Red Hat Security Api | Red Hat Customer Portal Labs

CVE-2026-44188
Severity: moderate
Released on: 15/06/2026
Advisory: RHSA-2026:25928,
Bugzilla: 2466764
Bugzilla Description: ansible-lightspeed: Ansible Lightspeed: Session hijacking and unauthorized data access due to insufficient session expiration
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-613
Affected Packages: ansible-automation-platform-27/lightspeed-rhel9:1781025813,
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,
Full Details
CVE document

CVE-2026-12216
Severity: moderate
Released on: 15/06/2026
Advisory:
Bugzilla: 2488812
Bugzilla Description: Duktape: svaarala duktape duk_api_bytecode.c memory corruption
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document

CVE-2026-52718
Severity: moderate
Released on: 15/06/2026
Advisory:
Bugzilla: 2486328
Bugzilla Description: gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tile_list_obu parser byte/bit confusion
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-52719
Severity: important
Released on: 15/06/2026
Advisory:
Bugzilla: 2486353
Bugzilla Description: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-52720
Severity: important
Released on: 15/06/2026
Advisory:
Bugzilla: 2486731
Bugzilla Description: gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-52721
Severity: moderate
Released on: 15/06/2026
Advisory:
Bugzilla: 2486732
Bugzilla Description: gstreamer1-plugins-bad-free: GStreamer: Multiple out-of-bounds reads in pcapparse IPv4/TCP header parsing
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-52722
Severity: important
Released on: 15/06/2026
Advisory:
Bugzilla: 2486733
Bugzilla Description: gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-45833
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488430
Bugzilla Description: chromadb: ChromaDB: Arbitrary Code Execution via Code Injection
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-45832
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488411
Bugzilla Description: chromadb: ChromaDB: Authorization bypass in V1 collection-level endpoints
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-551
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-45831
Severity: moderate
Released on: 12/06/2026
Advisory:
Bugzilla: 2488417
Bugzilla Description: ChromaDB: ChromaDB: Unauthorized cross-tenant actions due to improper authorization checks
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-50560
Severity: moderate
Released on: 12/06/2026
Advisory:
Bugzilla: 2488407
Bugzilla Description: netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-50020
Severity: moderate
Released on: 12/06/2026
Advisory:
Bugzilla: 2488421
Bugzilla Description: netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-444
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-50011
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488413
Bugzilla Description: netty-codec-redis: Netty: Denial of Service via malicious Redis array header
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-50010
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488429
Bugzilla Description: netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-347
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Offline Knowledge Portal,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-45830
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488408
Bugzilla Description: chromadb: ChromaDB: Unauthorized data manipulation due to improper authorization validation
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-48748
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488441
Bugzilla Description: netty: Netty: Denial of Service due to memory exhaustion in HTTP/3 codec
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat build of Apache Camel - HawtIO 4,
Full Details
CVE document

CVE-2026-48059
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488437
Bugzilla Description: netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-48043
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488442
Bugzilla Description: netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-48006
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488433
Bugzilla Description: netty-codec-redis: Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-47691
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488439
Bugzilla Description: io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-47244
Severity: moderate
Released on: 12/06/2026
Advisory:
Bugzilla: 2488399
Bugzilla Description: netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-46340
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488388
Bugzilla Description: netty-transport-sctp: Netty-transport-sctp: Denial of Service due to unbounded memory growth from SctpMessage fragments
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-45674
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488400
Bugzilla Description: netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-45673
Severity: moderate
Released on: 12/06/2026
Advisory:
Bugzilla: 2488386
Bugzilla Description: netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-1241
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-45536
Severity: moderate
Released on: 12/06/2026
Advisory:
Bugzilla: 2488394
Bugzilla Description: netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-167
Affected Packages:
Package States: Cryostat 4,Red Hat AMQ Broker 7,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Debezium 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Data Grid 8,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Offline Knowledge Portal,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-45416
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488391
Bugzilla Description: netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Offline Knowledge Portal,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-44894
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488380
Bugzilla Description: netty-codec-classes-quic: Netty: Denial of Service amplification via improper QUIC token validation
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-346
Affected Packages:
Package States: Red Hat build of Apache Camel - HawtIO 4,
Full Details
CVE document

CVE-2026-44893
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488383
Bugzilla Description: netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-805
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-50633
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488307
Bugzilla Description: apache-cxf: org.apache.cxf/cxf-integration-jca: Apache CXF: Arbitrary code execution via JNDI Injection
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-50628
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488302
Bugzilla Description: cxf: org.apache.cxf/cxf-rt-rs-security-oauth2: cxf: Unauthorized access due to logic error in OAuthRequestFilter
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-358
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Web Server 5,Red Hat JBoss Web Server 5,
Full Details
CVE document

CVE-2026-50627
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488298
Bugzilla Description: apache-cxf: org.apache.cxf/cxf-rt-rs-security-oauth2: Apache CXF: Token Confusion/Routing attacks due to improper validation of JWT audience claims
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-303
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Web Server 5,Red Hat JBoss Web Server 5,
Full Details
CVE document

CVE-2026-49875
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2488309
Bugzilla Description: cxf: org.apache.cxf/cxf-core: Apache CXF: Information disclosure via out-of-band external entity resolution due to missing JAXP hardening
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-611
Affected Packages:
Package States: Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Web Server 5,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-53703
Severity: moderate
Released on: 12/06/2026
Advisory:
Bugzilla: 2487613
Bugzilla Description: gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-53704
Severity: moderate
Released on: 12/06/2026
Advisory:
Bugzilla: 2487614
Bugzilla Description: gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer FILEINFO metadata parser
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-53705
Severity: important
Released on: 12/06/2026
Advisory:
Bugzilla: 2487615
Bugzilla Description: gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-44890
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2488053
Bugzilla Description: netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-44250
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2488062
Bugzilla Description: netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-44249
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2488081
Bugzilla Description: netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Offline Knowledge Portal,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-52859
Severity: moderate
Released on: 11/06/2026
Advisory:
Bugzilla: 2487989
Bugzilla Description: vim: Vim: Denial of Service via out-of-bounds write in terminal handling
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-44486
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2487947
Bugzilla Description: axios: Axios: Information disclosure of proxy credentials via HTTP redirects
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-201
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-44487
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2487948
Bugzilla Description: axios: Axios: Information disclosure of proxy credentials via redirect flows
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-201
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-44488
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2487949
Bugzilla Description: axios: Axios: Denial of Service due to unenforced request and response size limits
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-44490
Severity: moderate
Released on: 11/06/2026
Advisory:
Bugzilla: 2487941
Bugzilla Description: axios: Axios: Information disclosure and denial of service due to prototype pollution
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-915
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-44496
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2487943
Bugzilla Description: axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1333
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-44495
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2487937
Bugzilla Description: axios: Axios: Information disclosure due to prototype pollution vulnerability
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-915
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-44494
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2487942
Bugzilla Description: axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-915
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-44489
Severity: low
Released on: 11/06/2026
Advisory:
Bugzilla: 2487940
Bugzilla Description: axios: Axios: Information disclosure via Prototype Pollution
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-346
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-44492
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2487938
Bugzilla Description: axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-289
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-11986
Severity: moderate
Released on: 11/06/2026
Advisory:
Bugzilla: 2487906
Bugzilla Description: keycloak-rest-admin-ui-ext: Authorization Bypass vulnerability in the admin-ui-ext bulk role-mapping-delete endpoints of Keycloak
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-425
Affected Packages:
Package States: Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-11816
Severity: important
Released on: 11/06/2026
Advisory:
Bugzilla: 2487912
Bugzilla Description: keras: Keras: Arbitrary file write via path traversal in archive extraction utilities
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-48998
Severity: moderate
Released on: 11/06/2026
Advisory:
Bugzilla: 2487891
Bugzilla Description: guzzlehttp/psr7: guzzlehttp/psr7: Information disclosure via improper Host header validation
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-47734
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487774
Bugzilla Description: dulwich: Dulwich: Denial of Service via crafted Git thin pack
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-53465
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487772
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via crafted multi-frame image leading to heap buffer overwrite
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-53464
Severity: low
Released on: 10/06/2026
Advisory:
Bugzilla: 2487768
Bugzilla Description: ImageMagick: ImageMagick: Memory leak via invalid options to wand option parser
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-53463
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487746
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via incorrect arguments in distort operation
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-53462
Severity: low
Released on: 10/06/2026
Advisory:
Bugzilla: 2487761
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service due to heap-use-after-free in CheckPrimitiveExtent
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-47712
Severity: low
Released on: 10/06/2026
Advisory:
Bugzilla: 2487762
Bugzilla Description: dulwich: Dulwich: Arbitrary file write via malicious commit subject in format_patch
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-49219
Severity: low
Released on: 10/06/2026
Advisory:
Bugzilla: 2487752
Bugzilla Description: ImageMagick: ImageMagick: Information disclosure via incorrect filename parsing
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-59
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-48994
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487771
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via heap buffer over-write in MAT decoder
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-48734
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487756
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via crafted MVG file leading to stack overflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-48733
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487767
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via crafted image in subimage-search
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-48724
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487759
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via heap buffer overwrite in Floyd-Steinberg dithering
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-124
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-47166
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487748
Bugzilla Description: ImageMagick: Magick.NET: ImageMagick: Information Disclosure and Denial of Service via heap buffer over-read
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-47165
Severity: low
Released on: 10/06/2026
Advisory:
Bugzilla: 2487760
Bugzilla Description: ImageMagick: ImageMagick: Information disclosure due to missing authentication in distributed pixel cache
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-306
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-46693
Severity: low
Released on: 10/06/2026
Advisory:
Bugzilla: 2487754
Bugzilla Description: ImageMagick: Magick.NET: ImageMagick: Information disclosure via file descriptor hijacking due to a race condition.
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-910
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-46692
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487749
Bugzilla Description: ImageMagick: ImageMagick: Heap buffer over-write via `magick -distribute-cache` service connection
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-46559
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487755
Bugzilla Description: ImageMagick: ImageMagick: Denial of service via heap buffer overwrite in JP2 processing
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-46557
Severity: low
Released on: 10/06/2026
Advisory:
Bugzilla: 2487747
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via crafted argument in fx operation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-46521
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487766
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via out-of-bounds write in LZMA MIFF encoder
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-46520
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487729
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via out-of-bounds write when processing multiple images
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-45664
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487732
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service due to excessive resource use in MNG coder
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-46522
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487730
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via crafted MIFF file
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-45624
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487739
Bugzilla Description: ImageMagick: ImageMagick: Data exposure due to image processing vulnerability
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-45359
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487737
Bugzilla Description: ImageMagick: ImageMagick: Information Disclosure via Invalid Connected-Components Value
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-42326
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487735
Bugzilla Description: ImageMagick: ImageMagick: Information disclosure via malicious IPTC input file
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-45031
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487734
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service due to resource policy bypass in PSD decoder
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-2049
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487738
Bugzilla Description: gimp: gegl: GIMP: Remote Code Execution via HDR File Parsing Heap-based Buffer Overflow
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46523
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487743
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-10143
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487722
Bugzilla Description: kafka-python: kafka-python: Denial of Service via excessive SCRAM authentication iteration count
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document

CVE-2026-10142
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487704
Bugzilla Description: kafka-python: kafka-python: Denial of Service due to crafted frame length in protocol parser
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document

CVE-2026-46529
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487669
Bugzilla Description: atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-77
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-6893
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2459963
Bugzilla Description: dracut: dracut: Root code execution via DHCP options command injection
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-48096
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487602
Bugzilla Description: OpenFGA: OpenFGA: Incorrect authorization due to cache key collision in iterator caching
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-639
Affected Packages:
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,
Full Details
CVE document

CVE-2026-48855
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487603
Bugzilla Description: erlang: Erlang OTP ssh: Information disclosure via symlink resolution in SFTP
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-59
Affected Packages:
Package States: Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2026-53442
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487556
Bugzilla Description: jenkins: Jenkins: Information disclosure of secrets via unencrypted storage
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-312
Affected Packages:
Package States: OpenShift Developer Tools and Services,
Full Details
CVE document

CVE-2026-53439
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487549
Bugzilla Description: jenkins: Jenkins: Information Disclosure via Missing Permission Checks
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-862
Affected Packages:
Package States: OpenShift Developer Tools and Services,
Full Details
CVE document

CVE-2026-53435
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487539
Bugzilla Description: jenkins: Jenkins: Arbitrary code execution via deserialization of attacker-controlled configuration
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: OpenShift Developer Tools and Services,
Full Details
CVE document

CVE-2025-71329
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487540
Bugzilla Description: image-size: image-size: Denial of Service via crafted image buffer with zero-valued size field
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Gatekeeper 3,Red Hat Build of Podman Desktop,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2025-71330
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487553
Bugzilla Description: image-size: image-size: Denial of Service via crafted ICNS image buffer
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Gatekeeper 3,Red Hat Build of Podman Desktop,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2026-11850
Severity: moderate
Released on: 10/06/2026
Advisory: RHSA-2026:25520,
Bugzilla: 2459970
Bugzilla Description: krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-191
Affected Packages: krb5-main-1.22.2-8.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-11837
Severity: important
Released on: 10/06/2026
Advisory:
Bugzilla: 2487424
Bugzilla Description: ansible-collection-ansible-posix: ansible.posix authorized_key: local privilege escalation via symlink-following chown
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-59
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2026-53701
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487611
Bugzilla Description: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds write in H.266/VVC PPS picture partition parser
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-53702
Severity: moderate
Released on: 10/06/2026
Advisory:
Bugzilla: 2487612
Bugzilla Description: gstreamer1-plugins-bad-free: GStreamer: Stack buffer overflow in H.265 buffering period SEI parser
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-41726
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2487380
Bugzilla Description: spring-kafka: Spring-kafka: Denial of Service due to unbounded heap growth via unique header values
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-46433
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2487363
Bugzilla Description: lldpd: lldpd: Denial of Service due to heap buffer over-read when processing VLAN-tagged Ethernet frames
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-45591
Severity: important
Released on: 09/06/2026
Advisory: RHSA-2026:25110, RHSA-2026:25220, RHSA-2026:25111, RHSA-2026:25221, RHSA-2026:25112, RHSA-2026:25222, RHSA-2026:17527, RHSA-2026:25113, RHSA-2026:25114, RHSA-2026:25115,
Bugzilla: 2487224
Bugzilla Description: dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages: dotnet8.0-0:8.0.128-1.el10_2,dotnet8.0-0:8.0.128-1.el8_10,dotnet10.0-0:10.0.109-1.el9_8,dotnet10.0-0:10.0.109-1.el8_10,dotnet9.0-0:9.0.118-1.el9_8,dotnet9.0-0:9.0.118-1.el10_2,dotnet9.0-0:9.0.118-1.el8_10,dotnet8.0-0:8.0.128-1.el9_8,dotnet9-0-main-9.0.117-1.hum1,dotnet10.0-0:10.0.109-1.el10_2,
Package States: Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-45491
Severity: moderate
Released on: 09/06/2026
Advisory: RHSA-2026:25110, RHSA-2026:25220, RHSA-2026:25111, RHSA-2026:25221, RHSA-2026:25112, RHSA-2026:25222, RHSA-2026:17527, RHSA-2026:25113, RHSA-2026:25114, RHSA-2026:25115,
Bugzilla: 2487164
Bugzilla Description: dotnet: .NET: Local file tampering via link following vulnerability
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-59
Affected Packages: dotnet8.0-0:8.0.128-1.el10_2,dotnet8.0-0:8.0.128-1.el8_10,dotnet10.0-0:10.0.109-1.el9_8,dotnet10.0-0:10.0.109-1.el8_10,dotnet9.0-0:9.0.118-1.el9_8,dotnet9.0-0:9.0.118-1.el10_2,dotnet9.0-0:9.0.118-1.el8_10,dotnet8.0-0:8.0.128-1.el9_8,dotnet9-0-main-9.0.117-1.hum1,dotnet10.0-0:10.0.109-1.el10_2,
Package States: Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-45490
Severity: important
Released on: 09/06/2026
Advisory:
Bugzilla: 2487184
Bugzilla Description: dotnet: .NET SDK workload elevate: arbitrary file creation/truncation via LogFile named pipe.
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-42599
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2487076
Bugzilla Description: svelte: Svelte: Cross-Site Scripting via untrusted data in spread attributes
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat Build of Podman Desktop,Red Hat Build of Podman Desktop - Tech Preview,
Full Details
CVE document

