Lucene search
K
RedhatcveRecent

206704 matches found

RedhatCVE
RedhatCVE
•added 2026/05/29 6:43 p.m.•17 views

CVE-2026-7263

A flaw was found in PHP. The DOMNode::C14N method may incorrectly process XML data due to the improper removal of an xmlns attribute from the underlying libxml2 data structure, corrupting the linked list representing the XML document and causing an infinite loop. This issue can lead to excessive...

7.5CVSS5.7AI score0.00353EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/05/29 6:39 p.m.•32 views

CVE-2026-7259

A flaw was found in PHP. When an attacker input can influence the encoding passed to mbregexencoding and the application subsequently uses mbregex search APIs, a NULL pointer dereference can occur due to a mismatch between the Oniguruma and mbfl encoding support. This issue can cause a crash in t...

6.5CVSS5.8AI score0.00202EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/05/29 3:23 p.m.•13 views

CVE-2026-10101

ACM/MCE assisted-service writes raw referenced pull-secret contents into InfraEnv.status.conditions.message when pull-secret validation fails. A namespace principal with the stock view ClusterRole cannot directly read Secrets, but can read InfraEnv objects and recover the referenced Secret's...

6.3CVSS5.8AI score0.00182EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/05/29 2:21 p.m.•11 views

CVE-2026-44378

A flaw was found in Botan, a C++ cryptography library. A remote attacker could exploit this vulnerability by sending specially crafted Basic Encoding Rules BER data with indefinite length encodings. This could cause quadratic behavior in the parser, leading to a denial of service DoS due to...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/05/29 2:12 p.m.•11 views

CVE-2025-40946

A vulnerability has been identified in blueplanet 100 NX3 M8 All versions, blueplanet 100 TL3 GEN2 All versions V6.1.4.9, blueplanet 105 TL3 All versions, blueplanet 105 TL3 GEN2 All versions V6.1.4.9, blueplanet 110 TL3 All versions, blueplanet 125 NX3 M10 All versions, blueplanet 125 TL3 All...

8.3CVSS7.2AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/05/29 2:12 p.m.•10 views

CVE-2026-41125

A vulnerability has been identified in blueplanet 100 NX3 M8 All versions, blueplanet 100 TL3 GEN2 All versions, blueplanet 105 TL3 All versions, blueplanet 105 TL3 GEN2 All versions, blueplanet 110 TL3 All versions, blueplanet 125 NX3 M10 All versions, blueplanet 125 TL3 All versions, blueplanet...

6CVSS7.1AI score0.00155EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/05/29 2:4 p.m.•16 views

CVE-2025-35979

A flaw was found in the kernel. This vulnerability, affecting some IntelR Processors, involves shared microarchitectural predictor state that influences transient execution within VMX non-root guest operation. An unprivileged software adversary with an authenticated user can exploit this locally ...

6.8CVSS5.7AI score0.00096EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/05/29 1:59 p.m.•12 views

CVE-2026-48962

A flaw was found in perl-IO-Compress, a component used for data compression and decompression. A remote attacker could exploit this vulnerability by crafting a malicious input, specifically an output glob, that bypasses the intended security measures. This could lead to the execution of...

7.8CVSS5.9AI score0.00292EPSS
Exploits3References5
RedhatCVE
RedhatCVE
•added 2026/05/29 1:59 p.m.•13 views

CVE-2026-46239

A flaw was found in the Linux kernel's media: i2c: ov5647 driver. This issue occurs because certain control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN do not properly release power management PM runtime reference counts. This oversight can lead to a resource leak, potentially resulting in a Denia...

5.5CVSS5.8AI score0.00105EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/05/29 12:30 p.m.•14 views

CVE-2026-23870

A flaw was found in the React Server DOM components, including react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack. A remote attacker could exploit this denial of service DoS vulnerability by sending specially crafted HTTP requests to server function endpoints. This...

7.5CVSS5.7AI score0.01533EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2026/05/29 12:22 p.m.•16 views

CVE-2026-32936

A flaw was found in CoreDNS, a DNS server that chains plugins. A remote, unauthenticated attacker can exploit this vulnerability by repeatedly sending oversized DNS-over-HTTPS DoH GET requests. The GET path, unlike the POST path, lacks size validation before processing large dns= query parameter...

8.7CVSS5.6AI score0.00672EPSS
Exploits1References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:22 p.m.•13 views

CVE-2026-32934

A flaw was found in CoreDNS, a DNS server that chains plugins. The DNS-over-QUIC DoQ server is vulnerable to unbounded resource growth. An unauthenticated remote attacker can exploit this by opening numerous QUIC streams and sending only one byte per stream, causing the server to spawn excessive...

8.7CVSS5.7AI score0.00469EPSS
Exploits1References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:16 p.m.•14 views

CVE-2026-33489

A flaw was found in CoreDNS. An unauthorized remote client can exploit a vulnerability in the transfer plugin's Access Control List ACL stanza selection. This occurs when both a parent zone and a more-specific subzone are configured, and the longestMatch function incorrectly uses a lexicographic...

8.2CVSS5.8AI score0.00388EPSS
Exploits1References5
RedhatCVE
RedhatCVE
•added 2026/05/29 10:19 a.m.•22 views

CVE-2026-33811

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/05/29 9:50 a.m.•17 views

CVE-2026-42965

A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service backed by an FQDN Fully Qualified Domain Name EndpointSlice that resolves to a cloud metadata endpoint. This allows the router to proxy requests to the cloud...

7.7CVSS5.7AI score0.00226EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/05/29 9:50 a.m.•19 views

CVE-2026-46579

A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...

