 2026-05-28T00:00:00Z 2482651 kernel: spi: rspi: fix controller deregistration CWE-826 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46225.xml CVE-2026-46214 moderate 2026-05-28T00:00:00Z 2482652 kernel: vsock/virtio: fix accept queue count leak on transport mismatch CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46214.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46135 moderate 2026-05-28T00:00:00Z 2482654 kernel: nvmet-tcp: fix race between ICReq handling and queue teardown CWE-1341 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46135.xml 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-46129 2026-05-28T00:00:00Z 2482655 kernel: btrfs: fix double free in create_space_info() error path CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46129.xml CVE-2026-46138 moderate 2026-05-28T00:00:00Z 2482656 kernel: Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46138.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46226 2026-05-28T00:00:00Z 2482657 kernel: spi: fsl: fix controller deregistration CWE-826 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46226.xml CVE-2026-46128 2026-05-28T00:00:00Z 2482659 kernel: ipmi: Check event message buffer response for bad data CWE-390 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46128.xml CVE-2026-46155 moderate 2026-05-28T00:00:00Z 2482660 kernel: smb/client: fix out-of-bounds read in smb2_compound_op() CWE-130 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46155.xml 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-46108 2026-05-28T00:00:00Z 2482661 kernel: ipmi:si: Return state to normal if message allocation fails CWE-372 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46108.xml CVE-2026-46130 moderate 2026-05-28T00:00:00Z 2482662 kernel: dm-verity-fec: fix reading parity bytes split across blocks (take 3) CWE-823 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46130.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-42998 moderate 2026-05-28T00:00:00Z 2482825 openstack-keystone: OpenStack Keystone: User impersonation and unauthorized access via insufficient application credential verification. CWE-303 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42998.xml 4.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N CVE-2026-43000 important 2026-05-28T00:00:00Z 2482826 keystone: OpenStack Keystone: Privilege escalation via chained application credential impersonation and trust misuse CWE-266 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43000.xml 8.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L CVE-2026-42999 important 2026-05-28T00:00:00Z 2482840 openstack-keystone: OpenStack Keystone: Unauthorized access and privilege escalation via arbitrary policy attribute injection CWE-639 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42999.xml 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L CVE-2026-44394 moderate 2026-05-28T00:00:00Z 2482842 openstack-keystone: OpenStack Keystone: Federated token rescoping allows indefinite access CWE-613 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44394.xml 4.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N CVE-2026-44660 moderate 2026-05-27T20:42:59Z 2482406 python-ujson: UltraJSON: Memory leak leading to Denial of Service CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44660.xml 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-44724 important 2026-05-27T19:26:28Z 2482416 systeminformation: systeminformation: Command injection via NetworkManager connection profile name CWE-78 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44724.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-9759 moderate 2026-05-27T18:33:18Z 2482358 wireshark: NULL Pointer Dereference in Wireshark CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9759.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-8643 important 2026-05-27T17:03:36Z 2460927 python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite CWE-22 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8643.xml 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2026-9704 moderate 2026-05-27T12:45:59Z RHSA-2026:25098 RHSA-2026:25097 2481877 keycloak: Keycloak: Privilege escalation due to oversized subject_token JWT CWE-1284 rhbk/keycloak-rhel9 rhbk/keycloak-operator-bundle:26.6.3-3 rhbk/keycloak-rhel9:26.6-6 rhbk/keycloak-rhel9-operator:26.6-6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9704.xml 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-42789 important 2026-05-27T12:23:06Z 2482093 erlang: Erlang OTP public_key: Certificate chain forgery via improper trust chain validation CWE-295 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42789.xml 8.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N CVE-2026-1933 important 2026-05-27T12:08:33Z RHSA-2026:22963 RHSA-2026:25049 2447317 samba: Missing access check on reparse point operations CWE-284 samba-0:4.23.5-109.el10_2 samba-0:4.23.5-10.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1933.xml 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2026-2340 moderate 2026-05-27T10:35:47Z RHSA-2026:22963 RHSA-2026:25049 2447318 samba: vfs_worm does not block directory modification CWE-280 samba-0:4.23.5-109.el10_2 samba-0:4.23.5-10.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2340.xml 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2026-9689 moderate 2026-05-27T10:18:25Z 2481845 keycloak: org.keycloak.protocol.oidc: HTTP Parameter Pollution in OIDC redirect URI allows response parameter duplication - #GHI-604 CWE-1288 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9689.xml 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-3012 important 2026-05-27T09:17:49Z RHSA-2026:22963 RHSA-2026:22644 RHSA-2026:25049 2447319 samba: group policy certificate enrollment uses http:// without validation CWE-345 samba-0:4.23.5-109.el10_2 samba-0:4.19.4-16.el8_10 samba-0:4.23.5-10.el9_8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3012.xml 8.