Lucene search
K
RedhatcveRecent

206296 matches found

RedhatCVE
RedhatCVE
•added 2026/06/26 12:8 a.m.•4 views

CVE-2026-53043

A flaw was found in the Linux kernel's Oracle Cluster File System 2 OCFS2 Distributed Lock Manager DLM. A remote attacker could exploit this vulnerability by sending a specially crafted network message. Insufficient validation of the qrnumregions field in the dlmmatchregions function allows for...

9.1CVSS5.9AI score0.00521EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:4 a.m.•6 views

CVE-2026-53057

A flaw was found in the Linux kernel, specifically within the Input/Output Memory Management Unit IOMMU for RISC-V architectures. This vulnerability occurs because the system does not properly clear out old memory translation information, known as Translation Lookaside Buffer TLB and context cach...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:4 a.m.•5 views

CVE-2026-53046

A flaw was found in the Linux kernel's ksmbd component. This vulnerability, a use-after-free, occurs when the ksmbd component incorrectly handles asynchronous async cryptographic operations, specifically with hardware crypto engines like the Qualcomm Crypto Engine QCE. When the QCE returns an...

9.8CVSS5.8AI score0.00531EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:4 a.m.•6 views

CVE-2026-13322

A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine, which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the...

3.8CVSS5.8AI score0.00098EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/26 12:3 a.m.•7 views

CVE-2026-53088

A flaw was found in the Linux kernel's bcmgenet network driver. An off-by-one error in the bcmgenetputtxcb function, related to the writeptr handling for transmit control blocks txcb, could lead to incorrect cleanup of these blocks. This issue may result in system instability or unexpected behavi...

9.8CVSS5.8AI score0.00404EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:3 a.m.•7 views

CVE-2026-53087

A flaw was found in the Linux kernel's bcmgenet network driver. When the transmit tx queue is reclaimed, the driver incorrectly drops data frames without returning them to the pool of free buffer descriptors bds. This oversight results in a resource leak, which can lead to resource exhaustion and...

7.5CVSS6AI score0.00376EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:3 a.m.•5 views

CVE-2026-52996

A flaw was found in the ksmbd component of the Linux kernel. This vulnerability occurs when handling durable v2 open requests where a ClientGUID mismatch happens. An attacker can repeatedly send requests that trigger this mismatch, leading to a resource leak by preventing file descriptor referenc...

5.8AI score0.00188EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:56 p.m.•5 views

CVE-2026-53246

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A remote attacker could exploit this by sending a specially crafted COOKIEECHO chunk to a listening SCTP server. The server's failure to properly validate the length of a cached peer INIT chunk within...

9.8CVSS5.8AI score0.00481EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:54 p.m.•5 views

CVE-2026-53010

A flaw was found in the Linux kernel's ksmbd component. During a durable reconnect process in the smb2open function, a reference to a durable file descriptor is prematurely dropped. This can lead to a use-after-free vulnerability, potentially resulting in system instability or a denial of service...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:54 p.m.•6 views

CVE-2026-53224

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. Specifically, improper validation of embedded INIT chunk and address list lengths in SCTP cookies could allow a remote attacker to trigger out-of-bounds reads. This could lead to information disclosur...

9.1CVSS5.9AI score0.00547EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:54 p.m.•5 views

CVE-2026-53268

A flaw was found in the Linux kernel's netfilter conntrackirc module. This vulnerability allows for a possible out-of-bounds read. When parsing network traffic, if a command string is matched but subsequent parsing fails, the system does not properly exit, leading to the flaw. This could...

8.2CVSS5.7AI score0.00364EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:53 p.m.•6 views

CVE-2026-53208

A flaw was found in the Linux kernel's Bluetooth subsystem. A remote attacker within radio range, before pairing, can send specially crafted Bluetooth BR/EDR Basic Rate/Enhanced Data Rate signaling packets that exceed the maximum transmission unit MTU for signaling. This improper handling of...

