Lucene search
K
RedhatcveRecent

206304 matches found

RedhatCVE
RedhatCVE
•added 2026/06/16 11:29 a.m.•7 views

CVE-2026-41731

A flaw was found in the spring-kafka component. A remote attacker, by supplying crafted header values, could exploit a vulnerability in JsonKafkaHeaderMapper and DefaultKafkaHeaderMapper that incorrectly matched type headers against trusted packages. This issue, combined with Jackson's default be...

8.1CVSS5.7AI score0.00489EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 10:43 a.m.•8 views

CVE-2026-47190

A flaw was found in the Cluster API Provider Metal3 IP Address Manager IPAM controller. The controller's ClusterRole granted excessive permissions, allowing full create, read, update, and delete CRUD access to core/v1 Secrets. If the controller pod were compromised, an attacker could leverage the...

6.4CVSS5.3AI score0.00333EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/16 9:3 a.m.•6 views

CVE-2026-49214

A flaw was found in guzzlehttp/psr7, a PHP library for HTTP messages. This vulnerability allows a remote attacker to inject additional HTTP header lines by providing a specially crafted URL that contains ASCII control characters, whitespace, or DEL in the host component. This improper input...

5.3CVSS5.4AI score0.00189EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/06/16 8:39 a.m.•11 views

CVE-2026-12087

A flaw was found in the perl-Socket component. The packipmreqsource function, which handles network socket operations, contains an out-of-bounds heap read vulnerability. An attacker providing a specially crafted input can cause the system to read beyond the intended memory buffer, potentially...

9.1CVSS4.9AI score0.00389EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/16 8:22 a.m.•7 views

CVE-2026-47825

A flaw was found in Spring Cloud Gateway Server. In certain configurations, the server improperly forwards X-Forwarded-For and Forwarded headers received from untrusted proxies. This vulnerability affects both WebMVC and WebFlux Gateway Servers, potentially allowing an attacker to manipulate the...

8.6CVSS5.3AI score0.00139EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 6:57 a.m.•6 views

CVE-2026-6047

A flaw was found in LibreOffice. This vulnerability, a heap buffer overflow, occurs when processing specially crafted OOXML Office Open XML documents. An attacker could create a malicious document that, when opened, causes a write beyond the intended memory boundary during the replaying of deferr...

6.9CVSS5.4AI score0.0012EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 6:46 a.m.•5 views

CVE-2026-8356

A flaw was found in LibreOffice. This vulnerability, a stack buffer overflow, occurs when processing specially crafted legacy PowerPoint PPT files. An attacker could exploit this by convincing a user to open a malicious document, which may lead to a denial of service DoS due to the application...

6.9CVSS5.4AI score0.0012EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/16 6:39 a.m.•6 views

CVE-2026-47140

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. This vulnerability allows sandboxed code to bypass intended security restrictions by exploiting missing entries in the denylist for dangerous Node.js built-in functions, specifically process and inspector/promises. A...

10CVSS5.6AI score0.00536EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/16 6:39 a.m.•6 views

CVE-2026-47137

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. A remote attacker could bypass a security check designed to prevent the combination of nested environments and disabled module loading. This bypass occurs because a strict equality check for the require option can be...

10CVSS5.8AI score0.00382EPSS
Exploits0References8
RedhatCVE
RedhatCVE
•added 2026/06/16 6:39 a.m.•7 views

CVE-2026-47131

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. A remote attacker can exploit this vulnerability by combining specific Buffer function calls and Node.js's ERRINVALIDARGTYPE error. This allows the attacker to obtain the host's TypeError constructor, leading to an...

10CVSS5.4AI score0.004EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/16 3:54 a.m.•9 views

CVE-2026-5497

A flaw was found in vLLM. An attacker can exploit this vulnerability by sending a specially crafted API request containing an excessive number of base64-encoded JPEG frames within a data URL. This unbounded processing of frames in the VideoMediaIO.loadbase64 method leads to an Out-of-Memory OOM...

7.5CVSS6.7AI score0.00597EPSS
Exploits1References5
RedhatCVE
RedhatCVE
•added 2026/06/15 7:32 p.m.•9 views

CVE-2026-9698

A flaw was found in DBI, a Perl database interface. This vulnerability allows an attacker to trigger a buffer overflow by manipulating error messages within an application. When specific error handling options are active, an attacker can provide oversized error text, which may lead to arbitrary...

9.8CVSS5.9AI score0.00376EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/15 7:15 p.m.•7 views

CVE-2026-52718

A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gstav1parserparsetilelistobu function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a user into opening a special...

6.5CVSS5.3AI score0.00307EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 7:15 p.m.•6 views

CVE-2026-52722

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS5.3AI score0.00288EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 7:15 p.m.•7 views

CVE-2026-53435

A flaw was found in Jenkins. Attackers can exploit a deserialization vulnerability by submitting a specially crafted config.xml file. This allows them to deserialize arbitrary types, leading to the ability to impersonate users and send HTTP requests on their behalf. The most critical impact is th...

