Lucene search
K
RedhatcveRecent

206304 matches found

RedhatCVE
RedhatCVE
•added 2026/06/17 8:23 p.m.•7 views

CVE-2026-12311

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...

6.1CVSS5.2AI score0.00185EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:23 p.m.•8 views

CVE-2026-12310

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

7.5CVSS5.3AI score0.00252EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:23 p.m.•8 views

CVE-2026-12309

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

6.5CVSS5.3AI score0.00235EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:23 p.m.•7 views

CVE-2026-12308

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

6.1CVSS5.3AI score0.00261EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:23 p.m.•7 views

CVE-2026-12307

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

6.1CVSS5.3AI score0.00261EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:23 p.m.•8 views

CVE-2026-12306

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

6.1CVSS5.3AI score0.00261EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:23 p.m.•6 views

CVE-2026-12305

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

7.5CVSS5.3AI score0.00374EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:23 p.m.•7 views

CVE-2026-12302

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

6.5CVSS5.2AI score0.00248EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:23 p.m.•7 views

CVE-2026-12304

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.2AI score0.00189EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:8 p.m.•6 views

CVE-2026-49759

A flaw was found in Erlang OTP Open Telecom Platform erts, specifically within the inetdrv component. An unauthenticated remote attacker can exploit a stack-based buffer overflow vulnerability by sending a specially crafted Stream Control Transmission Protocol SCTP ERROR chunk. This can lead to a...

8.8CVSS5.3AI score0.00497EPSS
Exploits0References8
RedhatCVE
RedhatCVE
•added 2026/06/17 8:3 p.m.•13 views

CVE-2026-12329

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

7.5CVSS5.3AI score0.00313EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:3 p.m.•7 views

CVE-2026-12328

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory...

8.1CVSS5.7AI score0.00476EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:3 p.m.•7 views

CVE-2026-12298

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Firefox ESR 140.12...

7.5CVSS5.3AI score0.00306EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:3 p.m.•7 views

CVE-2026-12299

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...

7.5CVSS5.2AI score0.00306EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:3 p.m.•9 views

CVE-2026-12297

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Networking component...

9.6CVSS5.2AI score0.00393EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:3 p.m.•7 views

CVE-2026-12296

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Security: Process Sandboxing component...

9.6CVSS5.2AI score0.00393EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:2 p.m.•7 views

CVE-2026-12295

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the DOM: Navigation component...

9.6CVSS5.2AI score0.00393EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:2 p.m.•13 views

CVE-2026-12294

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the DOM: Workers component...

9.6CVSS5.2AI score0.00363EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:2 p.m.•6 views

CVE-2026-12292

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Web Audio component...

8.1CVSS5.2AI score0.00398EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:2 p.m.•8 views

CVE-2026-12291

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Networking: HTTP component...

8.8CVSS5.2AI score0.00382EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:2 p.m.•10 views

CVE-2026-12290

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

8.1CVSS5.3AI score0.00397EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 8:2 p.m.•6 views

CVE-2026-12289

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Graphics: WebRender component...

8.8CVSS5.2AI score0.00395EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 3:49 p.m.•7 views

CVE-2026-46448

A flaw was found in OpenStack Nova. The server creation application programming interface API fails to remove specific hint data, leading to instances being created without proper Placement allocation. This can result in a denial of service, as resources may not be correctly assigned or managed f...

8.5CVSS4.8AI score0.00272EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 2026/06/17 3:29 p.m.•8 views

CVE-2026-12515

A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where insufficient authorization checks in the ContentUploadsController allowed users with the editproducts permission to query content information for repositories outside the products they were authorized to...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/17 3:11 p.m.•8 views

CVE-2026-48776

A flaw was found in the LangGraph Python SDK. This vulnerability allows a remote attacker with low privileges to manipulate URL paths by providing unsanitized input. This could result in unintended access, modification, or deletion of resources, potentially compromising data confidentiality and...