CVE-2026-42567
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2487114
Bugzilla Description: svelte: Svelte: Regular Expression Denial of Service (ReDoS)
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-1333
Affected Packages:
Package States: Red Hat Build of Podman Desktop,Red Hat Build of Podman Desktop - Tech Preview,
Full Details
CVE document

CVE-2026-42570
Severity: important
Released on: 09/06/2026
Advisory:
Bugzilla: 2487050
Bugzilla Description: devalue: devalue: Excessive memory consumption via deserialization of sparse arrays
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Build of Podman Desktop,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2025-10263
Severity: important
Released on: 09/06/2026
Advisory:
Bugzilla: 2486958
Bugzilla Description: kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources
CVSS Score:
CVSSv3 Score: 8.4
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux for NVIDIA 26,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-52903
Severity: important
Released on: 09/06/2026
Advisory:
Bugzilla: 2486730
Bugzilla Description: manageiq: YAML safe_load production fallback to unsafe_load enables RCE via deserialization
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-502
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-9698
Severity: important
Released on: 09/06/2026
Advisory:
Bugzilla: 2486734
Bugzilla Description: DBI: DBI: Buffer overflow in error handling can lead to arbitrary code execution
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-52902
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2486729
Bugzilla Description: awxkit: path traversal via YAML !include directive
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,
Full Details
CVE document

CVE-2026-41843
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2486714
Bugzilla Description: spring-webflux: spring-webmvc: Spring Framework: Information Disclosure via Path Traversal
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-11623
Severity: low
Released on: 09/06/2026
Advisory:
Bugzilla: 2486713
Bugzilla Description: tmux: tmux: Use-after-free vulnerability
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-7383
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481879
Bugzilla Description: openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-9076
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481880
Bugzilla Description: openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-131
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-34180
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481881
Bugzilla Description: openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-190
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-34181
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481882
Bugzilla Description: openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-347
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-34182
Severity: moderate
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481884
Bugzilla Description: openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-130
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-34183
Severity: moderate
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481885
Bugzilla Description: openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-42764
Severity: moderate
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481887
Bugzilla Description: openssl: NULL pointer dereference in QUIC server initial packet handling
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-476
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-42766
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481890
Bugzilla Description: openssl: Possible NULL Dereference in Password-Based CMS Decryption
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-476
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-42767
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481891
Bugzilla Description: openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-476
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-42768
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481892
Bugzilla Description: openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-205
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-42769
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481893
Bugzilla Description: openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-295
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-42770
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481894
Bugzilla Description: openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-354
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-45445
Severity: moderate
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481896
Bugzilla Description: openssl: AES-OCB IV Ignored on EVP_Cipher() Path
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: CWE-1204
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-45446
Severity: low
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481897
Bugzilla Description: openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-347
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-45447
Severity: important
Released on: 09/06/2026
Advisory: RHSA-2026:25239, RHSA-2026:25237,
Bugzilla: 2481898
Bugzilla Description: openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-825
Affected Packages: openssl-1:3.5.5-4.el10_2,openssl-1:3.5.5-4.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-46315
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2486933
Bugzilla Description: kernel: io_uring/waitid: clear waitid info before copying it to userspace
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46317
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2486976
Bugzilla Description: kernel: KVM: arm64: Reassign nested_mmus array behind mmu_lock
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46321
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2486977
Bugzilla Description: kernel: tun: free page on short-frame rejection in tun_xdp_one()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46319
Severity: important
Released on: 09/06/2026
Advisory:
Bugzilla: 2486979
Bugzilla Description: kernel: net/sched: act_ct: Only release RCU read lock after ct_ft
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46324
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2486980
Bugzilla Description: kernel: netfilter: nf_tables: use list_del_rcu for netlink hooks
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46316
Severity: important
Released on: 09/06/2026
Advisory:
Bugzilla: 2486982
Bugzilla Description: kernel: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46318
Severity: low
Released on: 09/06/2026
Advisory:
Bugzilla: 2486983
Bugzilla Description: kernel: Revert "mm/hugetlbfs: update hugetlbfs to use mmap_prepare"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46320
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2486985
Bugzilla Description: kernel: tap: free page on error paths in tap_get_user_xdp()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46322
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2486987
Bugzilla Description: kernel: tun: free page on build_skb failure in tun_xdp_one()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46327
Severity: low
Released on: 09/06/2026
Advisory:
Bugzilla: 2486994
Bugzilla Description: kernel: dm: fix unlocked test for dm_suspended_md
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46332
Severity:
Released on: 09/06/2026
Advisory:
Bugzilla: 2486995
Bugzilla Description: kernel: greybus: gb-beagleplay: bound bootloader receive buffering
CVSS Score:
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46326
Severity:
Released on: 09/06/2026
Advisory:
Bugzilla: 2486997
Bugzilla Description: kernel: iio: pressure: mprls0025pa: fix spi_transfer struct initialisation
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-52906
Severity:
Released on: 09/06/2026
Advisory:
Bugzilla: 2486998
Bugzilla Description: kernel: 9p: fix access mode flags being ORed instead of replaced
CVSS Score:
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46330
Severity: important
Released on: 09/06/2026
Advisory:
Bugzilla: 2486999
Bugzilla Description: kernel: Revert "net/smc: Introduce TCP ULP support"
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-915
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46328
Severity:
Released on: 09/06/2026
Advisory:
Bugzilla: 2487000
Bugzilla Description: kernel: apparmor: fix rlimit for posix cpu timers
CVSS Score:
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-52907
Severity:
Released on: 09/06/2026
Advisory:
Bugzilla: 2487001
Bugzilla Description: kernel: media: rockchip: rkcif: fix off by one bugs
CVSS Score:
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46325
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2487002
Bugzilla Description: kernel: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-52904
Severity:
Released on: 09/06/2026
Advisory:
Bugzilla: 2487003
Bugzilla Description: kernel: drm/nouveau: fix nvkm_device leak on aperture removal failure
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-52905
Severity:
Released on: 09/06/2026
Advisory:
Bugzilla: 2487004
Bugzilla Description: kernel: mm/damon/core: disallow non-power of two min_region_sz on damon_start()
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46329
Severity: moderate
Released on: 09/06/2026
Advisory:
Bugzilla: 2487005
Bugzilla Description: kernel: erofs: handle end of filesystem properly for file-backed mounts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-9669
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486590
Bugzilla Description: python: Python: Denial of Service via out-of-bounds write in BZ2 decompression
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-44631
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486399
Bugzilla Description: httpd: Apache HTTP Server: Denial of Service via crafted regular expressions
CVSS Score:
CVSSv3 Score: 9.4
Vector:
CWE: CWE-124
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-44119
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486416
Bugzilla Description: httpd: Apache HTTP Server: Local .htaccess authors can read files with httpd user privileges
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-42535
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486406
Bugzilla Description: httpd: Apache httpd mod_dav_fs: Denial of Service due to path handling issue
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-29170
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486419
Bugzilla Description: httpd: Apache HTTP Server: Cross-site scripting in mod_proxy_ftp via HTML directory list generation
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-11577
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2459993
Bugzilla Description: keycloak: keycloak: privilege escalation via partialImport FGAP permission bypass
CVSS Score:
CVSSv3 Score: 7.2
Vector:
CWE: CWE-863
Affected Packages:
Package States: Red Hat Build of Keycloak,Red Hat Data Grid 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-11569
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486194
Bugzilla Description: quay: quay: Stored XSS via Filedrop SVG Upload
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document