7CVSS5.9AI score0.00176EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:53 p.m.•3 views

CVE-2026-53148

A flaw was found in the Linux kernel's Thunderbolt driver. A malicious peer can exploit this vulnerability by sending a specially crafted response that causes the system to write data beyond an allocated memory buffer. This out-of-bounds write can lead to memory corruption, which may allow an...

7CVSS6AI score0.0014EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:53 p.m.•5 views

CVE-2026-53187

A flaw was found in the Linux kernel's RDMA/core component. A local attacker could supply an invalid cpuid through the UVERBSATTRALLOCDMAHCPUID attribute without proper validation. This improper validation could lead to an out-of-bounds read of the cpumask bitmap. On systems configured with...

7.1CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:53 p.m.•5 views

CVE-2026-53219

A flaw was found in the Linux kernel's netfilter xtables component. This vulnerability allows for information disclosure due to improper handling of percpu counter pointers during the copying of rule entry headers to userspace. A local attacker could exploit this by causing a fault in a userspace...

5.5CVSS5.8AI score0.00184EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:53 p.m.•6 views

CVE-2025-15661

A flaw in libssh2's sftpsymlink function allows a malicious SSH server or man-in-the-middle attacker to trigger an out-of-bounds heap read via a crafted SSHFXPNAME response. This can disclose heap memory contents or crash the application, causing a denial of service DoS. Mitigation Implement stri...

8.3CVSS7.1AI score0.00267EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/25 11:53 p.m.•5 views

CVE-2026-53133

A flaw was found in the Linux kernel's RDMA/umem component. When the IOMMU Input/Output Memory Management Unit is used, a very large memory block can be split across multiple scatter-gather SG entries. During the reassembly of these split SG entries, an issue with truncation for block sizes great...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:52 p.m.•5 views

CVE-2026-53257

A flaw was found in the Linux kernel. An issue within the mac80211 Wi-Fi subsystem, specifically related to the enforcement of High Efficiency HE and Extremely High Throughput EHT capabilities and operations, could lead to a system crash. This vulnerability arises when HE/EHT capabilities are set...

5.5CVSS5.8AI score0.00151EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:52 p.m.•5 views

CVE-2026-53221

A flaw was found in the Linux kernel, specifically within the ip6vti component responsible for managing IPv6 tunnels. This vulnerability arises from an error in the vti6tnllookup function, which incorrectly matches network tunnels by failing to properly verify wildcard addresses during fallback...

9.8CVSS5.8AI score0.00559EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:43 p.m.•4 views

CVE-2026-54679

A flaw was found in jq, a command-line JSON processor. On 32-bit systems, a local attacker could exploit an integer overflow vulnerability in the jvpstringappend function. This could lead to a massive buffer overrun, resulting in a denial of service DoS condition. Mitigation Mitigation for this...

6.9CVSS5.8AI score0.00103EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:43 p.m.•4 views

CVE-2026-53131

A flaw was found in the Linux kernel's netfilter component. Certain netfilter modules, including ip6teui64 and xtmac, accessed Ethernet MAC header data without first verifying that an Ethernet device was associated with the network packet or that the MAC header was present and of sufficient lengt...

9.4CVSS5.9AI score0.00431EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:43 p.m.•4 views

CVE-2026-53156

A flaw was found in the Linux kernel's nvmem core. This vulnerability, a use-after-free, occurs in error handling paths where memory associated with an nvmem device is prematurely released while the system continues to access the freed memory. This can lead to memory corruption, potentially...

5.5CVSS6AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:43 p.m.•4 views

CVE-2026-47770

A flaw was found in jq, a command-line JSON processor. This vulnerability allows a local user or an attacker providing malicious input to cause a denial of service DoS by comparing two sufficiently deeply nested arrays using the '==' operator. This action exhausts the C stack due to uncontrolled...

6.8CVSS5.7AI score0.00111EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:42 p.m.•6 views

CVE-2026-53220

A flaw was found in the Linux kernel's netfilter component. A local attacker could exploit a NULL pointer dereference vulnerability in the ebtredirecttg function. This occurs when a bridge port is removed and a packet is reinjected into NFQUEUE, leading to a kernel panic and a Denial of Service D...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:42 p.m.•10 views

CVE-2026-45358

A flaw was found in ImageMagick, a free and open-source software for editing and manipulating digital images. A remote attacker could exploit an off-by-one error in the meta encoder to read a single byte outside of allocated memory. This out-of-bounds read could lead to the disclosure of sensitiv...