7.4CVSS5.7AI score0.0023EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/05/29 9:12 a.m.•15 views

CVE-2026-10078

A flaw was found in the Quay config-tool's GitLab OAuth validator. This vulnerability causes sensitive credentials, specifically clientid and clientsecret, to be transmitted as plaintext in URL query parameters during POST requests to the GitLab endpoint. This insecure transmission can lead to th...

2.7CVSS5.7AI score0.00196EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/05/29 8:13 a.m.•17 views

CVE-2026-32996

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation...

7.3CVSS7.1AI score0.00154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/05/29 8:13 a.m.•23 views

CVE-2026-9137

The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...

7.5CVSS5.7AI score0.00365EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/05/29 8:13 a.m.•15 views

CVE-2026-32998

This vulnerability in Veeam Service Provider Console allows for remote code execution...

9.4CVSS6.1AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/05/29 8:13 a.m.•15 views

CVE-2026-32997

A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server...

8.6CVSS7.4AI score0.00514EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/05/29 7:59 a.m.•11 views

CVE-2026-10052

A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...

4.1CVSS5.8AI score0.00186EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/05/29 6:49 a.m.•17 views

CVE-2026-41075

A flaw was found in RT, an open-source issue and ticket tracking system. An authenticated user can exploit an SQL injection vulnerability by crafting malicious input. This input is then incorporated into database queries without proper validation, potentially allowing the attacker to read or modi...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/05/29 6:49 a.m.•17 views

CVE-2026-41076

A flaw was found in RT, an open-source issue and ticket tracking system. This vulnerability allows a remote attacker to bypass authentication in RT installations configured to use LDAP/AD Lightweight Directory Access Protocol/Active Directory for user authentication. Under specific LDAP server...

8.1CVSS5.8AI score0.00392EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/05/29 6:49 a.m.•15 views

CVE-2026-41074

A flaw was found in RT, an open-source issue and ticket tracking system. This Cross-Site Request Forgery CSRF vulnerability allows a remote attacker to trick a logged-in user into visiting a malicious web page. If successful, the attacker can then perform arbitrary state-changing actions within R...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/05/29 2:13 a.m.•43 views

CVE-2026-0257

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues...

9.1CVSS5.8AI score0.86678EPSS
Exploits11References1
RedhatCVE
RedhatCVE
•added 2026/05/29 12:24 a.m.•13 views

CVE-2026-9953

An out of bounds read flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=503985322...

6.5CVSS5.7AI score0.00247EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:20 a.m.•18 views

CVE-2026-9996

An out of bounds read flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513268100...

6.5CVSS5.7AI score0.00191EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:20 a.m.•16 views

CVE-2026-9986

An insufficient validation of untrusted input flaw was found in the OptimizationGuide component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513028160...

5.7CVSS5.8AI score0.00145EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:20 a.m.•20 views

CVE-2026-9980

An insufficient validation of untrusted input flaw was found in the Printing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511776372...

6.7CVSS5.8AI score0.00124EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:20 a.m.•22 views

CVE-2026-9981

An inappropriate implementation flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=512995705...

6.5CVSS5.7AI score0.00191EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:20 a.m.•19 views

CVE-2026-9985

An insufficient validation of untrusted input flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513019760...

5.3CVSS5.8AI score0.00182EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:20 a.m.•13 views

CVE-2026-9959

A race flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504557432...

6.5CVSS5.7AI score0.00137EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•18 views

CVE-2026-9999

An inappropriate implementation flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513364480...

9.6CVSS5.7AI score0.00225EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•22 views

CVE-2026-9998

An integer overflow flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513337118...

8.3CVSS5.8AI score0.00173EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•16 views

CVE-2026-9997

An use after free flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513324041...

9CVSS5.7AI score0.00178EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•17 views

CVE-2026-9995

An use after free flaw was found in the WebXR component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513256572...

8.8CVSS5.7AI score0.00296EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•18 views

CVE-2026-9994

An use after free flaw was found in the Core component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513235131...

9CVSS5.7AI score0.00182EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•17 views

CVE-2026-9993

An use after free flaw was found in the Views component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513208588...

8.3CVSS5.7AI score0.00164EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•21 views

CVE-2026-9991

An inappropriate implementation flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513173565...

7.4CVSS5.7AI score0.00141EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•20 views

CVE-2026-9992

An use after free flaw was found in the Network component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513177826...

9.6CVSS5.7AI score0.00234EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•18 views

CVE-2026-9990

An use after free flaw was found in the WebAppInstalls component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513128608...

8.8CVSS5.7AI score0.00173EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•15 views

CVE-2026-9989

An inappropriate implementation flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513054053...

9.3CVSS5.7AI score0.00107EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•10 views

CVE-2026-9987

An insufficient validation of untrusted input flaw was found in the WebAppInstalls component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513046475...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•22 views

CVE-2026-9988

An use after free flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513049286...

9.6CVSS5.7AI score0.00173EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•14 views

CVE-2026-9984

An use after free flaw was found in the UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513002543...

8.8CVSS5.7AI score0.00234EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•15 views

CVE-2026-9983

A type confusion flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513001309...

8.8CVSS5.7AI score0.00255EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•17 views

CVE-2026-9982

An insufficient validation of untrusted input flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513001247...

8.3CVSS5.8AI score0.00184EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•16 views

CVE-2026-9979

An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511742228...

7.9CVSS5.8AI score0.00128EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/29 12:19 a.m.•11 views

CVE-2026-9978

An use after free flaw was found in the Glic component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511741396...

8.8CVSS5.7AI score0.00234EPSS
Exploits0References5
Total number of security vulnerabilities206704