8.8CVSS6.2AI score0.14907EPSS
Exploits2References4
RedhatCVE
RedhatCVE
•added 2026/06/15 7:15 p.m.•7 views

CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6AI score0.00489EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 7:15 p.m.•5 views

CVE-2026-10725

A flaw was found in Protocol::HTTP2. This vulnerability, known as an HTTP/2 Bomb, allows a remote attacker to send a small HTTP/2 request that can expand into a large amount of server memory. This is due to the inbound HPACK path having no header-list size limit, leading to an unbounded buffer...

7.5CVSS5.5AI score0.00414EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/06/15 7:10 p.m.•7 views

CVE-2026-53704

A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using reskippascalstring without validating that offsets remain...

7.1CVSS4.8AI score0.00186EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/15 7:10 p.m.•7 views

CVE-2026-53703

A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sampl...

7.1CVSS5AI score0.00191EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/15 7:10 p.m.•6 views

CVE-2026-52721

Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could...

5.3CVSS5.4AI score0.00107EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 7:10 p.m.•6 views

CVE-2026-53705

A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation 4 blocksamples channels in gstwavpackdechandleframe causes a very small heap allocation. The WavPack library then writes...

7.6CVSS5.6AI score0.003EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/15 7:10 p.m.•6 views

CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.3AI score0.0028EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 6:56 p.m.•5 views

CVE-2026-9669

A flaw was found in Python's bz2.BZ2Decompressor component. An attacker could provide specially crafted input that, when processed by an application reusing a decompressor object after an error, could lead to out-of-bounds writes in memory. This memory corruption could cause the application to...

8.2CVSS5.4AI score0.00376EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•7 views

CVE-2026-46559

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. An incorrect check during JPEG 2000 JP2 image processing, when certain options are specified, can lead to a heap buffer overwrite of a single byte. This vulnerability could allow a...

6.2CVSS5.2AI score0.00116EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•7 views

CVE-2026-50633

A flaw was found in Apache CXF's JCA integration module. This Java Naming and Directory Interface JNDI Injection vulnerability allows for arbitrary code execution. A remote attacker could exploit this by manipulating the Java EE Connector Architecture JCA deployment descriptor ra.xml or runtime...

8.1CVSS5.7AI score0.00782EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•6 views

CVE-2026-50628

A flaw was found in the OAuthRequestFilter component of cxf. A logic error in this filter inadvertently creates an inverse security check when enabled. This issue causes legitimate requests from a bound IP address to be rejected, while requests from any other IP address are blindly allowed. This...

9.8CVSS4.8AI score0.00629EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•7 views

CVE-2026-50627

A flaw was found in Apache CXF. The JwtAccessTokenValidator class fails to properly validate the 'aud' Audience claims within incoming JSON Web Token JWT access tokens. This vulnerability allows an attacker to reuse a JWT, originally intended for one resource server, against a different resource...

9.1CVSS4.8AI score0.00418EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•7 views

CVE-2026-9641

Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which should only be used for legacy systems. These versions default to using 1000 iterations. Depending on the chosen algorithm, 220,000 to 1,400,000...

5.3CVSS5.3AI score0.00226EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•7 views

CVE-2026-49875

A flaw was found in Apache CXF. The EndpointReferenceUtils and W3CMultiSchemaFactory classes within Apache CXF construct a SAXParserFactory without proper security configurations. This oversight enables out-of-band OOB external entity resolution, a type of XML External Entity XXE vulnerability. A...

9.8CVSS5AI score0.00485EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•7 views

CVE-2026-12043

A flaw was found in the AWS Common Runtime aws-c-http library. A remote attacker, by operating a malicious server, could send a crafted sequence of HTTP/2 HEADERS frames that improperly handle HPACK dynamic table size updates. This could lead to memory corruption on a connecting client applicatio...

8.8CVSS5.7AI score0.00351EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•9 views

CVE-2026-9638

Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

7.5CVSS5.2AI score0.00305EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•8 views

CVE-2017-20240

Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks. These versions use Perl's built-in eq comparison. Discrepancies in timing could be used to guess the underlying derived-key...

5.9CVSS5.2AI score0.00319EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•11 views

CVE-2025-71330

A flaw was found in image-size. A remote attacker can exploit this vulnerability by providing a specially crafted ICNS image buffer. This malicious buffer, containing valid magic bytes and a zero-valued entry length, causes an infinite loop in the ICNS parser. This can permanently block the Node....

8.7CVSS5.3AI score0.0043EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 2026/06/15 2:36 p.m.•11 views

CVE-2025-71329

A flaw was found in image-size. A remote attacker can exploit this vulnerability by providing a specially crafted image buffer that contains a zero-valued size field within a recognized box-type. This malicious input can trigger an infinite loop in the JXL or HEIF image parsers, leading to a...

