| | CVE-2026-21965 |  Red Hat | low | 2.7 | 0.0%
| | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supp… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21929 | Red Hat | medium | 5.3 | 0.0%
| | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported ve… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21937 | Red Hat | medium | 4.9 | 0.0%
| ✓ Fix | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21968 | Red Hat | medium | 6.5 | 0.0%
| ✓ Fix | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21936 | Red Hat | medium | 4.9 | 0.0%
| ✓ Fix | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21950 | Red Hat | medium | 6.5 | 0.0%
| | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21948 | Red Hat | medium | 4.9 | 0.0%
| ✓ Fix | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21941 | Red Hat | medium | 4.9 | 0.0%
| ✓ Fix | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21952 | Red Hat | medium | 4.9 | 0.0%
| | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported ve… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-56005 | Red Hat | high | 7.8 | 0.9%
| | An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Exec… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2024-31884 | Red Hat | medium | 6.5 | — | ✓ Fix | No description is available for this CVE. | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-23949 | Red Hat | high | 8.6 | 0.1%
| | jaraco.context, an open-source software package that provides some useful decorators and context man… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-23950 | Red Hat | high | 8.8 | 0.0%
| ✓ Fix | node-tar,a Tar for Node.js, has a race condition vulnerability in versions up to and including 7.5.3… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-22770 | Red Hat | medium | 6.5 | 0.1%
| | ImageMagick is free and open-source software used for editing and manipulating digital images. The B… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-23874 | Red Hat | medium | 5.5 | 0.0%
| | ImageMagick is free and open-source software used for editing and manipulating digital images. Versi… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-23876 | Red Hat | high | 8.1 | 0.1%
| ✓ Fix | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-14369 | Red Hat | medium | 5.0 | 0.0%
| | dr_flac, an audio decoder within the dr_libs toolset, contains an integer overflow vulnerability fla… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-15281 | Red Hat | low | 5.9 | 0.1%
| ✓ Fix | Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to … | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-33228 | Red Hat | medium | 6.6 | 0.0%
| | NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could ca… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-33229 | Red Hat | medium | 6.1 | 0.0%
| | NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an attacker… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-33230 | Red Hat | medium | 6.1 | 0.0%
| | NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker co… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-55130 | Red Hat | high | 7.1 | 0.0%
| ✓ Fix | A flaw in Node.js’s Permissions model allows attackers to bypass `--allow-fs-read` and `--allow-fs-w… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-55131 | Red Hat | high | 7.1 | 0.0%
| ✓ Fix | A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are int… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-59465 | Red Hat | high | 7.5 | 0.1%
| ✓ Fix | A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash b… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-59464 | Red Hat | medium | 6.5 | 0.1%
| | A memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` certificate fields to … | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-59466 | Red Hat | medium | 5.9 | 0.0%
| ✓ Fix | We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors b… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21636 | Red Hat | medium | 5.8 | 0.0%
| | A flaw in Node.js's permission model allows Unix Domain Socket (UDS) connections to bypass network r… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21637 | Red Hat | medium | 5.9 | 0.0%
| ✓ Fix | A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS … | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-55132 | Red Hat | low | 2.8 | 0.0%
| ✓ Fix | A flaw in Node.js's permission model allows a file's access and modification timestamps to be change… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-11468 | Red Hat | medium | 4.5 | 0.0%
| | When folding a long comment in an email header containing exclusively unfoldable characters, the par… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21945 | Red Hat | high | 7.5 | 0.1%
| ✓ Fix | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21933 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21932 | Red Hat | high | 7.4 | 0.0%
| ✓ Fix | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-21925 | Red Hat | medium | 4.8 | 0.0%
| ✓ Fix | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-0865 | Red Hat | medium | 4.5 | 0.2%
| ✓ Fix | User-controlled header names and values containing newlines can allow injecting HTTP headers. | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-15282 | Red Hat | medium | 4.8 | 0.0%
| | User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newli… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-15366 | Red Hat | medium | 7.1 | 0.1%
| ✓ Fix | The imaplib module, when passed a user-controlled command, can have additional commands injected usi… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-15367 | Red Hat | medium | 7.1 | 0.1%
| ✓ Fix | The poplib module, when passed a user-controlled command, can have
additional commands injected usin… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2026-0672 | Red Hat | medium | 4.8 | 0.2%
| | When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTT… | Jan 20, 2026 | Jan 20, 2026 |
| | CVE-2025-66959 | Red Hat | medium | 7.5 | 0.3%
| | An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the GGUF deco… | Jan 21, 2026 | Jan 21, 2026 |
| | CVE-2025-66960 | Red Hat | medium | 7.5 | 0.3%
| | An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/g… | Jan 21, 2026 | Jan 21, 2026 |
| | CVE-2025-13878 | Red Hat | high | 7.5 | 0.0%
| | Malformed BRID/HHIT records can cause `named` to terminate unexpectedly.
This issue affects BIND 9 v… | Jan 21, 2026 | Jan 21, 2026 |
| | CVE-2026-1035 | Red Hat | low | 3.1 | 0.0%
| | A flaw was found in the Keycloak server during refresh token processing, specifically in the TokenMa… | Jan 21, 2026 | Jan 21, 2026 |
| | CVE-2025-14559 | Red Hat | medium | 6.5 | 0.0%
| ✓ Fix | A flaw was found in the keycloak-services component of Keycloak. This vulnerability allows the issua… | Jan 21, 2026 | Jan 21, 2026 |
| | CVE-2026-22976 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net/sched: sch_qfq: Fix NULL der… | Jan 21, 2026 | Jan 21, 2026 |
| | CVE-2026-22977 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: sock: fix hardened usercopy… | Jan 21, 2026 | Jan 21, 2026 |
| | CVE-2026-22444 | Red Hat | medium | 6.5 | 0.0%
| | The "create core" API of Apache Solr 8.6 through 9.10.0 lacks sufficient input validation on some AP… | Jan 21, 2026 | Jan 21, 2026 |
| | CVE-2026-22022 | Red Hat | medium | 6.5 | 0.2%
| | Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin… | Jan 21, 2026 | Jan 21, 2026 |
| | CVE-2026-20045 |  Cisco | high | 8.2 | 0.9%
| ⚠ KEV | A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications M… | Jan 21, 2026 | Feb 13, 2026 |
| | CVE-2026-20055 | Cisco | medium | 4.8 | 0.0%
| | Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Ente… | Jan 21, 2026 | Jan 26, 2026 |