5.3CVSS5.7AI score0.0024EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:42 p.m.•6 views

CVE-2026-56367

A vulnerability in the ImageMagick image processing tool could allow an attacker to crash the application or access sensitive information by uploading a maliciously crafted Photoshop PSB file. Mitigation To reduce the risk, avoid processing untrusted PSB Photoshop Big files with ImageMagick...

9.1CVSS5.8AI score0.00236EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/25 11:42 p.m.•5 views

CVE-2026-53230

A flaw was found in the Linux kernel's mlx5 driver. The mlx5querynicvportmaclist function, which handles querying network interface card NIC virtual port vport MAC addresses, incorrectly sizes its internal buffer. When a Virtual Function VF vport is queried with a larger configured maximum, the...

8.7CVSS5.8AI score0.00131EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:42 p.m.•6 views

CVE-2026-53256

A flaw was found in the Linux kernel's Bluetooth RFCOMM Radio Frequency Communication subsystem. A race condition in the rfcommconnectind function, specifically during the handling of listener sockets, can lead to a use-after-free vulnerability. A local attacker could exploit this to cause a deni...

8CVSS6AI score0.00266EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:42 p.m.•8 views

CVE-2026-53178

A flaw was found in the Linux kernel, specifically within the rtl8723bs Wi-Fi driver's rtwmlme component. This vulnerability is due to a missing bounds check before subtracting fixed offsets from the ielength variable, which can lead to an unsigned integer underflow. This issue could potentially...

8.1CVSS5.8AI score0.00214EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:42 p.m.•5 views

CVE-2026-53184

A flaw was found in the Linux kernel. When a User Datagram Protocol UDP socket is configured with a sockmap, and a BPF Berkeley Packet Filter program attached to it calls a socket-lookup helper, the skb-dev field is not properly cleared. This improper handling of the skb-dev field can lead to a...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:39 p.m.•12 views

CVE-2026-53229

A flaw was found in the Linux kernel's mlx5e driver. When an XDP eXpress Data Path transmission fails, the driver does not properly unmap DMA Direct Memory Access addresses or free allocated XDP frames. This oversight can lead to a continuous leak of DMA resources and XDP frames, potentially...

7.5CVSS5.8AI score0.00466EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:32 p.m.•8 views

CVE-2026-52971

A flaw was found in the Linux kernel's Elastic Network Adapter ENA driver, specifically within the Precision Time Protocol Hardware Clock PHC timestamp retrieval function. A race condition exists where the gettimestamp function could attempt to access memory that has already been freed by the...

7.8CVSS5.7AI score0.00133EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:28 p.m.•5 views

CVE-2026-52947

A flaw was found in the Linux kernel's qrtr network subsystem. A race condition exists in the qrtrportremove function where the socket reference count is decremented prematurely. This allows a concurrent reader to access a socket whose reference count has dropped to zero, potentially leading to a...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:26 p.m.•7 views

CVE-2026-52982

A flaw was found in the Linux kernel's USB network driver for Realtek RTL8150 devices. A race condition exists in the rtl8150startxmit function, where a network packet's data buffer can be released prematurely. This can lead to a 'use-after-free' vulnerability, allowing the system to attempt to...

9.8CVSS5.9AI score0.00543EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:24 p.m.•8 views

CVE-2026-53005

A flaw was found in the Linux kernel's afunix component, specifically within its SOCKMAP feature. This vulnerability stems from the kernel's improper handling of Socket Control Message SCM attributes when data is passed to the SOCKMAP layer. This can lead to a use-after-free condition, which may...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:24 p.m.•8 views

CVE-2026-53072

A flaw was found in the Linux kernel's Bluetooth subsystem. Improper handling of locking within the hciconnrequestevt function, particularly when the HCIPROTODEFER protocol is active, can result in a Use-After-Free UAF vulnerability. This condition arises when a connection object is accessed afte...