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N CVE-2026-48962 important 2026-05-27T03:12:38Z 2481767 perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob CWE-94 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48962.xml 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-10007 important 2026-05-27T00:00:00Z CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10007.xml 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-45981 moderate 2026-05-27T00:00:00Z CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45981.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45840 moderate 2026-05-27T00:00:00Z 2481862 kernel: openvswitch: cap upcall PID array size and pre-size vport replies CWE-131 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45840.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45842 moderate 2026-05-27T00:00:00Z 2481863 kernel: slip: reject VJ receive packets on instances with no rstate array CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45842.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45844 moderate 2026-05-27T00:00:00Z 2481864 kernel: netfilter: arp_tables: fix IEEE1394 ARP payload parsing CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45844.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45839 2026-05-27T00:00:00Z 2481865 kernel: bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec() CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45839.xml CVE-2026-45845 moderate 2026-05-27T00:00:00Z 2481866 kernel: net/sched: taprio: fix NULL pointer dereference in class dump CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45845.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45841 moderate 2026-05-27T00:00:00Z 2481867 kernel: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO CWE-369 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45841.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45846 moderate 2026-05-27T00:00:00Z 2481868 kernel: bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst() CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45846.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45843 moderate 2026-05-27T00:00:00Z 2481869 kernel: slip: bound decode() reads against the compressed packet length CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45843.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45838 moderate 2026-05-27T00:00:00Z 2481870 kernel: bpf: fix end-of-list detection in cgroup_storage_get_next_key() CWE-125 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45838.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45837 important 2026-05-27T00:00:00Z 2481871 kernel: bpf: Fix use-after-free in arena_vm_close on fork CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45837.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45886 moderate 2026-05-27T00:00:00Z 2481904 kernel: bpf: Fix bpf_xdp_store_bytes proto for read-only arg https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45886.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45932 important 2026-05-27T00:00:00Z 2481905 kernel: bpf: Fix tcx/netkit detach permissions when prog fd isn't given https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45932.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46001 2026-05-27T00:00:00Z 2481906 kernel: hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data() CWE-131 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46001.xml CVE-2026-46020 2026-05-27T00:00:00Z 2481907 kernel: mm/damon/core: validate damos_quota_goal->nid for node_mem_{used,free}_bp CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46020.xml CVE-2026-45949 moderate 2026-05-27T00:00:00Z 2481908 kernel: hwrng: core - use RCU and work_struct to fix race condition CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45949.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45869 2026-05-27T00:00:00Z 2481909 kernel: power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed() CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45869.xml CVE-2026-45924 2026-05-27T00:00:00Z 2481910 kernel: ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45924.xml CVE-2026-45925 low 2026-05-27T00:00:00Z 2481911 kernel: thermal/of: Fix reference leak in thermal_of_cm_lookup() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45925.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46011 2026-05-27T00:00:00Z 2481912 kernel: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46011.xml CVE-2026-45876 low 2026-05-27T00:00:00Z 2481913 kernel: arm64/gcs: Fix error handling in arch_set_shadow_stack_status() CWE-390 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45876.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45963 low 2026-05-27T00:00:00Z 2481914 kernel: ASoC: nau8821: Cancel delayed work on component remove CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45963.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45992 low 2026-05-27T00:00:00Z 2481915 kernel: ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45992.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46060 low 2026-05-27T00:00:00Z 2481917 kernel: crypto: qat - fix IRQ cleanup on 6xxx probe failure CWE-459 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46060.