| | CVE-2025-14911 |  Red Hat | medium | 6.5 | 0.1%
| | User-controlled chunkSize metadata from MongoDB lacks appropriate validation allowing malformed Grid… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-22261 | Red Hat | low | 3.7 | 0.1%
| | Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficie… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-23592 |  HPE | high | 7.2 | 0.1%
| | Insecure file operations in HPE Aruba Networking Fabric Composer’s backup functionality could allo… | Jan 27, 2026 | Feb 27, 2026 |
| | CVE-2026-23593 | HPE | high | 7.5 | 0.0%
| | A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer could … | Jan 27, 2026 | Feb 27, 2026 |
| | CVE-2026-22262 | Red Hat | medium | 5.9 | 0.1%
| | Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prep… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-22263 | Red Hat | medium | 5.3 | 0.0%
| | Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3,… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-24881 | Red Hat | high | 8.1 | 0.2%
| | In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped s… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-24882 | Red Hat | high | 8.4 | 0.0%
| ✓ Fix | In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PK… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-24883 | Red Hat | low | 3.7 | 0.0%
| | In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-24688 | Red Hat | medium | 5.3 | 0.0%
| | pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulne… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-24858 |  Fortinet | critical | 9.8 | 6.2%
| ⚠ KEV | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in… | Jan 27, 2026 | May 12, 2026 |
| | CVE-2026-24747 | Red Hat | high | 8.8 | 0.0%
| | PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerabili… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-24765 | Red Hat | high | 7.8 | 0.1%
| | PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-24779 | Red Hat | high | 7.1 | 0.0%
| ✓ Fix | vLLM is an inference and serving engine for large language models (LLMs). Prior to version 0.14.1, a… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2025-61140 | Red Hat | high | 8.8 | 0.1%
| ✓ Fix | The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution. | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2025-57283 | Red Hat | high | 7.8 | 0.1%
| | The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-23014 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
perf: Ensure swevent hrtimer is … | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-1536 | Red Hat | medium | 5.8 | 0.1%
| | A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition heade… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-1518 | Red Hat | low | 2.7 | 0.0%
| | A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backc… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-1539 | Red Hat | medium | 5.8 | 0.0%
| | A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be s… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-24784 |  Microsoft | medium | 6.8 | 0.0%
| | DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft e… | Jan 28, 2026 | Feb 4, 2026 |
| | CVE-2026-24833 | Microsoft | high | 7.6 | 0.0%
| | DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft e… | Jan 28, 2026 | Feb 4, 2026 |
| | CVE-2026-24836 | Microsoft | high | 7.6 | 0.0%
| | DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft e… | Jan 28, 2026 | Feb 4, 2026 |
| | CVE-2026-24837 | Microsoft | high | 7.6 | 0.0%
| | DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft e… | Jan 28, 2026 | Feb 4, 2026 |
| | CVE-2026-24842 | Red Hat | high | 8.2 | 0.0%
| ✓ Fix | node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security c… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-24838 | Microsoft | critical | 9.1 | 0.0%
| | DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft e… | Jan 28, 2026 | Feb 4, 2026 |
| | CVE-2026-0818 | Red Hat | medium | 6.1 | 0.0%
| | When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded … | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-1531 | Red Hat | high | 8.1 | 0.0%
| | A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disab… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-1530 | Red Hat | high | 8.1 | 0.0%
| | A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-th… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2025-68119 | Red Hat | medium | 6.7 | 0.0%
| | Downloading and building modules with malicious version strings can cause local code execution. On s… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2025-61731 | Red Hat | high | 8.6 | 0.0%
| ✓ Fix | Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file wit… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2025-61726 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | The net/url package does not set a limit on the number of query parameters in a query. While the max… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2025-61728 | Red Hat | medium | 7.5 | 0.0%
| ✓ Fix | archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file i… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-24835 | Red Hat | medium | 6.6 | 0.1%
| | Podman Desktop is a graphical tool for developing on containers and Kubernetes. A critical authentic… | Jan 28, 2026 | Jan 28, 2026 |
| | CVE-2026-24888 | Microsoft | medium | 6.5 | 0.6%
| | Maker.js is a 2D vector line drawing and shape modeling for CNC and laser cutters. In versions up to… | Jan 28, 2026 | Feb 9, 2026 |
| | CVE-2020-37011 | Red Hat | medium | 5.0 | 0.0%
| | Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger … | Jan 29, 2026 | Jan 29, 2026 |
| | CVE-2025-62514 |  Check Point | high | 8.3 | 0.0%
| | Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.… | Jan 29, 2026 | Mar 2, 2026 |
| | CVE-2026-24054 | Red Hat | medium | 7.3 | 0.1%
| | Kata Containers is an open source project focusing on a standard implementation of lightweight Virtu… | Jan 29, 2026 | Jan 29, 2026 |
| | CVE-2026-25068 | Red Hat | medium | 4.3 | 0.0%
| | alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based … | Jan 29, 2026 | Jan 29, 2026 |
| | CVE-2026-25210 | Red Hat | medium | 6.9 | 0.0%
| | In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize… | Jan 30, 2026 | Jan 30, 2026 |
| | CVE-2024-4027 | Red Hat | high | 7.5 | 0.3%
| | A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameter… | Jan 30, 2026 | Jan 30, 2026 |
| | CVE-2026-25128 | Red Hat | medium | 5.3 | 0.1%
| | fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object wi… | Jan 30, 2026 | Jan 30, 2026 |
| | CVE-2025-24293 | Red Hat | high | 8.1 | 0.2%
| | # Active Storage allowed transformation methods potentially unsafe
Active Storage attempts to preven… | Jan 30, 2026 | Jan 30, 2026 |
| | CVE-2026-25153 | Red Hat | high | 7.7 | 0.0%
| | Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node p… | Jan 30, 2026 | Jan 30, 2026 |
| | CVE-2026-25152 | Red Hat | medium | 5.3 | 0.0%
| | Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node p… | Jan 30, 2026 | Jan 30, 2026 |
| | CVE-2026-23020 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: 3com: 3c59x: fix possible n… | Jan 31, 2026 | Jan 31, 2026 |
| | CVE-2025-71182 | Red Hat | low | 5.1 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
can: j1939: make j1939_session_a… | Jan 31, 2026 | Jan 31, 2026 |
| | CVE-2026-23038 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
pnfs/flexfiles: Fix memory leak … | Jan 31, 2026 | Jan 31, 2026 |
| | CVE-2026-23028 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
LoongArch: KVM: Fix kvm_device l… | Jan 31, 2026 | Jan 31, 2026 |
| | CVE-2025-71189 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
dmaengine: dw: dmamux: fix OF no… | Jan 31, 2026 | Jan 31, 2026 |