redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.2 security and extras update

Red Hat OpenShift Container Platform release 4.22.2 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a security impact of...

GHSA-HM92-R4W5-C3MJ vulnerabilities

Vulnerabilities for packages: code-server, pelias-api, kibana...

GHSA-VMH5-MC38-953G vulnerabilities

Vulnerabilities for packages: langfuse, pelias-api, code-server, langfuse-fips, kibana...

CVE-2026-9697 vulnerabilities

Vulnerabilities for packages: langfuse, pelias-api, code-server, langfuse-fips, kibana...

GHSA-PR7R-676H-XCF6 vulnerabilities

Vulnerabilities for packages: langfuse, pelias-api, code-server, langfuse-fips, kibana...

CVE-2026-9678 vulnerabilities

Vulnerabilities for packages: langfuse, pelias-api, code-server, langfuse-fips, kibana...

CVE-2026-6734 vulnerabilities

Vulnerabilities for packages: code-server, pelias-api, kibana...

GHSA-4XPC-PV4P-PM3W vulnerabilities

Vulnerabilities for packages: airflow...

GHSA-P88M-4JFJ-68FV vulnerabilities

Vulnerabilities for packages: prism, pelias-api, code-server, actions-runner, node-gyp, npm, kibana, haraka...

GHSA-G8M3-5G58-FQ7M vulnerabilities

Vulnerabilities for packages: prism, pelias-api, code-server, actions-runner, node-gyp, npm, kibana, haraka...

CVE-2026-11525 vulnerabilities

Vulnerabilities for packages: prism, pelias-api, code-server, actions-runner, node-gyp, npm, kibana, haraka...

CVE-2026-9679 vulnerabilities

Vulnerabilities for packages: prism, pelias-api, code-server, actions-runner, node-gyp, npm, kibana, haraka...

GHSA-35P6-XMWP-9G52 vulnerabilities

Vulnerabilities for packages: prism, pelias-api, code-server, actions-runner, node-gyp, npm, kibana, haraka...

CVE-2026-6733 vulnerabilities

Vulnerabilities for packages: prism, pelias-api, code-server, actions-runner, node-gyp, npm, kibana, haraka...

CVE-2026-12151 vulnerabilities

Vulnerabilities for packages: prism, pelias-api, code-server, actions-runner, node-gyp, npm, kibana, haraka...

GHSA-VXPW-J846-P89Q vulnerabilities

Vulnerabilities for packages: prism, pelias-api, code-server, actions-runner, node-gyp, npm, kibana, haraka...

CVE-2026-56410

A flaw was found in libexpat. Specifically, the xmlwf utility contains an integer overflow vulnerability in its resolveSystemId function. This flaw could be exploited by an attacker to potentially gain unauthorized access to sensitive information or execute arbitrary code, leading to a compromise...

CVE-2026-49261

A flaw was found in MariaDB server. When the wsrepnotifycmd feature is enabled, a remote attacker could exploit this vulnerability by embedding shell commands in the name of a joiner node. This could lead to arbitrary code execution on the server, allowing the attacker to take full control of the...

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...