CVE-2025-71315
Severity: low
Released on: 08/06/2026
Advisory:
Bugzilla: 2486385
Bugzilla Description: kernel: drm/vkms: Convert to DRM's vblank timer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46275
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486398
Bugzilla Description: kernel: Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46274
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486404
Bugzilla Description: kernel: io-wq: check that the predecessor is hashed in io_wq_remove_pending()
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46292
Severity: low
Released on: 08/06/2026
Advisory:
Bugzilla: 2486428
Bugzilla Description: kernel: pmdomain: core: Fix detach procedure for virtual devices in genpd
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46313
Severity: low
Released on: 08/06/2026
Advisory:
Bugzilla: 2486429
Bugzilla Description: kernel: media: intel/ipu6: fix error pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46299
Severity: low
Released on: 08/06/2026
Advisory:
Bugzilla: 2486430
Bugzilla Description: kernel: hfsplus: fix held lock freed on hfsplus_fill_super()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46302
Severity: low
Released on: 08/06/2026
Advisory:
Bugzilla: 2486432
Bugzilla Description: kernel: selinux: allow multiple opens of /sys/fs/selinux/policy
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46295
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486435
Bugzilla Description: kernel: KVM: x86: Do IRR scan in __kvm_apic_update_irr even if PIR is empty
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46289
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486436
Bugzilla Description: kernel: lib/scatterlist: fix length calculations in extract_kvec_to_sg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46279
Severity: low
Released on: 08/06/2026
Advisory:
Bugzilla: 2486437
Bugzilla Description: kernel: mm/alloc_tag: clear codetag for pages allocated before page_ext initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46312
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486438
Bugzilla Description: kernel: media: videobuf2: Set vma_flags in vb2_dma_sg_mmap
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-628
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46305
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486439
Bugzilla Description: kernel: staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46308
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486440
Bugzilla Description: kernel: pmdomain: mediatek: fix use-after-free in scpsys_get_bus_protection_legacy()
CVSS Score:
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46310
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486441
Bugzilla Description: kernel: media: renesas: vsp1: Fix NULL pointer deref on module unload
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46296
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486443
Bugzilla Description: kernel: spi: s3c64xx: fix NULL-deref on driver unbind
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46277
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486444
Bugzilla Description: kernel: mm/zone_device: do not touch device folio after calling ->folio_free()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46283
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486445
Bugzilla Description: kernel: tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-212
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46285
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486447
Bugzilla Description: kernel: mtd: docg3: fix use-after-free in docg3_release()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46304
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486448
Bugzilla Description: kernel: nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46280
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486449
Bugzilla Description: kernel: lib: test_hmm: evict device pages on file close to avoid use-after-free
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46301
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486450
Bugzilla Description: kernel: spi: topcliff-pch: fix use-after-free on unbind
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46278
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486451
Bugzilla Description: kernel: drm/imagination: Fix segfault when updating ftrace mask
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46314
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486452
Bugzilla Description: kernel: drm/v3d: Reject empty multisync extension to prevent infinite loop
CVSS Score:
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46294
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486454
Bugzilla Description: kernel: dm: fix a buffer overflow in ioctl processing
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46281
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486455
Bugzilla Description: kernel: vmalloc: fix buffer overflow in vrealloc_node_align()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46307
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486456
Bugzilla Description: kernel: wifi: ath5k: do not access array OOB
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46290
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486457
Bugzilla Description: kernel: x86/efi: Fix graceful fault handling after FPU softirq changes
CVSS Score:
Vector:
CWE: CWE-663
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46282
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486460
Bugzilla Description: kernel: iio: frequency: admv1013: fix NULL pointer dereference on str
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46306
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486463
Bugzilla Description: kernel: flow_dissector: do not dissect PPPoE PFC frames
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46291
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486465
Bugzilla Description: kernel: crypto: caam - guard HMAC key hex dumps in hash_digest_key
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-215
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46287
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486467
Bugzilla Description: kernel: net: txgbe: fix RTNL assertion warning when remove module
CVSS Score:
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46309
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486468
Bugzilla Description: kernel: drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-524
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46288
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486469
Bugzilla Description: kernel: of: unittest: fix use-after-free in of_unittest_changeset()
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46311
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486470
Bugzilla Description: kernel: drm/amdgpu/userq: fix access to stale wptr mapping
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46293
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486474
Bugzilla Description: kernel: clk: microchip: mpfs-ccc: fix out of bounds access during output registration
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46284
Severity: low
Released on: 08/06/2026
Advisory:
Bugzilla: 2486475
Bugzilla Description: kernel: mm/hugetlb: fix early boot crash on parameters without '=' separator
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46297
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486476
Bugzilla Description: kernel: net: libwx: use request_irq for VF misc interrupt
CVSS Score:
Vector:
CWE: CWE-628
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46276
Severity:
Released on: 08/06/2026
Advisory:
Bugzilla: 2486479
Bugzilla Description: kernel: drm/amdgpu: fix zero-size GDS range init on RDNA4
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46298
Severity: low
Released on: 08/06/2026
Advisory:
Bugzilla: 2486480
Bugzilla Description: kernel: pseries/papr-hvpipe: Fix race with interrupt handler
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-11697
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486597
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in UI
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11670
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486598
Bugzilla Description: chromium-browser: Use after free in PDF
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11662
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486599
Bugzilla Description: chromium-browser: Type Confusion in Bindings
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11678
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486600
Bugzilla Description: chromium-browser: Integer overflow in libyuv
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11637
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486601
Bugzilla Description: chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11699
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486602
Bugzilla Description: chromium-browser: Use after free in Bluetooth
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11629
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486603
Bugzilla Description: chromium-browser: Use after free in Ozone
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11628
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486604
Bugzilla Description: chromium-browser: Use after free in Ozone
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11642
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486605
Bugzilla Description: chromium-browser: Use after free in Web Apps
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11647
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486606
Bugzilla Description: chromium-browser: Use after free in Printing
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11635
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486607
Bugzilla Description: chromium-browser: Use after free in Bluetooth
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11646
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486608
Bugzilla Description: chromium-browser: Use after free in ViewTransitions
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-772
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11648
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486609
Bugzilla Description: chromium-browser: Use after free in FullScreen
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11696
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486610
Bugzilla Description: chromium-browser: Uninitialized Use in Video
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11701
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486611
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Guest View
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11644
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486612
Bugzilla Description: chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11694
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486613
Bugzilla Description: chromium-browser: Use after free in ServiceWorker
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11666
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486614
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Input
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11652
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486615
Bugzilla Description: chromium-browser: Use after free in Extensions
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11649
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486616
Bugzilla Description: chromium-browser: Use after free in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11681
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486617
Bugzilla Description: chromium-browser: Use after free in Ozone
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11665
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486618
Bugzilla Description: chromium-browser: Out of bounds read in Dawn
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11695
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486619
Bugzilla Description: chromium-browser: Inappropriate implementation in Passwords
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11685
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486620
Bugzilla Description: chromium-browser: Insufficient data validation in MediaCapture
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11643
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486621
Bugzilla Description: chromium-browser: Use after free in Proxy
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11673
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486622
Bugzilla Description: chromium-browser: Use after free in InterestGroups
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11641
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486623
Bugzilla Description: chromium-browser: Use after free in Bluetooth
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11676
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486624
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Dawn
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11638
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486625
Bugzilla Description: chromium-browser: Use after free in Printing
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11654
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486626
Bugzilla Description: chromium-browser: Use after free in CameraCapture
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11671
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486627
Bugzilla Description: chromium-browser: Use after free in Navigation
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11690
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486628
Bugzilla Description: chromium-browser: Out of bounds read and write in Media
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-823
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11669
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486629
Bugzilla Description: chromium-browser: Integer overflow in Media
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11686
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486630
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Dawn
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11650
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486631
Bugzilla Description: chromium-browser: Use after free in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11661
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486632
Bugzilla Description: chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11645
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486633
Bugzilla Description: chromium-browser: Out of bounds memory access in V8
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11657
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486634
Bugzilla Description: chromium-browser: Use after free in Payments
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11683
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486635
Bugzilla Description: chromium-browser: Use after free in WebCodecs
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11664
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486636
Bugzilla Description: chromium-browser: Use after free in Payments
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11680
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486637
Bugzilla Description: chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11634
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486638
Bugzilla Description: chromium-browser: Use after free in Gamepad
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11632
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486639
Bugzilla Description: chromium-browser: Use after free in TabStrip
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11674
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486640
Bugzilla Description: chromium-browser: Use after free in Guest View
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11687
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486641
Bugzilla Description: chromium-browser: Use after free in Dawn
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11663
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486642
Bugzilla Description: chromium-browser: Use after free in Skia
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11653
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486643
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Extensions
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11675
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486644
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Skia
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11667
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486645
Bugzilla Description: chromium-browser: Out of bounds read in WebRTC
CVSS Score:
CVSSv3 Score: 8.3
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11682
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486646
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Views
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11700
Severity: moderate
Released on: 08/06/2026
Advisory:
Bugzilla: 2486647
Bugzilla Description: chromium-browser: Use after free in Tracing
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11636
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486648
Bugzilla Description: chromium-browser: Use after free in Autofill
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11630
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486649
Bugzilla Description: chromium-browser: Use after free in File Input
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11691
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486650
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in New Tab Page
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11698
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486651
Bugzilla Description: chromium-browser: Use after free in Bluetooth
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-1341
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11640
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486652
Bugzilla Description: chromium-browser: Integer overflow in libyuv
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11679
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486653
Bugzilla Description: chromium-browser: Use after free in Codecs
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11651
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486654
Bugzilla Description: chromium-browser: Use after free in Network
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11684
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486655
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Network
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-940
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11660
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486656
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in New Tab Page
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11672
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486657
Bugzilla Description: chromium-browser: Out of bounds write in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11633
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486658
Bugzilla Description: chromium-browser: Use after free in Bluetooth
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11655
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486659
Bugzilla Description: chromium-browser: Integer overflow in Media
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11677
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486660
Bugzilla Description: chromium-browser: Race in Network
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11658
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486661
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Extensions
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11688
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486662
Bugzilla Description: chromium-browser: Object lifecycle issue in SVG
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-823
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11692
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486663
Bugzilla Description: chromium-browser: Use after free in Read Anything
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11689
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486664
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Passwords
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-1100
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11668
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486665
Bugzilla Description: chromium-browser: Uninitialized Use in Codecs
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11659
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486666
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in UI
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11693
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486667
Bugzilla Description: chromium-browser: Inappropriate implementation in Plugins
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11656
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486668
Bugzilla Description: chromium-browser: Use after free in ServiceWorker
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11639
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486669
Bugzilla Description: chromium-browser: Use after free in Compositing
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11631
Severity: important
Released on: 08/06/2026
Advisory:
Bugzilla: 2486670
Bugzilla Description: chromium-browser: Use after free in Aura
CVSS Score:
CVSSv3 Score: 9.9
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-53469
Severity: important
Released on: 07/06/2026
Advisory:
Bugzilla: 2487065
Bugzilla Description: migration-planner: Unprotected DELETE Endpoint Wipes All Tenant Data
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: CWE-306
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-53470
Severity: important
Released on: 07/06/2026
Advisory:
Bugzilla: 2487069
Bugzilla Description: migration-planner: GetSourceDownloadURL Missing Organization Check
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-639
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-53471
Severity: important
Released on: 07/06/2026
Advisory:
Bugzilla: 2487070
Bugzilla Description: migration-planner: Agent API Ignores JWT source_id Claim
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-639
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-53472
Severity: important
Released on: 07/06/2026
Advisory:
Bugzilla: 2487073
Bugzilla Description: migration-planner: credentialUrl Validator Accepts javascript: URLs
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-53473
Severity: important
Released on: 07/06/2026
Advisory:
Bugzilla: 2487107
Bugzilla Description: migration-planner-ui-app: Stored XSS via javascript: URL in Agent Credential Link
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-53474
Severity: important
Released on: 07/06/2026
Advisory:
Bugzilla: 2487231
Bugzilla Description: migration-planner: Second-Order SQL Injection via RVTools Upload
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-89
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-53475
Severity: important
Released on: 07/06/2026
Advisory:
Bugzilla: 2487232
Bugzilla Description: assisted-migration-agent: TLS Verification Disabled on All vCenter Connections
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-295
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-53476
Severity: important
Released on: 07/06/2026
Advisory:
Bugzilla: 2487233
Bugzilla Description: assisted-migration-agent: VDDK Tarball Chained-Symlink Arbitrary File Write
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-59
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-9088
Severity: low
Released on: 05/06/2026
Advisory: RHSA-2026:25098, RHSA-2026:25097,
Bugzilla: 2480179
Bugzilla Description: keycloak: Keycloak: Information disclosure due to user profile permission bypass
CVSS Score:
CVSSv3 Score: 2.7
Vector:
CWE: CWE-1220
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.6.3-3,rhbk/keycloak-rhel9:26.6-6,rhbk/keycloak-rhel9-operator:26.6-6,
Package States:
Full Details
CVE document

CVE-2026-11332
Severity: important
Released on: 05/06/2026
Advisory:
Bugzilla: 2485379
Bugzilla Description: ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-88
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,
Full Details
CVE document

CVE-2026-10732
Severity: important
Released on: 05/06/2026
Advisory:
Bugzilla: 2485376
Bugzilla Description: decompress: Decompress: Arbitrary file write leading to remote code execution via crafted ZIP archive (Zip Slip)
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Build of Keycloak,Red Hat Enterprise Linux 8,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-50292
Severity: moderate
Released on: 05/06/2026
Advisory:
Bugzilla: 2485390
Bugzilla Description: libinput: local privilege escalation via crafted uinput devices
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-11774
Severity: important
Released on: 04/06/2026
Advisory:
Bugzilla: 2484916
Bugzilla Description: 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Directory Server 13,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-11884
Severity: moderate
Released on: 04/06/2026
Advisory:
Bugzilla: 2484913
Bugzilla Description: 389-ds-base: 389-ds-base: heap buffer overflow in schema objectclass serialization due to missing oc_superior in size calculation
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Directory Server 13,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-50266
Severity: moderate
Released on: 04/06/2026
Advisory:
Bugzilla: 2484852
Bugzilla Description: openstack-neutron: OpenStack Neutron: Network spoofing via incorrect port RBAC policies
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-639
Affected Packages:
Package States: Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2026-45287
Severity: low
Released on: 04/06/2026
Advisory:
Bugzilla: 2484831
Bugzilla Description: go.opentelemetry.io/otel: go.opentelemetry.io/otel/schema/v1.0: go.opentelemetry.io/otel/schema/v1.1: OpenTelemetry-Go: Denial of Service due to file descriptor leak
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,Compliance Operator,Compliance Operator,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Cryostat 4,Cryostat 4,Cryostat 4,Dynamic Accelerator Slicer Operator for Red Hat OpenShift,Dynamic Accelerator Slicer Operator for Red Hat OpenShift,Dynamic Accelerator Slicer Operator for Red Hat OpenShift,Exploit Intelligence,Exploit Intelligence,Exploit Intelligence,Exploit Intelligence,ExternalDNS Operator,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,File Integrity Operator,File Integrity Operator,File Integrity Operator,File Integrity Operator,File Integrity Operator,File Integrity Operator,Gatekeeper 3,Gatekeeper 3,Gatekeeper 3,Job Set Tech Preview,Job Set Tech Preview,Job Set Tech Preview,Kernel Module Management Operator for Red Hat Openshift,Kernel Module Management Operator for Red Hat Openshift,Kernel Module Management Operator for Red Hat Openshift,Kernel Module Management Operator for Red Hat Openshift,Kube Descheduler Operator,Kube Descheduler Operator,Kube Descheduler Operator,Leader Worker Set,Leader Worker Set,Leader Worker Set,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Logical Volume Manager Storage,Logical Volume Manager Storage,Logical Volume Manager Storage,Logical Volume Manager Storage,Logical Volume Manager Storage,Logical Volume Manager Storage,Machine Deletion Remediation Operator,Machine Deletion Remediation Operator,MCP Lifecycle Operator,MCP Server for Red Hat OpenShift,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multiarch Tuning Operator,Multiarch Tuning Operator,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Network Observability Operator,Network Observability Operator,Network Observability Operator,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Run Once Duration Override Operator,OpenShift Run Once Duration Override Operator,OpenShift Run Once Duration Override Operator,OpenShift Secondary Scheduler Operator,OpenShift Secondary Scheduler Operator,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Source-to-Image (S2I),OpenShift Source-to-Image (S2I),Pen Drive Powered by Red Hat Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Power monitoring for Red Hat OpenShift,Power monitoring for Red Hat OpenShift,Power monitoring for Red Hat OpenShift,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 8,Red Hat Ceph Storage 8,Red Hat Ceph Storage 9,Red Hat Ceph Storage 9,Red Hat Ceph Storage 9,Red Hat Certification Program for Red Hat Enterprise Linux 9,Red Hat Connectivity Link 1,Red Hat Developer Hub,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Lightspeed for Runtimes Operator,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Cluster Manager CLI,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift for Windows Containers,Red Hat OpenShift for Windows Containers,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Web Terminal,Security Profiles Operator,Security Profiles Operator,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Storage-Based Remediation,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document

CVE-2026-10803
Severity: low
Released on: 04/06/2026
Advisory:
Bugzilla: 2484755
Bugzilla Description: mlflow: MLflow: Use of weak hash in Dataset Digest Computation
CVSS Score:
CVSSv3 Score: 2.5
Vector:
CWE: CWE-328
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-50219
Severity: moderate
Released on: 04/06/2026
Advisory:
Bugzilla: 2484620
Bugzilla Description: expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-41283
Severity: important
Released on: 04/06/2026
Advisory:
Bugzilla: 2484607
Bugzilla Description: openstack-mistral: OpenStack Mistral: Arbitrary Remote Code Execution via exposed API endpoints
CVSS Score:
CVSSv3 Score: 9.9
Vector:
CWE: CWE-749
Affected Packages:
Package States: Red Hat OpenStack Platform 16.2,
Full Details
CVE document

CVE-2026-48681
Severity: moderate
Released on: 04/06/2026
Advisory:
Bugzilla: 2484608
Bugzilla Description: openstack-ironic: OpenStack Ironic: File overwrite via directory traversal vulnerability
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2026-10805
Severity: moderate
Released on: 04/06/2026
Advisory:
Bugzilla: 2484613
Bugzilla Description: NetworkManager: NetworkManager: Local privilege escalation via malformed MUD URLs in dhclient backend
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-78
Affected Packages:
Package States: Multicluster Engine for Kubernetes,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-36499
Severity: moderate
Released on: 04/06/2026
Advisory:
Bugzilla: 2484881
Bugzilla Description: openvswitch: Open vSwitch: Denial of service via resource exhaustion due to missing upper-bound check
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-770
Affected Packages:
Package States: Fast Datapath for RHEL 10,Fast Datapath for RHEL 10,Fast Datapath for RHEL 7,Fast Datapath for RHEL 7,Fast Datapath for RHEL 7,Fast Datapath for RHEL 7,Fast Datapath for RHEL 7,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 9,Fast Datapath for RHEL 9,Fast Datapath for RHEL 9,Fast Datapath for RHEL 9,Fast Datapath for RHEL 9,Fast Datapath for RHEL 9,Fast Datapath for RHEL 9,Fast Datapath for RHEL 9,Red Hat Enterprise Linux 7,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-47774
Severity: important
Released on: 04/06/2026
Advisory:
Bugzilla: 2487465
Bugzilla Description: envoy: envoy: HTTP/2 Remote Denial of Service via HPACK compression bomb and Slowloris-style attack
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-409
Affected Packages:
Package States: OpenShift Service Mesh 2,OpenShift Service Mesh 3,
Full Details
CVE document

CVE-2026-6657
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484420
Bugzilla Description: jupyter-server: jupyter-server: Arbitrary code execution due to CORS origin validation bypass
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-625
Affected Packages:
Package States: Migration Toolkit for Applications 8,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-3276
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484424
Bugzilla Description: python: Python unicodedata: Denial of Service due to excessive CPU consumption
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-606
Affected Packages:
Package States: Exploit Intelligence,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,
Full Details
CVE document

CVE-2026-44546
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484368
Bugzilla Description: daphne: daphne: Information disclosure via header injection due to parser differential
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-444
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,
Full Details
CVE document