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46035 moderate 2026-05-27T00:00:00Z 2481918 kernel: mm/page_alloc: return NULL early from alloc_frozen_pages_nolock() in NMI on UP CWE-413 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46035.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45853 2026-05-27T00:00:00Z 2481919 kernel: drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45853.xml CVE-2026-46084 moderate 2026-05-27T00:00:00Z 2481920 kernel: RDMA/mana_ib: Disable RX steering on RSS QP destroy CWE-459 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46084.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46068 low 2026-05-27T00:00:00Z 2481921 kernel: crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46068.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45984 important 2026-05-27T00:00:00Z 2481922 kernel: gfs2: Fix use-after-free in iomap inline data write path CWE-826 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45984.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46072 2026-05-27T00:00:00Z 2481923 kernel: ntfs3: add buffer boundary checks to run_unpack() CWE-1284 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46072.xml CVE-2026-45922 low 2026-05-27T00:00:00Z 2481924 kernel: RDMA/mlx5: Fix memory leak in GET_DATA_DIRECT_SYSFS_PATH handler CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45922.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46024 moderate 2026-05-27T00:00:00Z 2481926 kernel: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() CWE-1287 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46024.xml 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45996 moderate 2026-05-27T00:00:00Z 2481927 kernel: spi: imx: fix use-after-free on unbind CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45996.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46080 2026-05-27T00:00:00Z 2481928 kernel: ocfs2: split transactions in dio completion to avoid credit exhaustion CWE-770 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46080.xml CVE-2025-71311 2026-05-27T00:00:00Z 2481929 kernel: fs/ntfs3: Initialize new folios before use CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71311.xml CVE-2026-45918 2026-05-27T00:00:00Z 2481930 kernel: ovpn: tcp - don't deref NULL sk_socket member after tcp_close() CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45918.xml CVE-2026-46046 low 2026-05-27T00:00:00Z 2481931 kernel: ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46046.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45973 moderate 2026-05-27T00:00:00Z 2481932 kernel: RDMA/mlx5: Fix UMR hang in LAG error state unload CWE-833 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45973.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45864 moderate 2026-05-27T00:00:00Z 2481933 kernel: fs/ntfs3: prevent infinite loops caused by the next valid being the same CWE-606 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45864.xml CVE-2026-46039 moderate 2026-05-27T00:00:00Z 2481934 kernel: rxgk: Fix potential integer overflow in length check CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46039.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45975 important 2026-05-27T00:00:00Z 2481935 kernel: ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd CWE-820 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45975.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46015 moderate 2026-05-27T00:00:00Z 2481936 kernel: tcp: call sk_data_ready() after listener migration CWE-821 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46015.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45952 2026-05-27T00:00:00Z 2481937 kernel: eth: fbnic: Add validation for MTU changes CWE-1284 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45952.xml CVE-2026-46093 moderate 2026-05-27T00:00:00Z 2481938 kernel: mm/vmalloc: take vmap_purge_lock in shrinker CWE-414 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46093.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46006 2026-05-27T00:00:00Z 2481939 kernel: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check CWE-190 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46006.xml CVE-2026-45894 moderate 2026-05-27T00:00:00Z 2481940 kernel: iommu/vt-d: Clear Present bit before tearing down PASID entry CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45894.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-71305 moderate 2026-05-27T00:00:00Z 2481941 kernel: drm/display/dp_mst: Add protection against 0 vcpi CWE-1335 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71305.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-71307 2026-05-27T00:00:00Z 2481942 kernel: drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug CWE-824 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71307.xml CVE-2026-45873 low 2026-05-27T00:00:00Z 2481943 kernel: netfilter: nft_set_rbtree: check for partial overlaps in anonymous sets CWE-1288 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45873.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46059 low 2026-05-27T00:00:00Z 2481944 kernel: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN CWE-841 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46059.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46079 moderate 2026-05-27T00:00:00Z 2481945 kernel: rbd: fix null-ptr-deref when device_add_disk() fails CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46079.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45875 2026-05-27T00:00:00Z 2481946 kernel: mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45875.xml CVE-2026-45896 low 2026-05-27T00:00:00Z 2481947 kernel: mtd: intel-dg: Fix accessing regions before setting nregions CWE-909 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45896.