Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how redhat compares to other vendors in security performance

View Risk Score →

Software

redhat enterprise linux
472
redhat enterprise linux desktop
311
redhat enterprise linux server
281
redhat enterprise linux workstation
272
redhat enterprise linux server aus
179
redhat enterprise linux server tus
152
redhat enterprise linux eus
147
redhat enterprise linux server eus
77
redhat linux
61
redhat satellite
54
redhat openshift container platform
51
redhat jboss enterprise application platform
45
redhat openstack
45
redhat linux advanced workstation
34
redhat fedora core
30
redhat enterprise linux for ibm z systems
25
redhat enterprise linux for power little endian
23
redhat enterprise mrg
22
redhat single sign-on
22
redhat keycloak
21
redhat software collections
20
redhat enterprise linux for ibm z systems eus
18
redhat enterprise linux for power little endian eus
18
redhat virtualization host
17
redhat enterprise linux hpc node
14
redhat openshift
14
redhat virtualization
14
redhat enterprise linux for arm 64
13
redhat build of keycloak
12
redhat enterprise linux for real time
12
redhat enterprise linux for real time for nfv
12
redhat enterprise linux hpc node eus
11
redhat enterprise linux server for power little endian update services for sap solutions
11
redhat ansible automation platform
10
redhat ansible tower
9
redhat storage
9
redhat undertow
9
redhat enterprise linux for arm 64 eus
8
redhat hardened images
8
redhat jboss fuse
8
redhat codeready linux builder
7
redhat data grid
7
redhat enterprise linux for power big endian
7
redhat enterprise linux for scientific computing
7
redhat jboss bpm suite
7
redhat libvirt
7
redhat ceph storage
6
redhat enterprise linux for real time for nfv tus
6
redhat enterprise linux for real time tus
6
redhat enterprise linux tus
6

maven/org.keycloak/keycloak-servicesOrg.keycloak.keycloak-services: improper access control on keycloak server when the account account api feature is disabled

Risk 25
Severity
5.4
EPSS
0.03%
First published (updated )
CVE-2026-7500

Red Hat OpenShift Container PlatformOpenshift-controller-manager: openshift container platform: information disclosure via environment variable injection

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2026-7309

redhat Multicluster Engine For KubernetesAssisted-service: assisted-service: authenticated users can gain administrative access to openshift clusters via credential disclosure

Risk 26
Severity
6.1
EPSS
0.01%
First published (updated )
CVE-2026-7163

redhat Enterprise LinuxNano: nano: format string vulnerability leads to denial of service

Risk 23
Severity
5.5
EPSS
0.02%
First published (updated )
CVE-2026-6843

redhat Enterprise LinuxBinutils: binutils: denial of service vulnerabilities in readelf via crafted elf files

Risk 23
Severity
5.5
EPSS
0.02%
First published (updated )
CVE-2026-6844
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat Enterprise LinuxBinutils: binutils: denial of service via crafted elf file

Risk 22
Severity
5
EPSS
0.01%
First published (updated )
CVE-2026-6845

redhat Enterprise LinuxGimp: gimp: denial of service via crafted pvr image file

Risk 31
Severity
5.5
First published (updated )
CVE-2026-40918

redhat Enterprise LinuxGimp: gimp: denial of service due to stack buffer overflow in tim image loader

Risk 31
Severity
5.5
First published (updated )
CVE-2026-40916

redhat Enterprise LinuxGimp: gimp: denial of service via specially crafted seattle filmworks file

Risk 41
Severity
6.1
First published (updated )
CVE-2026-40919

redhat Enterprise LinuxLibarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive

Risk 23
Severity
5.5
EPSS
0.02%
First published (updated )
CVE-2026-5745
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat Enterprise LinuxTar: tar: hidden file injection via crafted archives

Risk 24
Severity
5.5
EPSS
0.03%
First published (updated )
CVE-2026-5704

maven/org.keycloak:keycloak-servicesKeycloak: org.keycloak.protocol.oidc.grants.ciba: keycloak: information disclosure via cors header injection due to unvalidated jwt azp claim

Risk 27
Severity
5.3
First published (updated )
CVE-2026-37977

redhat Enterprise LinuxVirtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request

Risk 46
Severity
6.7
EPSS
0.01%
First published (updated )
CVE-2026-5164

Firewalld FirewalldFirewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

Risk 24
Severity
5.5
EPSS
0.02%
First published (updated )
CVE-2026-4948

redhat Enterprise LinuxPolkit: polkit: denial of service via unbounded input processing through standard input

Risk 24
Severity
5.5
EPSS
0.01%
First published (updated )
CVE-2026-4897
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

IBM Knowledge CatalogMultiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge

Risk 26
Severity
4.4
First published (updated )
CVE-2025-36187

redhat Enterprise LinuxBinutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library

Risk 30
Severity
6.1
EPSS
0.01%
First published (updated )
CVE-2026-4647

maven/org.keycloak.authorization/keycloakKeycloak: org.keycloak.authorization: keycloak: unauthorized resource modification due to improper access control

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2026-4628

redhat Enterprise LinuxLibarchive: libarchive: denial of service via malformed iso file processing

Risk 27
Severity
6.5
EPSS
0.12%
First published (updated )
CVE-2026-4426

Keycloak KeycloakKeycloak-services: blind server-side request forgery (ssrf) via http redirect handling in keycloak

Risk 21
Severity
5.8
EPSS
0.03%
First published (updated )
CVE-2026-4366
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat Build Of KeycloakKeycloak: keycloak: replay of action tokens via improper handling of single-use entries

Risk 23
Severity
5.3
EPSS
0.04%
First published (updated )
CVE-2026-4325

redhat Mirror Registry For Red Hat OpenshiftMirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration

Risk 39
Severity
5.5
First published (updated )
CVE-2026-32591

redhat Enterprise LinuxLibsoup: libsoup: http header injection and response splitting via crlf injection in content-type header

Risk 28
Severity
6.5
EPSS
0.03%
First published (updated )
CVE-2026-3634

redhat Enterprise LinuxLibsoup: libsoup: header and http request injection via crlf injection

Risk 28
Severity
6.5
EPSS
0.03%
First published (updated )
CVE-2026-3633

redhat Enterprise LinuxLibsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames

Risk 24
Severity
5.5
EPSS
0.10%
First published (updated )
CVE-2026-3632
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Keycloak KeycloakKeycloak: keycloak: information disclosure via improper role enforcement in uma 2.0 protection api

Risk 22
Severity
4.3
First published (updated )
CVE-2026-3190

util-linux util-linuxUtil-linux: util-linux: access control bypass due to improper hostname canonicalization

Risk 27
Severity
5.3
First published (updated )
CVE-2026-3184

redhat/backstage-orchestrator-pluginRhdh: graphql injection leading to platform-wide denial of service (dos) in rh developer hub orchestrator plugin

Risk 27
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2026-3118

redhat Enterprise LinuxLibsoup: libsoup: http request smuggling via duplicate content-length headers

Risk 27
Severity
5.3
First published (updated )
CVE-2026-2708

redhat Enterprise LinuxRust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification

Risk 32
Severity
5.5
First published (updated )
CVE-2026-2625
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203