CVE-2026-48587
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484372
Bugzilla Description: django: Django: Information disclosure via improper handling of Vary header whitespace
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-524
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Discovery 2,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-35193
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484374
Bugzilla Description: django: Django: Information disclosure due to improper caching of authenticated responses
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-524
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Discovery 2,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-8404
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484370
Bugzilla Description: Django: Django: Information disclosure due to improper handling of Cache-Control directives
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-1289
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Discovery 2,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-7666
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484369
Bugzilla Description: django: Django: Information disclosure via failed STARTTLS handshake in EmailBackend
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-325
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Discovery 2,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-6873
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484373
Bugzilla Description: python-django: Django: Information disclosure via non-injective cookie salt derivation
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-303
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Discovery 2,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-5241
Severity: important
Released on: 03/06/2026
Advisory:
Bugzilla: 2484384
Bugzilla Description: python-transformers: python-transformers: Arbitrary code execution due to overridden trust_remote_code setting
CVSS Score:
CVSSv3 Score: 7.7
Vector:
CWE: CWE-829
Affected Packages:
Package States: OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-10722
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484348
Bugzilla Description: github.com/cilium/ebpf: Cilium ebpf: Denial of Service via integer overflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Confidential Compute Attestation,Multiarch Tuning Operator,Multiarch Tuning Operator,Multicluster Global Hub,Network Observability Operator,Network Observability Operator,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,
Full Details
CVE document

CVE-2026-4035
Severity: important
Released on: 03/06/2026
Advisory:
Bugzilla: 2484318
Bugzilla Description: python-mlflow: MLflow: Sensitive credential exfiltration via environment variable resolution in AI Gateway secrets
CVSS Score:
CVSSv3 Score: 7.7
Vector:
CWE: CWE-201
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-5078
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484311
Bugzilla Description: morgan: morgan: Log forgery due to unneutralized control characters
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-93
Affected Packages:
Package States: Confidential Compute Attestation,Cryostat 4,Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-50031
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484296
Bugzilla Description: freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46258
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484436
Bugzilla Description: kernel: gpio: cdev: Avoid NULL dereference in linehandle_create()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46261
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484437
Bugzilla Description: kernel: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46260
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484438
Bugzilla Description: kernel: ipv6: Fix out-of-bound access in fib6_add_rt2node()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46273
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484442
Bugzilla Description: kernel: ibmveth: Disable GSO for packets with small MSS
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46245
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484444
Bugzilla Description: kernel: drm/amd/display: Fix dc_link NULL handling in HPD init
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46254
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484445
Bugzilla Description: kernel: AppArmor: Allow apparmor to handle unaligned dfa tables
CVSS Score:
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46250
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484446
Bugzilla Description: kernel: MIPS: Work around LLVM bug when gp is used as global register variable
CVSS Score:
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46271
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484447
Bugzilla Description: kernel: wifi: ath12k: do WoW offloads only on primary link
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46268
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484449
Bugzilla Description: kernel: PCI/P2PDMA: Fix p2pmem_alloc_mmap() warning condition
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46262
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484450
Bugzilla Description: kernel: ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46244
Severity: important
Released on: 03/06/2026
Advisory:
Bugzilla: 2484451
Bugzilla Description: kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46270
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484453
Bugzilla Description: kernel: power: supply: rt9455: Fix use-after-free in power_supply_changed()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46269
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484454
Bugzilla Description: kernel: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46266
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484456
Bugzilla Description: kernel: inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46252
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484457
Bugzilla Description: kernel: regulator: core: fix locking in regulator_resolve_supply() error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46256
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484459
Bugzilla Description: kernel: NFS/localio: prevent direct reclaim recursion into NFS via nfs_writepages
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46247
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484463
Bugzilla Description: kernel: clk: qcom: gfx3d: add parent to parent request map
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46264
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484464
Bugzilla Description: kernel: drm/xe/pf: Fix sysfs initialization
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46251
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484466
Bugzilla Description: kernel: btrfs: fix block_group_tree dirty_list corruption
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-237
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46267
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484467
Bugzilla Description: kernel: nfc: hci: shdlc: Stop timers and work before freeing context
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46257
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484468
Bugzilla Description: kernel: clocksource/drivers/timer-sp804: Fix an Oops when read_current_timer is called on ARM32 platforms where the SP804 is not registered as the sched_clock
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46246
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484471
Bugzilla Description: kernel: power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71314
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484472
Bugzilla Description: kernel: drm/panthor: Recover from panthor_gpu_flush_caches() failures
CVSS Score:
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71313
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484473
Bugzilla Description: kernel: PCI: endpoint: Add missing NULL check for alloc_workqueue()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46253
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484474
Bugzilla Description: kernel: pstore/ram: fix buffer overflow in persistent_ram_save_old()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46249
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484476
Bugzilla Description: kernel: octeontx2-af: Fix PF driver crash with kexec kernel booting
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46259
Severity: moderate
Released on: 03/06/2026
Advisory:
Bugzilla: 2484477
Bugzilla Description: kernel: procfs: fix missing RCU protection when reading real_parent in do_task_stat()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46248
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484478
Bugzilla Description: kernel: wifi: ath12k: clear stale link mapping of ahvif->links_map
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46265
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484481
Bugzilla Description: kernel: RDMA/hns: Fix WQ_MEM_RECLAIM warning
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46272
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484482
Bugzilla Description: kernel: coresight: tmc-etr: Fix race condition between sysfs and perf mode
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46263
Severity:
Released on: 03/06/2026
Advisory:
Bugzilla: 2484484
Bugzilla Description: kernel: drm/amd/display: Fix out-of-bounds stream encoder index v3
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46255
Severity: low
Released on: 03/06/2026
Advisory:
Bugzilla: 2484485
Bugzilla Description: kernel: dmaengine: fsl-edma: don't explicitly disable clocks in .remove()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-49975
Severity: important
Released on: 03/06/2026
Advisory: RHSA-2026:25057, RHSA-2026:25042, RHSA-2026:25090, RHSA-2026:25225,
Bugzilla: 2485371
Bugzilla Description: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-409
Affected Packages: mod_http2-0:2.0.26-6.el9_8.1,mod_http2-0:2.0.29-4.el10_2.1,httpd-main-2.4.68-1.hum1,httpd:2.4-8100020260608081321.489197e6,
Package States: OpenShift Service Mesh 2,OpenShift Service Mesh 3,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Web Server 5,Red Hat JBoss Web Server 5,
Full Details
CVE document

CVE-2026-10650
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484180
Bugzilla Description: libwebsockets: libwebsockets: Denial of Service via SSH Protocol Handler resource consumption
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-130
Affected Packages:
Package States: A-MQ Interconnect 1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Service Interconnect 1,Red Hat Service Interconnect 2,
Full Details
CVE document

CVE-2026-47265
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484127
Bugzilla Description: python-aiohttp: AIOHTTP: Information disclosure via improper handling of cookies during cross-origin redirects
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-201
Affected Packages:
Package States: Exploit Intelligence,Migration Toolkit for Applications 8,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Discovery 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-34993
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:24977,
Bugzilla: 2484099
Bugzilla Description: aiohttp: AIOHTTP: Arbitrary code execution via untrusted input to CookieJar.load()
CVSS Score:
CVSSv3 Score: 7.2
Vector:
CWE: CWE-502
Affected Packages: rhoai/odh-training-rocm62-torch24-py311-rhel9:1780069179,rhoai/odh-training-cuda124-torch25-py311-rhel9:1780078840,rhoai/odh-training-cuda121-torch24-py311-rhel9:1780078807,rhoai/odh-training-rocm62-torch25-py311-rhel9:1780069181,
Package States: Exploit Intelligence,Migration Toolkit for Applications 8,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Discovery 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document