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45959 moderate 2026-05-27T00:00:00Z 2481948 kernel: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45959.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45934 moderate 2026-05-27T00:00:00Z 2481949 kernel: btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45934.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45917 low 2026-05-27T00:00:00Z 2481951 kernel: ipvs: do not keep dest_dst if dev is going down CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45917.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45905 low 2026-05-27T00:00:00Z 2481952 kernel: xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45905.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45902 2026-05-27T00:00:00Z 2481953 kernel: power: supply: bq256xx: Fix use-after-free in power_supply_changed() CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45902.xml CVE-2026-46025 2026-05-27T00:00:00Z 2481954 kernel: mm/damon/core: fix damon_call() vs kdamond_fn() exit race CWE-366 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46025.xml CVE-2026-46022 moderate 2026-05-27T00:00:00Z 2481955 kernel: misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt() CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46022.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45956 2026-05-27T00:00:00Z 2481956 kernel: drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl() CWE-466 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45956.xml CVE-2026-46051 moderate 2026-05-27T00:00:00Z 2481957 kernel: md/raid5: fix soft lockup in retry_aligned_read() CWE-835 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46051.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45962 moderate 2026-05-27T00:00:00Z 2481958 kernel: ublk: Validate SQE128 flag before accessing the cmd CWE-1285 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45962.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45966 2026-05-27T00:00:00Z 2481959 kernel: apparmor: fix NULL pointer dereference in __unix_needs_revalidation CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45966.xml CVE-2026-46034 2026-05-27T00:00:00Z 2481960 kernel: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path CWE-909 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46034.xml CVE-2026-45935 2026-05-27T00:00:00Z 2481961 kernel: fs/ntfs3: Fix slab-out-of-bounds read in DeleteIndexEntryRoot CWE-805 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45935.xml CVE-2026-45990 2026-05-27T00:00:00Z 2481962 kernel: slub: fix data loss and overflow in krealloc() CWE-787 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45990.xml CVE-2026-46057 2026-05-27T00:00:00Z 2481963 kernel: landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork() CWE-281 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46057.xml CVE-2026-45948 low 2026-05-27T00:00:00Z 2481964 kernel: ext4: fix memory leak in ext4_ext_shift_extents() CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45948.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45944 moderate 2026-05-27T00:00:00Z 2481965 kernel: iommu/vt-d: Clear Present bit before tearing down context entry CWE-367 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45944.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46053 important 2026-05-27T00:00:00Z 2481966 kernel: net: rds: fix MR cleanup on copy error CWE-763 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46053.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45920 low 2026-05-27T00:00:00Z 2481967 kernel: ext4: fix dirtyclusters double decrement on fs shutdown CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45920.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46045 moderate 2026-05-27T00:00:00Z 2481969 kernel: md/md-llbitmap: skip reading rdevs that are not in_sync CWE-821 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46045.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45974 moderate 2026-05-27T00:00:00Z 2481970 kernel: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found CWE-390 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45974.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-46100 2026-05-27T00:00:00Z 2481971 kernel: fs: afs: revert mmap_prepare() change CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46100.xml CVE-2026-46099 important 2026-05-27T00:00:00Z 2481972 kernel: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels CWE-911 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46099.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-45972 important 2026-05-27T00:00:00Z 2481973 kernel: smb: client: fix potential UAF and double free in smb2_open_file() CWE-825 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45972.xml 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-46077 2026-05-27T00:00:00Z 2481974 kernel: crypto: atmel-tdes - fix DMA sync direction CWE-821 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46077.xml CVE-2026-45982 low 2026-05-27T00:00:00Z 2481975 kernel: ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch() CWE-476 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45982.xml 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-45928 2026-05-27T00:00:00Z 2481976 kernel: media: chips-media: wave5: Fix memory leak on codec_info allocation failure CWE-772 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45928.xml CVE-2026-45977 2026-05-27T00:00:00Z 2481977 kernel: fbnic: close fw_log race between users and teardown CWE-364 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45977.xml