rpm-software-management

Security Risk Profile

/100

high

Security Risk Score

Comprehensive risk assessment based on 3 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from November 30, 2023 to present

Total CVEs

Critical+High

Exploited

Unpatched

Threat Assessment

Avg CVSS

7.8

Base severity

Avg EPSS

Exploit probability

Unpatched

Critical/High

Risk Level

62/100

high

Severity Distribution

Critical

High

Medium

Low

Exploit Likelihood

>50% chance

20-50%

5-20%

<5%

Age Distribution

Common Weaknesses (CWE)

Command Injection

OS Command Injection

Input Validation

Code Injection

Most Affected Products

1. Fedoraproject Extra Packages For Enterprise Linux3

2. Fedoraproject Fedora2

3. Rpm-software-management RPM1

4. dnf5 dnf5daemon-server1

5. Rpm-software-management Dnf51

Recent Vulnerabilities

See more →

CVE-2026-44604

CVSS 7.0high

Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command

4/23/2026🔧 No Patch

CVE-2024-1930

CVSS 6.5medium

No Limit on Number of Open Sessions / Bad Session Close Behaviour

3/4/2024

CVE-2023-6395

CVSS 9.8EPSS 0%critical

Mock: privilege escalation for users that can access mock configuration

11/30/2023

Monitor rpm-software-management in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free Trial Book a Demo