CVE-2026-34077
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484123
Bugzilla Description: react-router: React Router: Denial of Service via client-side Cross-Site Scripting in RSC redirect handling
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-79
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Cryostat 4,Exploit Intelligence,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Keycloak,Red Hat Build of Podman Desktop,Red Hat Ceph Storage 5,Red Hat Ceph Storage 9,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-46718
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484010
Bugzilla Description: calcite: org.apache.calcite.avatica/avatica-core: Apache Calcite: Unsafe Reflection vulnerability allows externally-controlled input to select classes or code.
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-470
Affected Packages:
Package States: Cryostat 4,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-5422
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484037
Bugzilla Description: jupyter-server: jupyter-server: Sensitive data exposure via path traversal vulnerability
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-22
Affected Packages:
Package States: Migration Toolkit for Applications 8,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-1784
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:23241, RHSA-2026:23246,
Bugzilla: 2436075
Bugzilla Description: ose-cluster-ingress-operator: Remote Code Execution Through HAProxy Configuration Injection
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-15
Affected Packages: openshift4/ose-cluster-ingress-rhel9-operator:1780444348,openshift4/ose-cluster-ingress-rhel9-operator:1780043338,
Package States: Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-3198
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2483903
Bugzilla Description: mlflow: MLflow: Information disclosure via insufficient authorization checks in Gateway API endpoints
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-425
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-28946
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2471790
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-416
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28847
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483955
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28883
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483956
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-416
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28901
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483957
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28902
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483958
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28903
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483959
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28904
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483960
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28905
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483961
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28907
Severity: moderate
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483962
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-20
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28942
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483963
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-416
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28947
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483964
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-416
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28953
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483965
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28955
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483966
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-28958
Severity: moderate
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483967
Bugzilla Description: webkitgtk: An app may be able to access sensitive user data
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-200
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-43658
Severity: important
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483968
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-43660
Severity: moderate
Released on: 02/06/2026
Advisory: RHSA-2026:25918, RHSA-2026:25927,
Bugzilla: 2483969
Bugzilla Description: webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-693
Affected Packages: webkit2gtk3-0:2.52.4-1.el9_8,webkit2gtk3-0:2.52.4-1.el8_10,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-10996
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484945
Bugzilla Description: chromium-browser: Inappropriate implementation in Workers
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11021
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484946
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-179
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10926
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484947
Bugzilla Description: chromium-browser: Use after free in Cast
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-364
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11235
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484948
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Compositing
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10985
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484949
Bugzilla Description: chromium-browser: Out of bounds read in Skia
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11016
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484950
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Network
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11300
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484951
Bugzilla Description: chromium-browser: Inappropriate implementation in Permissions
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-279
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10995
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484952
Bugzilla Description: chromium-browser: Heap buffer overflow in TabStrip
CVSS Score:
CVSSv3 Score: 8.3
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11101
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484953
Bugzilla Description: chromium-browser: Uninitialized Use in Dawn
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11116
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484954
Bugzilla Description: chromium-browser: Use after free in Chromoting
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10911
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484955
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Media
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10984
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484956
Bugzilla Description: chromium-browser: Inappropriate implementation in Accessibility
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11025
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484957
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Navigation
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11156
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484958
Bugzilla Description: chromium-browser: Inappropriate implementation in CSS
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11086
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484959
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Dawn
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-94
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11162
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484960
Bugzilla Description: chromium-browser: Insufficient policy enforcement in CSS
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10894
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484961
Bugzilla Description: chromium-browser: Use after free in Printing
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11007
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484962
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in WebView
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10989
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484963
Bugzilla Description: chromium-browser: Inappropriate implementation in V8
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11192
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484964
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Password Manager
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11286
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484965
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Wallet
CVSS Score:
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11106
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484966
Bugzilla Description: chromium-browser: Inappropriate implementation in Media
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-940
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11266
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484967
Bugzilla Description: chromium-browser: Policy bypass in SafeBrowsing
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11113
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484968
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10943
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484969
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11030
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484970
Bugzilla Description: chromium-browser: Use after free in Network
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11200
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484971
Bugzilla Description: chromium-browser: Inappropriate implementation in WebRTC
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-940
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11263
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484972
Bugzilla Description: chromium-browser: Insufficient policy enforcement in WebAuthentication
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11218
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484973
Bugzilla Description: chromium-browser: Inappropriate implementation in PlatformIntegration
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-356
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10889
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484974
Bugzilla Description: chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11129
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484975
Bugzilla Description: chromium-browser: Inappropriate implementation in Extensions
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11173
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484976
Bugzilla Description: chromium-browser: Out of bounds write in V8
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10994
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484977
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11141
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484978
Bugzilla Description: chromium-browser: Uninitialized Use in Audio
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11234
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484979
Bugzilla Description: chromium-browser: Insufficient policy enforcement in FoldableAPIs
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11305
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484980
Bugzilla Description: chromium-browser: Use after free in PDFium
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10993
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484981
Bugzilla Description: chromium-browser: Heap buffer overflow in Skia
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11253
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484982
Bugzilla Description: chromium-browser: Race in Permissions
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-940
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10933
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484983
Bugzilla Description: chromium-browser: Use after free in Audio
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11054
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484984
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11180
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484985
Bugzilla Description: chromium-browser: Policy bypass in SVG
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11011
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484986
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Password Manager
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11185
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484987
Bugzilla Description: chromium-browser: Use after free in V8
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11309
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484988
Bugzilla Description: chromium-browser: Insufficient policy enforcement in History
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11239
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484989
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Extensions
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-358
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10931
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484990
Bugzilla Description: chromium-browser: Use after free in FileSystem
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11117
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484991
Bugzilla Description: chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11024
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484992
Bugzilla Description: chromium-browser: Stack buffer overflow in Skia
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11209
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484993
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Passwords
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11028
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484994
Bugzilla Description: chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10945
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484995
Bugzilla Description: chromium-browser: Use after free in PDF
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11069
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2484996
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Cast
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10892
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484997
Bugzilla Description: chromium-browser: Out of bounds write in GPU
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11240
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2484998
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Loader
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10956
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2484999
Bugzilla Description: chromium-browser: Use after free in MimeHandlerView
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10918
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485000
Bugzilla Description: chromium-browser: Use after free in Viz
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11003
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485001
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-772
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11097
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485002
Bugzilla Description: chromium-browser: Inappropriate implementation in WebView
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10957
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485003
Bugzilla Description: chromium-browser: Use after free in Glic
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10978
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485004
Bugzilla Description: chromium-browser: Use after free in Chromoting
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11085
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485005
Bugzilla Description: chromium-browser: Integer overflow in GPU
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11207
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485006
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Autofill
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11088
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485007
Bugzilla Description: chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11215
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485008
Bugzilla Description: chromium-browser: Inappropriate implementation in Cronet
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11093
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485009
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Printing
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11297
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485010
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Reader Mode
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11194
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485011
Bugzilla Description: chromium-browser: Inappropriate implementation in Network
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11251
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485012
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Password Manager
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-551
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11134
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485013
Bugzilla Description: chromium-browser: Insufficient data validation in Media
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11049
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485014
Bugzilla Description: chromium-browser: Use after free in Password Manager
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11121
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485015
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Skia
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10924
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485016
Bugzilla Description: chromium-browser: Integer overflow in Chromecast
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11264
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485017
Bugzilla Description: chromium-browser: Policy bypass in Content Security Policy
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11140
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485018
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Chromecast
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11128
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485019
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Web Share
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11242
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485020
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Plugins
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11026
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485021
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Extensions
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10942
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485022
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in UI
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11075
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485023
Bugzilla Description: chromium-browser: Out of bounds read in V8
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11127
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485024
Bugzilla Description: chromium-browser: Inappropriate implementation in WebAPKs
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-290
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10972
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485025
Bugzilla Description: chromium-browser: Use after free in Ozone
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10967
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485026
Bugzilla Description: chromium-browser: Use after free in SurfaceCapture
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11284
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485027
Bugzilla Description: chromium-browser: Side-channel information leakage in PerformanceAPIs
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10909
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485028
Bugzilla Description: chromium-browser: Use after free in Dawn
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-364
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10965
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485029
Bugzilla Description: chromium-browser: Integer overflow in DevTools
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11009
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485030
Bugzilla Description: chromium-browser: Use after free in USB
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11150
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485031
Bugzilla Description: chromium-browser: Inappropriate implementation in XML
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11008
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485032
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in WebAppInstalls
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11233
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485033
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in FoldableAPIs
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11046
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485034
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Media
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10986
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485035
Bugzilla Description: chromium-browser: Integer overflow in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11057
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485036
Bugzilla Description: chromium-browser: Uninitialized Use in Skia
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10919
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485037
Bugzilla Description: chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10940
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485038
Bugzilla Description: chromium-browser: Race in Codecs
CVSS Score:
CVSSv3 Score: 7.9
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11294
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485039
Bugzilla Description: chromium-browser: Inappropriate implementation in Passwords
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11250
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485040
Bugzilla Description: chromium-browser: Inappropriate implementation in DevTools
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: CWE-497
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10968
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485041
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Dawn
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10999
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485042
Bugzilla Description: chromium-browser: Out of bounds memory access in ANGLE
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11124
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485043
Bugzilla Description: chromium-browser: Heap buffer overflow in Skia
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10946
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485044
Bugzilla Description: chromium-browser: Heap buffer overflow in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10971
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485045
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Printing
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11307
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485046
Bugzilla Description: chromium-browser: Use after free in PDFium
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11206
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485047
Bugzilla Description: chromium-browser: Policy bypass in ServiceWorker
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11000
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485048
Bugzilla Description: chromium-browser: Use after free in Fonts
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10948
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485049
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11164
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485050
Bugzilla Description: chromium-browser: Use after free in Blink
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11271
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485051
Bugzilla Description: chromium-browser: Incorrect security UI in Passwords
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11220
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485052
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Navigation
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11122
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485053
Bugzilla Description: chromium-browser: Inappropriate implementation in Keyboard
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10884
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485054
Bugzilla Description: chromium-browser: Use after free in Chromecast
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11290
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485055
Bugzilla Description: chromium-browser: Integer overflow in WebView
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11111
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485056
Bugzilla Description: chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11262
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485057
Bugzilla Description: chromium-browser: Use after free in TabStrip
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11158
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485058
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Downloads
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11100
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485059
Bugzilla Description: chromium-browser: Use after free in File Input
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10955
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485060
Bugzilla Description: chromium-browser: Type Confusion in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10988
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485061
Bugzilla Description: chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11098
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485062
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in GPU
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11035
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485063
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Custom Tabs
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10974
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485064
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11157
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485065
Bugzilla Description: chromium-browser: Script injection in Accessibility
CVSS Score:
CVSSv3 Score: 7.9
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11135
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485066
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Autofill
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-551
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10959
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485067
Bugzilla Description: chromium-browser: Use after free in Input
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11228
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485068
Bugzilla Description: chromium-browser: Incorrect security UI in File Input
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11084
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485069
Bugzilla Description: chromium-browser: Inappropriate implementation in Password Manager
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11056
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485070
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in SiteIsolation
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11039
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485071
Bugzilla Description: chromium-browser: Uninitialized Use in Skia
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11104
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485072
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10908
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485073
Bugzilla Description: chromium-browser: Use after free in FullScreen
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10983
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485074
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Dawn
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10987
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485075
Bugzilla Description: chromium-browser: Integer overflow in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11107
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485076
Bugzilla Description: chromium-browser: Inappropriate implementation in Downloads
CVSS Score:
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11087
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485077
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11037
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485078
Bugzilla Description: chromium-browser: Out of bounds write in Codecs
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10953
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485079
Bugzilla Description: chromium-browser: Use after free in Core
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11177
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485080
Bugzilla Description: chromium-browser: Use after free in Omnibox
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11159
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485081
Bugzilla Description: chromium-browser: Uninitialized Use in Skia
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10990
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485082
Bugzilla Description: chromium-browser: Use after free in Glic
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11273
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485083
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Omnibox
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10976
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485084
Bugzilla Description: chromium-browser: Uninitialized Use in Dawn
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11081
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485085
Bugzilla Description: chromium-browser: Policy bypass in Canvas
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11034
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485086
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Tab Group Sync
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11114
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485087
Bugzilla Description: chromium-browser: Use after free in Device Trust
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10898
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485088
Bugzilla Description: chromium-browser: Stack buffer overflow in GPU
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11076
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485089
Bugzilla Description: chromium-browser: Type Confusion in CSS
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11070
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485090
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Chromoting
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11080
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485091
Bugzilla Description: chromium-browser: Use after free in WebView
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10969
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485092
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Extensions
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11222
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485093
Bugzilla Description: chromium-browser: Incorrect security UI in Tab Strip
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-449
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11247
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485094
Bugzilla Description: chromium-browser: Insufficient policy enforcement in CustomTabs
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11226
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485095
Bugzilla Description: chromium-browser: Insufficient policy enforcement in PreviewTab
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11171
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485096
Bugzilla Description: chromium-browser: Integer overflow in Blink
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10954
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485097
Bugzilla Description: chromium-browser: Use after free in Actor
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10997
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485098
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Extensions
CVSS Score:
CVSSv3 Score: 7.2
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10935
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485099
Bugzilla Description: chromium-browser: Inappropriate implementation in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11191
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485100
Bugzilla Description: chromium-browser: Out of bounds memory access in ANGLE
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10939
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485102
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11259
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485103
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Cast
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11270
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485104
Bugzilla Description: chromium-browser: Inappropriate implementation in UI
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11288
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485105
Bugzilla Description: chromium-browser: Policy bypass in CSS
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11183
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485106
Bugzilla Description: chromium-browser: Out of bounds read in GWP-ASan
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11244
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485107
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in WebAuthentication
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11060
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485108
Bugzilla Description: chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11033
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485109
Bugzilla Description: chromium-browser: Uninitialized Use in WebML
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11227
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485110
Bugzilla Description: chromium-browser: Incorrect security UI in Tab Hover Cards
CVSS Score:
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11078
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485111
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in FileSystem
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10890
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485112
Bugzilla Description: chromium-browser: Use after free in Cast
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11260
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485113
Bugzilla Description: chromium-browser: Policy bypass in Permissions
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11082
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485114
Bugzilla Description: chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11147
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485115
Bugzilla Description: chromium-browser: Use after free in WebML
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11130
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485116
Bugzilla Description: chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10921
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485117
Bugzilla Description: chromium-browser: Integer overflow in Dawn
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11276
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485118
Bugzilla Description: chromium-browser: Inappropriate implementation in Cast
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-303
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11176
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485119
Bugzilla Description: chromium-browser: Inappropriate implementation in Media
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10975
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485120
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11190
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485121
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Extensions
CVSS Score:
CVSSv3 Score: 3.9
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11108
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485122
Bugzilla Description: chromium-browser: Inappropriate implementation in NFC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-648
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11055
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485123
Bugzilla Description: chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11001
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485124
Bugzilla Description: chromium-browser: Incorrect security UI in Payments
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11120
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485125
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Enterprise Reporting
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10881
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485126
Bugzilla Description: chromium-browser: Out of bounds read and write in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11143
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485127
Bugzilla Description: chromium-browser: Heap buffer overflow in Extensions
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11289
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485128
Bugzilla Description: chromium-browser: Side-channel information leakage in Paint
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-205
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10899
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485129
Bugzilla Description: chromium-browser: Use after free in Ozone
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11119
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485130
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in GPU
CVSS Score:
CVSSv3 Score: 8.9
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11148
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485131
Bugzilla Description: chromium-browser: Inappropriate implementation in Payments
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-940
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11027
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485132
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Glic
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11287
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485133
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Navigation
CVSS Score:
Vector:
CWE: CWE-274
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11232
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485134
Bugzilla Description: chromium-browser: Inappropriate implementation in TabGroups
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11010
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485135
Bugzilla Description: chromium-browser: Use after free in WebShare
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11048
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485136
Bugzilla Description: chromium-browser: Inappropriate implementation in Extensions
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-358
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11067
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485137
Bugzilla Description: chromium-browser: Uninitialized Use in Dawn
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11072
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485138
Bugzilla Description: chromium-browser: Use after free in WebView
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10963
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485139
Bugzilla Description: chromium-browser: Integer overflow in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11036
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485140
Bugzilla Description: chromium-browser: Inappropriate implementation in DOM
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10917
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485141
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Media
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11002
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485142
Bugzilla Description: chromium-browser: Use after free in Autofill
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-364
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11237
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485143
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Media
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11186
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485144
Bugzilla Description: chromium-browser: Inappropriate implementation in CSS
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10930
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485145
Bugzilla Description: chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11062
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485146
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Extensions
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11248
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485147
Bugzilla Description: chromium-browser: Policy bypass in Google Lens
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11211
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485148
Bugzilla Description: chromium-browser: Integer overflow in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11092
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485149
Bugzilla Description: chromium-browser: Insufficient policy enforcement in DevTools
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11005
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485150
Bugzilla Description: chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11096
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485151
Bugzilla Description: chromium-browser: Out of bounds read in WebRTC
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11152
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485152
Bugzilla Description: chromium-browser: Object lifecycle issue in Dawn
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-763
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10907
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485153
Bugzilla Description: chromium-browser: Out of bounds write in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10901
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485154
Bugzilla Description: chromium-browser: Use after free in Passwords
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11004
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485155
Bugzilla Description: chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11179
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485156
Bugzilla Description: chromium-browser: Inappropriate implementation in ORB
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10887
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485157
Bugzilla Description: chromium-browser: Use after free in Chromoting
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11125
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485158
Bugzilla Description: chromium-browser: Use after free in Compositing
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10886
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485159
Bugzilla Description: chromium-browser: Use after free in FileSystem
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11131
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485160
Bugzilla Description: chromium-browser: Use after free in Autofill
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11040
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485161
Bugzilla Description: chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10981
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485162
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Codecs
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10932
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485163
Bugzilla Description: chromium-browser: Use after free in UI
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11172
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485164
Bugzilla Description: chromium-browser: Incorrect security UI in Contact Picker
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11145
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485165
Bugzilla Description: chromium-browser: Race in Geolocation
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11291
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485166
Bugzilla Description: chromium-browser: Policy bypass in Android Autofill
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11201