8.8CVSS6AI score0.00247EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:24 p.m.•8 views

CVE-2026-13006

A flaw was found in logback-core, a logging framework for Java applications. This vulnerability allows an attacker with existing privileges and write access to a configuration file, or the ability to inject a malicious environment variable, to execute arbitrary code. This can be achieved by...

7CVSS6.1AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:24 p.m.•7 views

CVE-2026-52967

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability, located in the symlinkdata function, could allow a malicious SMB server to trigger an infinite loop, leading to a Denial of Service DoS condition. Additionally, an out-of-bounds read could occur, potential...

8.1CVSS5.8AI score0.00398EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•7 views

CVE-2026-52945

A flaw was found in the Linux kernel's WireGuard component. Under heavy network load, particularly when used with Cilium, the threaded NAPI New API implementation can cause the decryption side for a WireGuard peer to stop processing traffic. This leads to a complete stall of network communication...

7.5CVSS5.8AI score0.00307EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•10 views

CVE-2026-52986

A flaw was found in the Linux kernel's netfilter SIP Session Initiation Protocol connection tracking module. This vulnerability, caused by unsafe port parsing, allows a remote attacker to send specially crafted malformed packets. Such packets could lead to excessive resource consumption,...

9.8CVSS5.9AI score0.00559EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•7 views

CVE-2026-53117

A flaw was found in the Linux kernel, specifically within the s390/cio component. When a driver is being probed, a race condition can occur where the driveroverride field is accessed without proper locking. This can lead to a Use-After-Free UAF vulnerability, which may result in system instabilit...

5.5CVSS6.2AI score0.00171EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•7 views

CVE-2026-53440

A flaw was found in Jenkins. This vulnerability allows a remote attacker to perform phishing attacks. The 'Delegate to servlet container' security realm does not properly validate the 'from' parameter, which can be manipulated to redirect users to an attacker-controlled domain after they log in...

4.3CVSS5.9AI score0.00239EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•11 views

CVE-2026-13311

A flaw was found in the shell-quote component. An attacker who can supply a specially crafted string to the parse function can exploit an inefficiency in how the component processes input. This can cause the single-threaded Node.js event loop to be blocked for an extended period, leading to a...

8.7CVSS6.2AI score0.0036EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•8 views

CVE-2026-13083

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS5.7AI score0.00184EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•8 views

CVE-2026-12208

A flaw was found in the jsonata JavaScript library. A prototype pollution vulnerability exists in the createFrame function in src/jsonata.js, allowing a remote attacker to manipulate object prototype attributes. This could lead to unauthorized modification of application behavior. Mitigation Do n...

6.9CVSS5.9AI score0.00314EPSS
Exploits0References8
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•8 views

CVE-2026-13318

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS6AI score0.00164EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•7 views

CVE-2026-13324

A vulnerability has been identified in the GNOME Geary package within its mailto URI handling component. This flaw occurs because the email client automatically processes a non-standard attach parameter in email links without prompting or alerting the user. An attacker could exploit this by...

6.5CVSS5.8AI score
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•7 views

CVE-2026-13218

A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.WriteFile and os.Chown without symlink protection. A user with access to the virt-launcher container can plant a symlink at the cache file path, causin...

4.2CVSS5.9AI score0.00105EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/25 11:23 p.m.•8 views

CVE-2026-12993

A flaw was found in Apicurio Registry. The DocumentBuilderAccessor correctly blocks external DTD and schema access but does not disable DOCTYPE declarations or enable FEATURESECUREPROCESSING. An attacker with artifact-write permission can upload XML documents with internal entity-expansion payloa...

6.5CVSS5.8AI score0.00249EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/25 11:12 p.m.•6 views

CVE-2026-52956

A flaw was found in the Linux kernel's libceph module. A remote attacker could trigger an out-of-bounds memory access in the cephxdecrypt function by sending a specially crafted message frame of type FRAMETAGAUTHREPLYMORE with a small ciphertext length. This vulnerability arises because the...

7.5CVSS6.1AI score0.00359EPSS
Exploits0References4
Total number of security vulnerabilities206296