9.1CVSS5.3AI score0.00216EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/17 2:27 p.m.•9 views

CVE-2026-12528

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

5.4CVSS5.4AI score0.00226EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/17 2:20 p.m.•10 views

CVE-2026-12199

A flaw was found in the nltk component, specifically in the nltk.app.wordnetapp. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted GET request to the WordNet Browser HTTP server when it is running in its default mode. This allows the attacker to...

7.5CVSS7.3AI score0.00325EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/17 11:13 a.m.•9 views

CVE-2026-50559

A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure...

7.5CVSS5AI score0.00392EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2026/06/17 10:46 a.m.•13 views

CVE-2026-48775

A flaw was found in LangGraph. This vulnerability allows an attacker with high privileges and adjacent network access to modify checkpoint data. By manipulating these stored checkpoint bytes, an attacker can trigger insecure deserialization, leading to arbitrary code execution when the checkpoint...

6.8CVSS6AI score0.00232EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/17 10:27 a.m.•12 views

CVE-2026-50632

A flaw was found in Apache CXF. This vulnerability, stemming from an incomplete fix for a previous issue, allows untrusted users who can configure Java Message Service JMS for Apache CXF to achieve arbitrary code execution. This could lead to a complete compromise of the affected system. Mitigati...

8.8CVSS5.8AI score0.00646EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/17 10:7 a.m.•11 views

CVE-2026-12491

A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency tRNS data, during image processing. When images are converted to RGB, transparency informatio...

4.8CVSS5.3AI score0.00239EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/17 8:33 a.m.•9 views

CVE-2026-46286

A flaw was found in the Linux kernel's qcom-lpg LED driver. This vulnerability, an array overflow, occurs when the driver attempts to select high-resolution values. Due to incorrect indexing, the system may read random data from memory, which could lead to information disclosure or unpredictable...

5.3AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/17 7:51 a.m.•8 views

CVE-2026-7774

A flaw was found in the tarfile.datafilter function within the Python tarfile module. A remote attacker could exploit this vulnerability by providing a specially crafted tar archive containing malicious link entries, such as symlinks with empty or directory-like names. This bypass allows the...

6.9CVSS5.6AI score0.00606EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/17 7:14 a.m.•9 views

CVE-2026-48782

A flaw was found in Pydantic AI, where its cloud-metadata blocklist could be bypassed. This vulnerability allows an attacker to expose cloud IAM Identity and Access Management short-term credentials. The bypass occurs when an application using Pydantic AI is configured to allow local file downloa...

6.8CVSS5.3AI score0.00332EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/17 7:13 a.m.•7 views

CVE-2026-49218

A flaw was found in ImageMagick. A missing check in the DCM Digital Imaging and Communications in Medicine decoder allows a remote attacker to provide a specially crafted image with invalid dimensions. This can lead to crashes in other operations, resulting in a denial of service DoS for the...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/17 7:13 a.m.•8 views

CVE-2026-53460

A flaw was found in ImageMagick. A remote attacker could exploit a missing check for maximum memory requests in the AcquireAlignedMemory function, leading to an out-of-memory condition. This vulnerability could result in a Denial of Service DoS, making the affected system or application...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/17 7:13 a.m.•9 views

CVE-2026-53461

A flaw was found in ImageMagick. An incorrect loop in the ICON decoder can lead to an out-of-bounds heap write. This vulnerability allows a remote attacker to cause a denial of service DoS by providing a specially crafted image file, leading to a system crash. Mitigation Red Hat is not aware of a...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/17 1:25 a.m.•6 views

CVE-2026-53441

A flaw was found in Jenkins. This vulnerability, a stored cross-site scripting XSS issue, allows attackers with Agent/Configure permission to inject malicious scripts into the user-provided description of a generic offline cause. When other users view this description, the injected script can...

5.4CVSS5.1AI score0.00261EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 9:25 p.m.•8 views

CVE-2026-48858

A flaw was found in Erlang/OTP's FTP File Transfer Protocol client, specifically within the ftpinternal module. A remote attacker, by operating a malicious or compromised FTP server, could exploit an unvalidated IP address in the server's passive mode PASV response. This vulnerability, known as...