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485167
Bugzilla Description: chromium-browser: Use after free in ServiceWorker
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11243
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485168
Bugzilla Description: chromium-browser: Incorrect security UI in Downloads
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-358
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11133
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485169
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Paint
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11255
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485170
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Storage Access API
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11189
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485171
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in DevTools
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11050
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485172
Bugzilla Description: chromium-browser: Use after free in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10910
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485173
Bugzilla Description: chromium-browser: Type Confusion in V8
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11197
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485174
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Workers
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10928
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485175
Bugzilla Description: chromium-browser: Script injection in Headless
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-94
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11151
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485176
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Password Manager
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11112
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485177
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Chromoting
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11245
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485178
Bugzilla Description: chromium-browser: Inappropriate implementation in Payments
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11279
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485179
Bugzilla Description: chromium-browser: Out of bounds read in DevTools
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11283
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485180
Bugzilla Description: chromium-browser: Policy bypass in Shortcuts
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-434
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11074
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485181
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11160
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485182
Bugzilla Description: chromium-browser: Out of bounds read in Input
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11299
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485183
Bugzilla Description: chromium-browser: Out of bounds read in Fonts
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11267
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485184
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Extensions
CVSS Score:
CVSSv3 Score: 3.9
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10929
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485185
Bugzilla Description: chromium-browser: Heap buffer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10991
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485186
Bugzilla Description: chromium-browser: Use after free in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11212
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485187
Bugzilla Description: chromium-browser: Insufficient policy enforcement in DevTools
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10913
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485188
Bugzilla Description: chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11091
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485189
Bugzilla Description: chromium-browser: Inappropriate implementation in Dawn
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11077
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485190
Bugzilla Description: chromium-browser: Out of bounds read in Dawn
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11196
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485191
Bugzilla Description: chromium-browser: Type Confusion in XML
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11136
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485192
Bugzilla Description: chromium-browser: Use after free in Canvas
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11038
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485193
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Subresource Integrity
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-354
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11231
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485194
Bugzilla Description: chromium-browser: Inappropriate implementation in Safe Browsing
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-184
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11175
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485195
Bugzilla Description: chromium-browser: Incorrect security UI in Messages
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11118
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485196
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11166
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485197
Bugzilla Description: chromium-browser: Inappropriate implementation in SVG
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11059
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485198
Bugzilla Description: chromium-browser: Use after free in Blink
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10900
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485199
Bugzilla Description: chromium-browser: Use after free in Passwords
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10936
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485200
Bugzilla Description: chromium-browser: Type Confusion in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11210
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485201
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Safe Browsing
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-551
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11013
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485202
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Network
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10893
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485203
Bugzilla Description: chromium-browser: Use after free in Chromoting
CVSS Score:
CVSSv3 Score: 10.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11090
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485204
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10949
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485205
Bugzilla Description: chromium-browser: Heap buffer overflow in Video
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-131
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11184
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485206
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Actor
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11105
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485207
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in WebUI
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11281
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485208
Bugzilla Description: chromium-browser: Integer overflow in Chromoting
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11308
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485209
Bugzilla Description: chromium-browser: Inappropriate implementation in Extensions
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-648
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11181
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485210
Bugzilla Description: chromium-browser: Inappropriate implementation in Media Session
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11256
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485211
Bugzilla Description: chromium-browser: Out of bounds read in GPU
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11032
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485212
Bugzilla Description: chromium-browser: Insufficient data validation in Password Manager
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11083
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485213
Bugzilla Description: chromium-browser: Inappropriate implementation in Password Manager
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11268
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485214
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11153
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485215
Bugzilla Description: chromium-browser: Side-channel information leakage in Forms
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-205
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11006
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485216
Bugzilla Description: chromium-browser: Out of bounds read in Dawn
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11044
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485217
Bugzilla Description: chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11102
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485218
Bugzilla Description: chromium-browser: Inappropriate implementation in Isolated Web Apps
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-434
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10882
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485219
Bugzilla Description: chromium-browser: Use after free in Network
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11301
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485220
Bugzilla Description: chromium-browser: Out of bounds read in LiveCaption
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10904
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485221
Bugzilla Description: chromium-browser: Inappropriate implementation in V8
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11170
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485222
Bugzilla Description: chromium-browser: Inappropriate implementation in Chromoting
CVSS Score:
CVSSv3 Score: 10.0
Vector:
CWE: CWE-250
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11182
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485223
Bugzilla Description: chromium-browser: Inappropriate implementation in SVG
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11188
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485224
Bugzilla Description: chromium-browser: Use after free in USB
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11254
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485225
Bugzilla Description: chromium-browser: Inappropriate implementation in Permissions
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11229
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485226
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Enterprise
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11014
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485227
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Extensions
CVSS Score:
CVSSv3 Score: 7.2
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11019
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485228
Bugzilla Description: chromium-browser: Inappropriate implementation in Payments
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11221
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485229
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in PointerLock
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10980
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485230
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in DevTools
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11065
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485231
Bugzilla Description: chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10934
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485232
Bugzilla Description: chromium-browser: Use after free in Autofill
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11167
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485233
Bugzilla Description: chromium-browser: Inappropriate implementation in WebView
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10937
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485234
Bugzilla Description: chromium-browser: Inappropriate implementation in Passwords
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11199
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485235
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in WebRTC
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10977
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485236
Bugzilla Description: chromium-browser: Uninitialized Use in Skia
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10883
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485237
Bugzilla Description: chromium-browser: Out of bounds write in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11017
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485238
Bugzilla Description: chromium-browser: Inappropriate implementation in Link Preview
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10960
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485239
Bugzilla Description: chromium-browser: Uninitialized Use in Codecs
CVSS Score:
CVSSv3 Score: 7.9
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11174
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485240
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Site Isolation
CVSS Score:
CVSSv3 Score: 7.9
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11178
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485241
Bugzilla Description: chromium-browser: Policy bypass in WebView
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10891
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485242
Bugzilla Description: chromium-browser: Use after free in GFX
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11126
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485243
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in DevTools
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-940
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10922
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485244
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in DevTools
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11142
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485245
Bugzilla Description: chromium-browser: Policy bypass in Paint
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10897
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485246
Bugzilla Description: chromium-browser: Out of bounds write in GPU
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11223
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485247
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Network
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10895
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485248
Bugzilla Description: chromium-browser: Use after free in Ozone
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11258
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485249
Bugzilla Description: chromium-browser: Inappropriate implementation in File System Access
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-551
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10903
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485250
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11238
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485251
Bugzilla Description: chromium-browser: Inappropriate implementation in DevTools
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-201
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11020
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485252
Bugzilla Description: chromium-browser: Inappropriate implementation in Extensions
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11110
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485253
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11261
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485254
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in PDF
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11187
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485255
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Glic
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11265
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485256
Bugzilla Description: chromium-browser: Insufficient data validation in Autofill
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-940
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11022
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485257
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in DevTools
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11144
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485258
Bugzilla Description: chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10992
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485259
Bugzilla Description: chromium-browser: Insufficient data validation in Animation
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1285
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11217
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485260
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Fenced Frames
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11089
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485261
Bugzilla Description: chromium-browser: Uninitialized Use in Media
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11306
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485262
Bugzilla Description: chromium-browser: Use after free in PDFium
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11043
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485263
Bugzilla Description: chromium-browser: Out of bounds write in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11073
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485264
Bugzilla Description: chromium-browser: Use after free in WebGL
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11023
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485266
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in WebAppInstalls
CVSS Score:
CVSSv3 Score: 7.9
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11041
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485267
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Media
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10998
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485268
Bugzilla Description: chromium-browser: Out of bounds read in Media
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11275
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485269
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Page Info
CVSS Score:
CVSSv3 Score: 3.9
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10966
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485270
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Codecs
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11304
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485271
Bugzilla Description: chromium-browser: Use after free in PDFium
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11278
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485272
Bugzilla Description: chromium-browser: Inappropriate implementation in CustomTabs
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10912
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485273
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Extensions
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11169
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485274
Bugzilla Description: chromium-browser: Inappropriate implementation in XML
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-91
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11123
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485275
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11047
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485276
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Base
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10973
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485277
Bugzilla Description: chromium-browser: Uninitialized Use in Dawn
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11296
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485278
Bugzilla Description: chromium-browser: Inappropriate implementation in ImageCapture
CVSS Score:
Vector:
CWE: CWE-648
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10923
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485279
Bugzilla Description: chromium-browser: Use after free in WebAppInstalls
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11018
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485280
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Actor
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10970
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485281
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in InterestGroups
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11103
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485282
Bugzilla Description: chromium-browser: Inappropriate implementation in Installer
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11282
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485283
Bugzilla Description: chromium-browser: Policy bypass in Sandbox
CVSS Score:
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11303
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485284
Bugzilla Description: chromium-browser: Use after free in PDFium
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10902
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485285
Bugzilla Description: chromium-browser: Use after free in Ozone
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11154
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485286
Bugzilla Description: chromium-browser: Use after free in Dawn
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11295
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485287
Bugzilla Description: chromium-browser: Inappropriate implementation in WebView
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10920
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485288
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in WebShare
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10925
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485289
Bugzilla Description: chromium-browser: Out of bounds write in Skia
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11203
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485290
Bugzilla Description: chromium-browser: Policy bypass in GPU
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10916
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485291
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in DevTools
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11109
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485292
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11269
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485293
Bugzilla Description: chromium-browser: Inappropriate implementation in Extensions
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10906
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485294
Bugzilla Description: chromium-browser: Use after free in WebAuthentication
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11029
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485295
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Drag and Drop
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10938
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485296
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Input
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11095
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485297
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Codecs
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11246
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485298
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in IndexedDB
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10914
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485299
Bugzilla Description: chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11138
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485300
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10905
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485301
Bugzilla Description: chromium-browser: Use after free in Network
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10888
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485302
Bugzilla Description: chromium-browser: Use after free in Cast Streaming
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11051
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485303
Bugzilla Description: chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11132
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485304
Bugzilla Description: chromium-browser: Policy bypass in Paint
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11163
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485305
Bugzilla Description: chromium-browser: Use after free in Messages
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11061
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485306
Bugzilla Description: chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11012
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485307
Bugzilla Description: chromium-browser: Use after free in Serial
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10964
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485308
Bugzilla Description: chromium-browser: Integer overflow in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11064
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485309
Bugzilla Description: chromium-browser: Uninitialized Use in GPU
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11219
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485310
Bugzilla Description: chromium-browser: Insufficient data validation in Navigation
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-551
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11225
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485311
Bugzilla Description: chromium-browser: Incorrect security UI in WebUI
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11293
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485312
Bugzilla Description: chromium-browser: Use after free in Input
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11292
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485313
Bugzilla Description: chromium-browser: Policy bypass in Blink
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10982
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485314
Bugzilla Description: chromium-browser: Use after free in WebXR
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11149
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485315
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Extensions
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10927
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485316
Bugzilla Description: chromium-browser: Out of bounds read in Dawn
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11241
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485317
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Cast
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10962
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485318
Bugzilla Description: chromium-browser: Type Confusion in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10979
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485319
Bugzilla Description: chromium-browser: Out of bounds read in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11216
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485320
Bugzilla Description: chromium-browser: Incorrect security UI in File Input
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11094
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485321
Bugzilla Description: chromium-browser: Use after free in Codecs
CVSS Score:
CVSSv3 Score: 7.9
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11137
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485322
Bugzilla Description: chromium-browser: Uninitialized Use in ANGLE
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11252
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485323
Bugzilla Description: chromium-browser: Policy bypass in Content Settings
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11079
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485324
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Codecs
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-1285
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11031
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485325
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Password Manager
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11058
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485326
Bugzilla Description: chromium-browser: Integer overflow in CredentialProvider
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11230
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485327
Bugzilla Description: chromium-browser: Use after free in Extensions
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11224
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485328
Bugzilla Description: chromium-browser: Use after free in Chromoting
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11213
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485329
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Reading Mode
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11071
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485330
Bugzilla Description: chromium-browser: Use after free in Base
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11139
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485331
Bugzilla Description: chromium-browser: Policy bypass in Paint
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11115
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485332
Bugzilla Description: chromium-browser: Use after free in Updater
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11257
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485333
Bugzilla Description: chromium-browser: Inappropriate implementation in Browser
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-1220
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11042
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485334
Bugzilla Description: chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11208
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485335
Bugzilla Description: chromium-browser: Use after free in Codecs
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11198
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485336
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Codecs
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11195
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485337
Bugzilla Description: chromium-browser: Inappropriate implementation in MHTML
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11068
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485338
Bugzilla Description: chromium-browser: Use after free in WebSockets
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11168
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485339
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Extensions
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-497
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11193
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485340
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Password Manager
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11249
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485341
Bugzilla Description: chromium-browser: Use after free in Network
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11066
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485342
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in ANGLE
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10947
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485343
Bugzilla Description: chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11045
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485344
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in GPU
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11015
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485345
Bugzilla Description: chromium-browser: Out of bounds read in WebGPU
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11155
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485346
Bugzilla Description: chromium-browser: Insufficient policy enforcement in CSS
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11063
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485347
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in WebNN
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11236
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485348
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Web Bluetooth
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11052
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485349
Bugzilla Description: chromium-browser: Type Confusion in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11161
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485350
Bugzilla Description: chromium-browser: Insufficient data validation in DataTransfer
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11146
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485351
Bugzilla Description: chromium-browser: Insufficient validation of untrusted input in Chromoting
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-349
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10941
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485352
Bugzilla Description: chromium-browser: Out of bounds memory access in Skia
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-50256
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485380
Bugzilla Description: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-50257
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485382
Bugzilla Description: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-50258
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485383
Bugzilla Description: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-50259
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485384
Bugzilla Description: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-50260
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485385
Bugzilla Description: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-50261
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485386
Bugzilla Description: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-50262
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485387
Bugzilla Description: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-50263
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485388
Bugzilla Description: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-50264
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485389
Bugzilla Description: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10885
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485628
Bugzilla Description: chromium-browser: chromium-browser: Use after free in Chrome for iOS
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10896
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485629
Bugzilla Description: chromium-browser: chromium-browser: Use after free in Chrome for iOS
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10915
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485630
Bugzilla Description: chromium-browser: chromium-browser: Use after free in Core
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10944
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485631
Bugzilla Description: chromium-browser: chromium-browser: Insufficient policy enforcement in Autofill
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10950
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485632
Bugzilla Description: chromium-browser: chromium-browser: Insufficient policy enforcement in Autofill
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10951
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485633
Bugzilla Description: chromium-browser: chromium-browser: Use after free in Autofill
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10952
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485634
Bugzilla Description: chromium-browser: chromium-browser: Use after free in Chrome for iOS
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10958
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485635
Bugzilla Description: chromium-browser: chromium-browser: Use after free in Chrome for iOS
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-10961
Severity: important
Released on: 02/06/2026
Advisory:
Bugzilla: 2485636
Bugzilla Description: chromium-browser: chromium-browser: Use after free in Chrome for iOS
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11053
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485637
Bugzilla Description: chromium-browser: chromium-browser: VULNERABILITY in WebRTC
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11099
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485638
Bugzilla Description: chromium-browser: chromium-browser: Vulnerability in Skia
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11165
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485639
Bugzilla Description: chromium-browser: chromium-browser: Use after free in WebMIDI
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11202
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485640
Bugzilla Description: chromium-browser: chromium-browser: Insufficient validation of untrusted input in Chrome for iOS
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11204
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485641
Bugzilla Description: chromium-browser: chromium-browser: Inappropriate implementation in Signin
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11205
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485642
Bugzilla Description: chromium-browser: chromium-browser: Insufficient validation of untrusted input in Chrome for iOS
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11214
Severity: moderate
Released on: 02/06/2026
Advisory:
Bugzilla: 2485643
Bugzilla Description: chromium-browser: chromium-browser: Inappropriate implementation in Chrome for iOS
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11272
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485645
Bugzilla Description: chromium-browser: chromium-browser: Insufficient validation of untrusted input in Reading List
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11274
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485646
Bugzilla Description: chromium-browser: chromium-browser: Inappropriate implementation in DOM Distiller
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11277
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485647
Bugzilla Description: chromium-browser: chromium-browser: Insufficient policy enforcement in Chrome for iOS
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11280
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485648
Bugzilla Description: chromium-browser: chromium-browser: Insufficient validation of untrusted input in Signin
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11285
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485649
Bugzilla Description: chromium-browser: chromium-browser: Insufficient policy enforcement in Chrome for iOS
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11298
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485650
Bugzilla Description: chromium-browser: chromium-browser: Insufficient policy enforcement in Chrome for iOS
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-11302
Severity: low
Released on: 02/06/2026
Advisory:
Bugzilla: 2485651
Bugzilla Description: chromium-browser: chromium-browser: Insufficient policy enforcement in Chrome for iOS
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2024-52011
Severity: important
Released on: 01/06/2026
Advisory:
Bugzilla: 2483853
Bugzilla Description: launch-editor: vite: launch-editor: Arbitrary command execution via insufficient file argument sanitization
CVSS Score:
CVSSv3 Score: 8.3
Vector:
CWE: CWE-88
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Migration Toolkit for Containers,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat AMQ Broker 7,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat Build of Keycloak,Red Hat Build of Podman Desktop,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-43958
Severity: moderate
Released on: 01/06/2026
Advisory:
Bugzilla: 2460932
Bugzilla Description: rrdtool: rrdtool: Stack buffer overflow allows local code execution or denial of service
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10118
Severity: important
Released on: 01/06/2026
Advisory: RHSA-2026:24985, RHSA-2026:25058, RHSA-2026:24984,
Bugzilla: 2460428
Bugzilla Description: poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-190
Affected Packages: poppler-0:24.02.0-7.el10_2.2,poppler-0:20.11.0-14.el8_10,poppler-0:21.01.0-24.el9_8.1,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-48827
Severity: moderate
Released on: 01/06/2026
Advisory:
Bugzilla: 2483783
Bugzilla Description: org.apache.sshd/sshd-git: Apache MINA SSHD: Path Traversal Vulnerability Allows Access to Unauthorized Git Repositories
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Data Grid 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-10233
Severity: low
Released on: 01/06/2026
Advisory:
Bugzilla: 2486786
Bugzilla Description: assimp: Assimp: Out-of-bounds read in Half-Life 1 MDL Loader allows information disclosure
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10232
Severity: moderate
Released on: 01/06/2026
Advisory:
Bugzilla: 2486783
Bugzilla Description: assimp: Assimp: Use-after-free vulnerability allows local impact
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10231
Severity: moderate
Released on: 01/06/2026
Advisory:
Bugzilla: 2486304
Bugzilla Description: assimp: Assimp: Local heap-based buffer overflow allows denial of service or arbitrary code execution
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10230
Severity: moderate
Released on: 01/06/2026
Advisory:
Bugzilla: 2483759
Bugzilla Description: assimp: Assimp: Local heap-based buffer overflow in Half-Life 1 MDL Loader
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10229
Severity: moderate
Released on: 01/06/2026
Advisory:
Bugzilla: 2486785
Bugzilla Description: assimp: Assimp: Heap-based buffer overflow in Half-Life 1 MDL Loader
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10201
Severity: moderate
Released on: 31/05/2026
Advisory:
Bugzilla: 2483758
Bugzilla Description: assimp: Assimp: Denial of Service via divide-by-zero in FBXExporter
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10200
Severity: moderate
Released on: 31/05/2026
Advisory:
Bugzilla: 2483757
Bugzilla Description: assimp: Assimp: Heap-based buffer overflow in glTFCommon::CopyValue function
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10199
Severity: moderate
Released on: 31/05/2026
Advisory:
Bugzilla: 2483753
Bugzilla Description: assimp: Assimp: Denial of Service via null pointer dereference in glTF2::LazyDict
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10198
Severity: moderate
Released on: 31/05/2026
Advisory:
Bugzilla: 2483754
Bugzilla Description: assimp: Assimp: Denial of Service via null pointer dereference in glTFImporter
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10197
Severity: moderate
Released on: 31/05/2026
Advisory:
Bugzilla: 2483755
Bugzilla Description: assimp: Assimp: Denial of Service via null pointer dereference in glTF2Importer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46242
Severity: moderate
Released on: 30/05/2026
Advisory:
Bugzilla: 2483519
Bugzilla Description: kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46385
Severity: important
Released on: 29/05/2026
Advisory:
Bugzilla: 2483475
Bugzilla Description: github.com/hamba/avro/v2: github.com/linkedin/goavro/v2: CPU Exhaustion in Avro Decoder via Unbounded Block-Count Iteration
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Cryostat 4,Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-46384
Severity: important
Released on: 29/05/2026
Advisory:
Bugzilla: 2483482
Bugzilla Description: github.com/hamba/avro/v2: github.com/linkedin/goavro/v2: Integer Overflow in Avro Decoder
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Cryostat 4,Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document