8.7CVSS5.6AI score0.0043EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 2026/06/15 8:36 a.m.•11 views

CVE-2026-50560

A flaw was found in Netty, a network application framework. A remote attacker can exploit a vulnerability in the HTTP/2 Hypertext Transfer Protocol version 2 maximum header size handling. By sending a specific SETTINGSMAXHEADERLISTSIZE setting, an attacker can cause Netty to produce an exception...

6.9CVSS5AI score0.00302EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/15 8:36 a.m.•13 views

CVE-2026-50020

A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary...

5.3CVSS4.9AI score0.00232EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/15 8:36 a.m.•10 views

CVE-2026-48096

A flaw was found in OpenFGA, an authorization/permission engine. When iterator caching is enabled, distinct authorization check requests can generate identical cache keys. This can cause OpenFGA to reuse an outdated or incorrect cached result for subsequent requests. Such a flaw may lead to...

5.3CVSS5.2AI score0.00101EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/15 8:36 a.m.•9 views

CVE-2026-47244

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a large number of HTTP/2 stream requests to a Netty HTTP/2 server. If the server does not explicitly limit concurrent streams, it can lead to the allocation of numerous long-liv...

5.3CVSS5.3AI score0.00292EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/15 8:36 a.m.•11 views

CVE-2026-45831

A flaw was found in the SimpleRBACAuthorizationProvider authorization provider in the ChromaDB Python project. This vulnerability allows an authenticated user to perform actions across different tenants, databases, or collections without proper authorization. The provider incorrectly evaluates us...

8.8CVSS5.2AI score0.00237EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 8:36 a.m.•8 views

CVE-2026-45536

A flaw was found in Netty, a network application framework. A local attacker could exploit a vulnerability in the nettyunixsocketrecvFd function when handling SCMRIGHTS messages in Epoll or KQueue DomainSocketChannel with DomainSocketReadMode.FILEDESCRIPTORS enabled. Incorrect handling of file...

4CVSS5.2AI score0.00136EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/15 8:36 a.m.•9 views

CVE-2026-44188

A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth Open Authorization access token before a user logs out, they...

5.3CVSS5AI score0.00284EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/15 8:35 a.m.•9 views

CVE-2026-50011

A flaw was found in Netty, a network application framework. The RedisArrayAggregator component pre-allocates memory based on the declared element count in a Redis array header. A remote attacker can exploit this by sending a small, malicious Redis array header that claims a huge initial capacity,...

7.5CVSS5.3AI score0.00371EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/15 8:35 a.m.•10 views

CVE-2026-50010

A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager X509TrustManager, it fails to perform...

7.5CVSS5AI score0.00269EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/15 8:35 a.m.•9 views

CVE-2026-48006

A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by repeatedly closing Redis pipeline connections before a Redis array aggregate completes. This leads to a permanent leak of direct-memory buffers, which prevents memory chunks from being returned to the share...

8.7CVSS5AI score0.00489EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/15 8:35 a.m.•9 views

CVE-2026-47691

A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...

10CVSS4.9AI score0.00285EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/15 8:35 a.m.•8 views

CVE-2026-46340

A flaw was found in netty-transport-sctp. A remote attacker can exploit this vulnerability by sending specially crafted, non-complete Stream Control Transmission Protocol SCTP message fragments. This can lead to unbounded memory growth within the application, causing a Denial of Service DoS...

7.5CVSS5.1AI score0.00371EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/15 8:35 a.m.•8 views

CVE-2026-45833

A flaw was found in the ChromaDB Python project. An authenticated attacker with UPDATECOLLECTION permission could exploit a code injection vulnerability. By sending a malicious model repository to a specific API endpoint with trustremotecode enabled, the attacker can execute arbitrary code on the...

9.4CVSS6.1AI score0.00342EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 8:35 a.m.•7 views

CVE-2026-45832

A flaw was found in ChromaDB. All V1 collection-level endpoints in the Python project pass null values for tenant and database to the authorization layer. This allows a remote attacker to bypass authorization controls by utilizing these V1 endpoints. The primary consequence is unauthorized access...

8.8CVSS5.3AI score0.00284EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 8:35 a.m.•7 views

CVE-2026-45830

A flaw was found in ChromaDB. A lack of authorization validation in the ChromaDB Python project allows any authenticated user to read, write, update, or delete data in any tenant's collection. This means an attacker can bypass intended access controls and manipulate data across different tenants,...

8.8CVSS5.2AI score0.00345EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/15 8:35 a.m.•14 views

CVE-2026-45674

A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS...

10CVSS4.9AI score0.00218EPSS
Exploits0References6
Total number of security vulnerabilities206304