6.5CVSS5.5AI score0.00234EPSS
Exploits0References9
RedhatCVE
RedhatCVE
•added 2026/06/16 5:57 p.m.•10 views

CVE-2026-46331

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

7.8CVSS5.8AI score0.00259EPSS
Exploits9References4
RedhatCVE
RedhatCVE
•added 2026/06/16 3:52 p.m.•8 views

CVE-2026-10649

A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...

8.6CVSS5.3AI score0.0044EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 2:52 p.m.•7 views

CVE-2026-12398

A command injection vulnerability was found in galaxyng. The dogitcheckout function in the legacy role import API v1 interpolates unsanitized git ref names branch/tag names into shell commands executed via subprocess.run with shell=True. An authenticated user who controls a git repository can...

7.5CVSS6.2AI score0.00889EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/16 2:33 p.m.•7 views

CVE-2026-54421

A flaw was found in OpenStack Ironic. When an authorized user applies a PATCH operation to update volume properties, the system can inadvertently expose sensitive information, such as iSCSI credentials. This information disclosure vulnerability allows an attacker to gain access to credentials tha...

6.8CVSS4.9AI score0.00291EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 1:31 p.m.•6 views

CVE-2026-6039

A flaw was found in LibreOffice. This vulnerability, a heap buffer overflow, occurs when processing specially crafted DXF Drawing Exchange Format polyline files. An attacker could exploit this by convincing a user to open a malicious DXF file, which may lead to a denial of service DoS due to...

6.9CVSS5.4AI score0.00157EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 1:13 p.m.•7 views

CVE-2026-10275

A flaw was found in OpenSC, specifically within the pkcs11-tool Key Generation Module. This vulnerability, located in the testkpgencertwrite function, is a buffer overflow that can be triggered remotely. A remote attacker could exploit this flaw, potentially leading to information disclosure, dat...

5.1CVSS5.7AI score0.00296EPSS
Exploits0References12
RedhatCVE
RedhatCVE
•added 2026/06/16 1:13 p.m.•6 views

CVE-2026-46655

A flaw was found in virtio-win. A low-integrity process can issue an IOCTL request to viosock.sys!VIOSockSelect with a maliciously crafted request that causes an integer overflow. This allows the process to circumvent bounds checking, resulting in a heap overflow in the NonPagedPool kernel heap...

7.8CVSS5.5AI score
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 12:57 p.m.•7 views

CVE-2026-54411

A flaw was found in Linux-PAM's pamuserdb module. This vulnerability, categorized as an Observable Timing Discrepancy CWE-208, allows a local or network-adjacent attacker to recover plaintext passwords. By repeatedly attempting authentication and measuring response-timing differences during...

8.2CVSS5.2AI score0.00321EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/16 12:57 p.m.•6 views

CVE-2026-53438

A flaw was found in Jenkins. A missing permission check allows an attacker, who has 'Item/Cancel' permission but lacks 'Item/Read' permission, to cancel queue items they are not authorized to view. This could lead to unauthorized disruption of queued tasks within Jenkins...

6.5CVSS5.2AI score0.00213EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 12:37 p.m.•6 views

CVE-2026-54133

jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP applications with PHP data structures. Versions prior to 2.9.1 can generate and execute attacker-controlled PHP code when JmesPath\CompilerRuntime is used with an...

9.8CVSS5.5AI score0.0032EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/06/16 12:32 p.m.•6 views

CVE-2026-6045

A flaw was found in LibreOffice. A heap buffer overflow exists when importing EMF+ graphics, which may be embedded in documents. An attacker could exploit this by convincing a user to open a specially crafted document. This could lead to denial of service or memory corruption, potentially allowin...

6.9CVSS6AI score0.0012EPSS
Exploits0References4
Total number of security vulnerabilities206304