CVE-2026-46344
Severity: moderate
Released on: 29/05/2026
Advisory:
Bugzilla: 2483418
Bugzilla Description: liboqs: liboqs: Denial of Service due to out-of-bounds read in XMSS/XMSS^MT signature verification
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document

CVE-2026-44518
Severity: moderate
Released on: 29/05/2026
Advisory:
Bugzilla: 2483392
Bugzilla Description: liboqs: liboqs: Denial of Service due to out-of-bounds read in XMSS/XMSS^MT signature verification
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,
Full Details
CVE document

CVE-2026-41150
Severity: moderate
Released on: 29/05/2026
Advisory:
Bugzilla: 2483296
Bugzilla Description: mermaid: Mermaid: Denial of Service via specially crafted gantt charts
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Build of Podman Desktop,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2026-10101
Severity: moderate
Released on: 29/05/2026
Advisory:
Bugzilla: 2483298
Bugzilla Description: assisted-service: assisted-service: InfraEnv status leaks referenced pull-secret contents to namespace view users
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-201
Affected Packages:
Package States: Multicluster Engine for Kubernetes,
Full Details
CVE document

CVE-2026-10028
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2465152
Bugzilla Description: glib-networking: Infinite loop in glib-networking GnuTLS backend allows remote denial of service via circular certificate chain
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-45292
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482785
Bugzilla Description: opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Exploit Intelligence,Exploit Intelligence,Migration Toolkit for Applications 8,Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Serverless,OpenShift Serverless,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Data Grid 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Quay 3,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-44477
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482763
Bugzilla Description: github.com/cloudnative-pg/cloudnative-pg: CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-250
Affected Packages:
Package States: Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,
Full Details
CVE document

CVE-2026-48525
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482752
Bugzilla Description: python-pyjwt: PyJWT: Denial of Service via processing of crafted detached JWS tokens
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: Migration Toolkit for Applications 8,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document

CVE-2026-48523
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482743
Bugzilla Description: python-pyjwt: PyJWT: Verifier-side algorithm bypass leads to unauthorized information access
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-347
Affected Packages:
Package States: Migration Toolkit for Applications 8,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document

CVE-2026-48526
Severity: important
Released on: 28/05/2026
Advisory: RHSA-2026:25928, RHSA-2026:25902,
Bugzilla: 2482734
Bugzilla Description: python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-347
Affected Packages: fence-agents-0:4.16.0-21.el10_2.2,ansible-automation-platform-27/ee-supported-rhel9:1781118924,ansible-automation-platform-27/hub-rhel9:1781102816,ansible-automation-platform-27/lightspeed-chatbot-rhel9:1781042555,ansible-automation-platform-27/lightspeed-rhel9:1781025813,ansible-automation-platform-27/mcp-tools-rhel9:1781030318,
Package States: Migration Toolkit for Applications 8,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document

CVE-2026-48524
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482733
Bugzilla Description: python-pyjwt: PyJWT: Denial of Service via unverified JSON Web Token key IDs
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-770
Affected Packages:
Package States: Migration Toolkit for Applications 8,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document

CVE-2026-48522
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482753
Bugzilla Description: python-pyjwt: PyJWT: Server-Side Request Forgery (SSRF) via uncontrolled URL fetching in PyJWKClient
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-918
Affected Packages:
Package States: Migration Toolkit for Applications 8,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document

CVE-2026-48155
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482748
Bugzilla Description: pypdf: pypdf: Denial of Service via crafted PDF with large character offsets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Exploit Intelligence,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document

CVE-2026-48156
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482739
Bugzilla Description: pypdf: pypdf: Denial of Service via crafted PDF
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-606
Affected Packages:
Package States: Exploit Intelligence,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document

CVE-2026-48735
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482741
Bugzilla Description: pypdf: pypdf: Denial of Service via crafted PDF with large XMP metadata
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Exploit Intelligence,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document

CVE-2026-41565
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482740
Bugzilla Description: perl-CryptX: perl-CryptX: Stack buffer overflow allows arbitrary code execution via a crafted authentication tag.
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-42250
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482704
Bugzilla Description: bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-193
Affected Packages:
Package States: Confidential Compute Attestation,OpenShift Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Update Service,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Profile Analyzer,
Full Details
CVE document

CVE-2026-9804
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482487
Bugzilla Description: kubevirt: kubevirt: VMExport directory symlink escape enables exporter pod file read
CVSS Score:
CVSSv3 Score: 7.7
Vector:
CWE: CWE-59
Affected Packages:
Package States: Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,
Full Details
CVE document

CVE-2026-44604
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2460967
Bugzilla Description: rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-78
Affected Packages:
Package States: Pen Drive Powered by Red Hat Lightspeed,Red Hat build of Quarkus Native builder,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-9673
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482486
Bugzilla Description: json-2-csv: json-2-csv: CSV Injection vulnerability allows arbitrary code execution via `preventCsvInjection` bypass.
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-1236
Affected Packages:
Package States: Red Hat Developer Hub,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-9801
Severity: moderate
Released on: 28/05/2026
Advisory: RHSA-2026:25098, RHSA-2026:25097,
Bugzilla: 2482473
Bugzilla Description: keycloak: Keycloak: Denial of Service via malformed LDAP password policy response
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-1284
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.6.3-3,rhbk/keycloak-rhel9:26.6-6,rhbk/keycloak-rhel9-operator:26.6-6,
Package States:
Full Details
CVE document

CVE-2026-9802
Severity: moderate
Released on: 28/05/2026
Advisory: RHSA-2026:25098, RHSA-2026:25097,
Bugzilla: 2482467
Bugzilla Description: keycloak: Keycloak: Unauthorized account access via replayed refresh tokens after cluster restart
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-613
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.6.3-3,rhbk/keycloak-rhel9:26.6-6,rhbk/keycloak-rhel9-operator:26.6-6,
Package States:
Full Details
CVE document

CVE-2026-9803
Severity: moderate
Released on: 28/05/2026
Advisory: RHSA-2026:25098, RHSA-2026:25097,
Bugzilla: 2482465
Bugzilla Description: keycloak: Keycloak: Denial of Service via malformed Authorization header
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-125
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.6.3-3,rhbk/keycloak-rhel9:26.6-6,rhbk/keycloak-rhel9-operator:26.6-6,
Package States:
Full Details
CVE document

CVE-2026-9798
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482470
Bugzilla Description: keycloak: Keycloak: Brute-force protection bypass in CIBA flow
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-305
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document

CVE-2026-9796
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482464
Bugzilla Description: keycloak: Keycloak: Privilege escalation via Time-of-Check to Time-of-Use (TOCTOU) vulnerability
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document

CVE-2026-9795
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482462
Bugzilla Description: keycloak: Keycloak: Privilege escalation via improper scope mapping enforcement
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document

CVE-2026-9794
Severity: moderate
Released on: 28/05/2026
Advisory: RHSA-2026:25098, RHSA-2026:25097,
Bugzilla: 2482461
Bugzilla Description: keycloak: Keycloak: Information disclosure via SAML ECP endpoint
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-209
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.6.3-3,rhbk/keycloak-rhel9:26.6-6,rhbk/keycloak-rhel9-operator:26.6-6,
Package States:
Full Details
CVE document

CVE-2026-9793
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482460
Bugzilla Description: keycloak: Keycloak: Security policy bypass in JWE-encrypted request object processing
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-347
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document

CVE-2026-9792
Severity: moderate
Released on: 28/05/2026
Advisory: RHSA-2026:25098, RHSA-2026:25097,
Bugzilla: 2482459
Bugzilla Description: keycloak: Keycloak: Security restriction bypass allows unauthorized ROPC token acquisition
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-280
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.6.3-3,rhbk/keycloak-rhel9:26.6-6,rhbk/keycloak-rhel9-operator:26.6-6,
Package States:
Full Details
CVE document

CVE-2026-9791
Severity: moderate
Released on: 28/05/2026
Advisory: RHSA-2026:25098, RHSA-2026:25097,
Bugzilla: 2482458
Bugzilla Description: keycloak-rhel9: Organization Data Leak After Feature Disabled in Keycloak
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-863
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.6.3-3,rhbk/keycloak-rhel9:26.6-6,rhbk/keycloak-rhel9-operator:26.6-6,
Package States:
Full Details
CVE document

CVE-2026-46190
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482519
Bugzilla Description: kernel: mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-788
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46154
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482520
Bugzilla Description: kernel: sched_ext: Read scx_root under scx_cgroup_ops_rwsem in cgroup setters
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46187
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482521
Bugzilla Description: kernel: wifi: rsi: fix kthread lifetime race between self-exit and external-stop
CVSS Score:
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46157
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482522
Bugzilla Description: kernel: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46116
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482523
Bugzilla Description: kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46148
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482524
Bugzilla Description: kernel: spi: microchip-core-qspi: control built-in cs manually
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46193
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482525
Bugzilla Description: kernel: xfrm: ah: account for ESN high bits in async callbacks
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46146
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482526
Bugzilla Description: kernel: ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46159
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482527
Bugzilla Description: kernel: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46207
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482528
Bugzilla Description: kernel: vsock/virtio: fix empty payload in tap skb for non-linear buffers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46118
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482529
Bugzilla Description: kernel: pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46206
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482530
Bugzilla Description: kernel: batman-adv: reject new tp_meter sessions during teardown
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46111
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482531
Bugzilla Description: kernel: Bluetooth: hci_conn: fix potential UAF in create_big_sync
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46181
Severity: important
Released on: 28/05/2026
Advisory: RHSA-2026:25120, RHSA-2026:25121, RHSA-2026:25217,
Bugzilla: 2482532
Bugzilla Description: kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-366
Affected Packages: kernel-rt-0:4.18.0-553.132.1.rt7.473.el8_10,kernel-0:4.18.0-553.132.1.el8_10,kernel-0:5.14.0-687.15.1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46230
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482533
Bugzilla Description: kernel: drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46201
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482534
Bugzilla Description: kernel: drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46121
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482535
Bugzilla Description: kernel: mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46132
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482536
Bugzilla Description: kernel: net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46104
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482537
Bugzilla Description: kernel: selinux: use sk blob accessor in socket permission helpers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1083
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46232
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482538
Bugzilla Description: kernel: HID: playstation: Clamp num_touch_reports
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46177
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482539
Bugzilla Description: kernel: ipmi: Add limits to event and receive message requests
CVSS Score:
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46143
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482540
Bugzilla Description: kernel: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46115
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482541
Bugzilla Description: kernel: block: add pgmap check to biovec_phys_mergeable
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46170
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482542
Bugzilla Description: kernel: mptcp: pm: ADD_ADDR rtx: free sk if last
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46204
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482543
Bugzilla Description: kernel: drm/amdgpu/vcn4: Prevent OOB reads when parsing IB
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46205
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482544
Bugzilla Description: kernel: staging: media: atomisp: Disallow all private IOCTLs
CVSS Score:
Vector:
CWE: CWE-267
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46237
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482545
Bugzilla Description: kernel: drm/amdgpu/vcn3: Avoid overflow on msg bound check
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46106
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482546
Bugzilla Description: kernel: eventfs: Hold eventfs_mutex and SRCU when remount walks events
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46162
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482547
Bugzilla Description: kernel: ice: fix double free in ice_sf_eth_activate() error path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46216
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482548
Bugzilla Description: kernel: drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46174
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482549
Bugzilla Description: kernel: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-653
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46133
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482550
Bugzilla Description: kernel: RDMA/rxe: Reject unknown opcodes before ICRC processing
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46165
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482551
Bugzilla Description: kernel: openvswitch: vport: fix self-deadlock on release of tunnel ports
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46224
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482552
Bugzilla Description: kernel: drm/xe: Fix bo leak in xe_dma_buf_init_obj() on allocation failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46194
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482553
Bugzilla Description: kernel: f2fs: fix node_cnt race between extent node destroy and writeback
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46123
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482554
Bugzilla Description: kernel: Bluetooth: virtio_bt: clamp rx length before skb_put
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46131
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482555
Bugzilla Description: kernel: KVM: x86: check for nEPT/nNPT in slow flush hypercalls
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46188
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482557
Bugzilla Description: kernel: octeon_ep_vf: add NULL check for napi_build_skb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46185
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482558
Bugzilla Description: kernel: smb/client: fix out-of-bounds read in symlink_data()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46197
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482559
Bugzilla Description: kernel: drm/amdkfd: validate SVM ioctl nattr against buffer size
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46184
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482560
Bugzilla Description: kernel: sound: ua101: fix division by zero at probe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46233
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482561
Bugzilla Description: kernel: batman-adv: bla: only purge non-released claims
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46231
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482562
Bugzilla Description: kernel: batman-adv: bla: put backbone reference on failed claim hash insert
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46152
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482563
Bugzilla Description: kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1058
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46227
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482564
Bugzilla Description: kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46239
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482565
Bugzilla Description: kernel: media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46149
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482566
Bugzilla Description: kernel: scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46218
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482567
Bugzilla Description: kernel: drm/amdgpu: Add bounds checking to ib_{get,set}_value
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46139
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482568
Bugzilla Description: kernel: smb: client: use kzalloc to zero-initialize security descriptor buffer
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46153
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482569
Bugzilla Description: kernel: 8021q: delete cleared egress QoS mappings
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46222
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482570
Bugzilla Description: kernel: media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads
CVSS Score:
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46168
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482571
Bugzilla Description: kernel: mptcp: fix scheduling with atomic in timestamp sockopt
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46142
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482572
Bugzilla Description: kernel: net: libwx: fix VF illegal register access
CVSS Score:
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46236
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482573
Bugzilla Description: kernel: media: rc: xbox_remote: heed DMA restrictions
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46171
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482574
Bugzilla Description: kernel: riscv: kvm: fix vector context allocation leak
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46221
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482575
Bugzilla Description: kernel: EDAC/versalnet: Fix device name memory leak
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46117
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482576
Bugzilla Description: kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46240
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482577
Bugzilla Description: kernel: media: iris: Fix use-after-free in iris_release_internal_buffers()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46182
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482578
Bugzilla Description: kernel: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46151
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482579
Bugzilla Description: kernel: usb: usblp: fix heap leak in IEEE 1284 device ID via short response
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46112
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482580
Bugzilla Description: kernel: RDMA/hns: Fix unlocked call to hns_roce_qp_remove()
CVSS Score:
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46145
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482581
Bugzilla Description: kernel: RDMA/mana: Validate rx_hash_key_len
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46127
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482582
Bugzilla Description: kernel: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46175
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482583
Bugzilla Description: kernel: f2fs: fix fsck inconsistency caused by FGGC of node block
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46235
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482584
Bugzilla Description: kernel: media: saa7164: add ioremap return checks and cleanups
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46208
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482585
Bugzilla Description: kernel: batman-adv: stop tp_meter sessions during mesh teardown
CVSS Score:
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46178
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482586
Bugzilla Description: kernel: RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46113
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482587
Bugzilla Description: kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46189
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482588
Bugzilla Description: kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46213
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482589
Bugzilla Description: kernel: HID: appletb-kbd: fix UAF in inactivity-timer cleanup path
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46196
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482590
Bugzilla Description: kernel: tracepoint: balance regfunc() on func_add() failure in tracepoint_add_func()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46200
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482591
Bugzilla Description: kernel: spi: mpc52xx: fix controller deregistration
CVSS Score:
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46140
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482592
Bugzilla Description: kernel: Bluetooth: btmtk: validate WMT event SKB length before struct access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46241
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482593
Bugzilla Description: kernel: spi: mpc52xx: fix use-after-free on registration failure
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46176
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482594
Bugzilla Description: kernel: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46169
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482595
Bugzilla Description: kernel: hfsplus: fix uninit-value by validating catalog record size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46110
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482596
Bugzilla Description: kernel: net: stmmac: Prevent NULL deref when RX memory exhausted
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46202
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482597
Bugzilla Description: kernel: HID: appletb-kbd: run inactivity autodim from workqueues
CVSS Score:
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46210
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482599
Bugzilla Description: kernel: media: iris: fix use-after-free of fmt_src during MBPF check
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46137
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482600
Bugzilla Description: kernel: mptcp: pm: ADD_ADDR rtx: fix potential data-race
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46192
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482601
Bugzilla Description: kernel: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46183
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482602
Bugzilla Description: kernel: mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock
CVSS Score:
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46228
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482603
Bugzilla Description: kernel: spi: ch341: fix devres lifetime
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46219
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482605
Bugzilla Description: kernel: spi: mpc52xx: fix use-after-free on unbind
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46195
Severity: important
Released on: 28/05/2026
Advisory: RHSA-2026:21745, RHSA-2026:21706, RHSA-2026:21556,
Bugzilla: 2482606
Bugzilla Description: kernel: smb: client: validate dacloffset before building DACL pointers
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-787
Affected Packages: kernel-0:4.18.0-553.126.1.el8_10,kernel-rt-0:4.18.0-553.126.1.rt7.467.el8_10,kernel-0:5.14.0-687.12.1.el9_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46220
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482607
Bugzilla Description: kernel: drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46125
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482608
Bugzilla Description: kernel: wifi: mac80211: remove station if connection prep fails
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46134
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482609
Bugzilla Description: kernel: platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46161
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482610
Bugzilla Description: kernel: md/raid10: fix divide-by-zero in setup_geo() with zero far_copies
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46105
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482611
Bugzilla Description: kernel: scsi: mpt3sas: Limit NVMe request size to 2 MiB
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46150
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482612
Bugzilla Description: kernel: fanotify: fix false positive on permission events
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-280
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46203
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482613
Bugzilla Description: kernel: spi: cadence-quadspi: fix unclocked access on unbind
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46120
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482614
Bugzilla Description: kernel: ip6_gre: Use cached t->net in ip6erspan_changelink()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46215
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482615
Bugzilla Description: kernel: drm: Set old handle to NULL before prime swap in change_handle
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46180
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482616
Bugzilla Description: kernel: wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46167
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482617
Bugzilla Description: kernel: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46114
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482618
Bugzilla Description: kernel: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46126
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482619
Bugzilla Description: kernel: RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46147
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482620
Bugzilla Description: kernel: KVM: arm64: Fix pin leak and publication ordering in __pkvm_init_vcpu()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46119
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482621
Bugzilla Description: kernel: libceph: Fix slab-out-of-bounds access in auth message processing
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46144
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482622
Bugzilla Description: kernel: RDMA/mana: Fix error unwind in mana_ib_create_qp_rss()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46238
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482623
Bugzilla Description: kernel: batman-adv: stop caching unowned originator pointers in BAT IV
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46136
Severity: low
Released on: 28/05/2026
Advisory:
Bugzilla: 2482624
Bugzilla Description: kernel: wifi: mt76: mt7921: fix a potential clc buffer length underflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-124
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46141
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482625
Bugzilla Description: kernel: powerpc/xive: fix kmemleak caused by incorrect chip_data lookup
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46198
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482626
Bugzilla Description: kernel: batman-adv: fix integer overflow on buff_pos
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46179
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482627
Bugzilla Description: kernel: ASoC: SOF: Don't allow pointer operations on unconfigured streams
CVSS Score:
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46223
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482628
Bugzilla Description: kernel: cgroup: Defer css percpu_ref kill on rmdir until cgroup is depopulated
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46109
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482629
Bugzilla Description: kernel: usb: ulpi: fix memory leak on ulpi_register() error paths
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46211
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482630
Bugzilla Description: kernel: drm/msm/gem: fix error handling in msm_ioctl_gem_info_get_metadata()
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46186
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482631
Bugzilla Description: kernel: Bluetooth: virtio_bt: validate rx pkt_type header length
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46212
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482632
Bugzilla Description: kernel: batman-adv: bla: prevent use-after-free when deleting claims
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46217
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482633
Bugzilla Description: kernel: drm/amdgpu/vcn4: Avoid overflow on msg bound check
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46173
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482634
Bugzilla Description: kernel: exit: prevent preemption of oopsing TASK_DEAD task
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46191
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482635
Bugzilla Description: kernel: fbcon: Avoid OOB font access if console rotation fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46209
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482636
Bugzilla Description: kernel: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46107
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482637
Bugzilla Description: kernel: dm-thin: fix metadata refcount underflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46156
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482638
Bugzilla Description: kernel: LoongArch: Fix potential ADE in loongson_gpu_fixup_dma_hang()
CVSS Score:
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46158
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482639
Bugzilla Description: kernel: mptcp: pm: ADD_ADDR rtx: always decrease sk refcount
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46234
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482640
Bugzilla Description: kernel: vsock: fix buffer size clamping order
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-179
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46163
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482641
Bugzilla Description: kernel: wifi: b43legacy: enforce bounds check on firmware key index in RX path
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46164
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482642
Bugzilla Description: kernel: btrfs: fix double free in create_space_info_sub_group() error path
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46229
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482643
Bugzilla Description: kernel: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46172
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482644
Bugzilla Description: kernel: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46166
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482645
Bugzilla Description: kernel: wifi: mac80211: use safe list iteration in radar detect work
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46124
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482646
Bugzilla Description: kernel: isofs: validate block number from NFS file handle in isofs_export_iget
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46160
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482647
Bugzilla Description: kernel: btrfs: fix missing last_unlink_trans update when removing a directory
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46122
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482648
Bugzilla Description: kernel: wifi: b43: enforce bounds check on firmware key index in b43_rx()
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46199
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482649
Bugzilla Description: kernel: drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46225
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482651
Bugzilla Description: kernel: spi: rspi: fix controller deregistration
CVSS Score:
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46214
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482652
Bugzilla Description: kernel: vsock/virtio: fix accept queue count leak on transport mismatch
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46135
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482654
Bugzilla Description: kernel: nvmet-tcp: fix race between ICReq handling and queue teardown
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46129
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482655
Bugzilla Description: kernel: btrfs: fix double free in create_space_info() error path
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46138
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482656
Bugzilla Description: kernel: Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46226
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482657
Bugzilla Description: kernel: spi: fsl: fix controller deregistration
CVSS Score:
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46128
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482659
Bugzilla Description: kernel: ipmi: Check event message buffer response for bad data
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46155
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482660
Bugzilla Description: kernel: smb/client: fix out-of-bounds read in smb2_compound_op()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46108
Severity:
Released on: 28/05/2026
Advisory:
Bugzilla: 2482661
Bugzilla Description: kernel: ipmi:si: Return state to normal if message allocation fails
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-46130
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482662
Bugzilla Description: kernel: dm-verity-fec: fix reading parity bytes split across blocks (take 3)
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-42998
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482825
Bugzilla Description: openstack-keystone: OpenStack Keystone: User impersonation and unauthorized access via insufficient application credential verification.
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-303
Affected Packages:
Package States: Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2026-43000
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482826
Bugzilla Description: keystone: OpenStack Keystone: Privilege escalation via chained application credential impersonation and trust misuse
CVSS Score:
CVSSv3 Score: 8.4
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2026-42999
Severity: important
Released on: 28/05/2026
Advisory:
Bugzilla: 2482840
Bugzilla Description: openstack-keystone: OpenStack Keystone: Unauthorized access and privilege escalation via arbitrary policy attribute injection
CVSS Score:
CVSSv3 Score: 8.3
Vector:
CWE: CWE-639
Affected Packages:
Package States: Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2026-44394
Severity: moderate
Released on: 28/05/2026
Advisory:
Bugzilla: 2482842
Bugzilla Description: openstack-keystone: OpenStack Keystone: Federated token rescoping allows indefinite access
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-613
Affected Packages:
Package States: Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2026-44660
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482406
Bugzilla Description: python-ujson: UltraJSON: Memory leak leading to Denial of Service
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Exploit Intelligence,Migration Toolkit for Applications 8,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-44724
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482416
Bugzilla Description: systeminformation: systeminformation: Command injection via NetworkManager connection profile name
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-78
Affected Packages:
Package States: Cryostat 4,Multicluster Engine for Kubernetes,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Developer Hub,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-9759
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2482358
Bugzilla Description: wireshark: NULL Pointer Dereference in Wireshark
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-8643
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2460927
Bugzilla Description: python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-22
Affected Packages:
Package States: Exploit Intelligence,Migration Toolkit for Applications 8,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 3,Pen Drive Powered by Red Hat Lightspeed,Pen Drive Powered by Red Hat Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,
Full Details
CVE document

CVE-2026-9704
Severity: moderate
Released on: 27/05/2026
Advisory: RHSA-2026:25098, RHSA-2026:25097,
Bugzilla: 2481877
Bugzilla Description: keycloak: Keycloak: Privilege escalation due to oversized subject_token JWT
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-1284
Affected Packages: rhbk/keycloak-rhel9,rhbk/keycloak-operator-bundle:26.6.3-3,rhbk/keycloak-rhel9:26.6-6,rhbk/keycloak-rhel9-operator:26.6-6,
Package States:
Full Details
CVE document

CVE-2026-42789
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2482093
Bugzilla Description: erlang: Erlang OTP public_key: Certificate chain forgery via improper trust chain validation
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-295
Affected Packages:
Package States: Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2026-1933
Severity: important
Released on: 27/05/2026
Advisory: RHSA-2026:25979, RHSA-2026:22963, RHSA-2026:25049,
Bugzilla: 2447317
Bugzilla Description: samba: Missing access check on reparse point operations
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-284
Affected Packages: samba-0:4.23.5-109.el10_2,samba-0:4.21.3-14.el9_6.1,samba-0:4.23.5-10.el9_8,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-2340
Severity: moderate
Released on: 27/05/2026
Advisory: RHSA-2026:25979, RHSA-2026:22963, RHSA-2026:25049,
Bugzilla: 2447318
Bugzilla Description: samba: vfs_worm does not block directory modification
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-280
Affected Packages: samba-0:4.23.5-109.el10_2,samba-0:4.21.3-14.el9_6.1,samba-0:4.23.5-10.el9_8,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-9689
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481845
Bugzilla Description: keycloak: org.keycloak.protocol.oidc: HTTP Parameter Pollution in OIDC redirect URI allows response parameter duplication - #GHI-604
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document

CVE-2026-3012
Severity: important
Released on: 27/05/2026
Advisory: RHSA-2026:25979, RHSA-2026:22963, RHSA-2026:22644, RHSA-2026:25049,
Bugzilla: 2447319
Bugzilla Description: samba: group policy certificate enrollment uses http:// without validation
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-345
Affected Packages: samba-0:4.23.5-109.el10_2,samba-0:4.19.4-16.el8_10,samba-0:4.21.3-14.el9_6.1,samba-0:4.23.5-10.el9_8,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-8450
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481773
Bugzilla Description: perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in send_file()
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-48962
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla: 2481767
Bugzilla Description: perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-10007
Severity: important
Released on: 27/05/2026
Advisory:
Bugzilla:
Bugzilla Description:
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-45981
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla:
Bugzilla Description:
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-45840
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481862
Bugzilla Description: kernel: openvswitch: cap upcall PID array size and pre-size vport replies
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-45842
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481863
Bugzilla Description: kernel: slip: reject VJ receive packets on instances with no rstate array
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-45844
Severity: moderate
Released on: 27/05/2026
Advisory:
Bugzilla: 2481864
Bugzilla Description: kernel: netfilter: arp_tables: fix IEEE1394 ARP payload parsing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-45839
Severity:
Released on: 27/05/2026
Advisory:
Bugzilla: 2481865
Bugzilla Description: kernel: bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec()
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document