| | CVE-2026-23903 |  Red Hat | medium | 5.3 | 0.1%
| | Authentication Bypass by Alternate Name vulnerability in Apache Shiro.
This issue affects Apache Shi… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24098 |  Apache | medium | 6.5 | 0.0%
| | Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with per… | Feb 9, 2026 | Mar 11, 2026 |
| | CVE-2025-14831 | Red Hat | medium | 5.3 | 0.0%
| ✓ Fix | A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Ce… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2025-66630 | Red Hat | high | 7.7 | 0.0%
| | Fiber is an Express inspired web framework written in Go. Before 2.52.11, on Go versions prior to 1.… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-23948 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer der… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24491 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, video_timer can se… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24675 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, urb_select_interfa… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24676 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, AUDIN format reneg… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24677 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecam_encoder_compr… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24678 | Red Hat | high | 5.3 | 0.0%
| ✓ Fix | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread s… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24679 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client … | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24680 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdl_Pointer_New fr… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24681 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-1529 | Red Hat | high | 8.1 | 0.0%
| ✓ Fix | A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organizati… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24682 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audin_server_recv_… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24683 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. ainput_send_input_event caches chan… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-1486 | Red Hat | high | 8.8 | 0.0%
| ✓ Fix | A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the s… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24684 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async p… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2025-14778 | Red Hat | medium | 5.4 | 0.0%
| ✓ Fix | A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserMa… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-25598 | Red Hat | medium | 4.3 | 0.0%
| | Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to … | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-1609 | Red Hat | high | 8.1 | — | | A flaw was found in Keycloak. When the JSON Web Token (JWT) authorization grant preview feature is e… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-25639 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-25765 | Red Hat | medium | 5.8 | 0.0%
| | Faraday is an HTTP client library abstraction layer that provides a common interface over many adapt… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-25934 | Red Hat | medium | 4.3 | 0.0%
| | go-git is a highly extensible git implementation library written in pure Go. Prior to 5.16.5, a vuln… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-2243 | Red Hat | low | 5.1 | 0.0%
| | A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnera… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2314 | Red Hat | high | 8.8 | 0.0%
| | Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to … | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2321 | Red Hat | medium | 6.5 | 0.1%
| | Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convin… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2317 | Red Hat | medium | 6.5 | 0.0%
| | Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 allowed a remote a… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2316 | Red Hat | medium | 6.5 | 0.0%
| | Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote a… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2315 | Red Hat | high | 8.8 | 0.0%
| | Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote atta… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2313 | Red Hat | high | 8.8 | 0.1%
| | Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potential… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2323 | Red Hat | low | 4.3 | 0.0%
| | Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote a… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2318 | Red Hat | medium | 6.5 | 0.0%
| | Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a r… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2322 | Red Hat | low | 4.3 | 0.0%
| | Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote … | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2320 | Red Hat | medium | 6.5 | 0.0%
| | Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote … | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2319 | Red Hat | medium | 6.5 | 0.0%
| | Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a u… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2271 | Red Hat | medium | 3.3 | — | | No description is available for this CVE. | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2272 | Red Hat | medium | 4.3 | — | | No description is available for this CVE. | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-23901 | Red Hat | low | 2.9 | 0.0%
| | Observable Timing Discrepancy vulnerability in Apache Shiro.
This issue affects Apache Shiro: from 1… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2025-55018 |  Fortinet | medium | 5.2 | 0.1%
| | An inconsistent interpretation of http requests ('http request smuggling') vulnerability in Fortinet… | Feb 10, 2026 | May 12, 2026 |
| | CVE-2025-64157 | Fortinet | medium | 6.7 | 0.0%
| | A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, … | Feb 10, 2026 | May 12, 2026 |
| | CVE-2025-62439 | Fortinet | low | 3.8 | 0.0%
| | An Improper Verification of Source of a Communication Channel vulnerability [CWE-940] vulnerability … | Feb 10, 2026 | May 12, 2026 |
| | CVE-2025-52436 | Fortinet | high | 8.8 | 0.2%
| | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilit… | Feb 10, 2026 | Feb 18, 2026 |
| | CVE-2025-62676 | Fortinet | high | 7.1 | 0.0%
| | An Improper Link Resolution Before File Access ('Link Following') vulnerability [CWE-59] vulnerabili… | Feb 10, 2026 | Feb 12, 2026 |
| | CVE-2025-68686 | Fortinet | medium | 5.9 | 0.0%
| | An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] vulnerability … | Feb 10, 2026 | Feb 12, 2026 |
| | CVE-2026-21743 | Fortinet | high | 7.2 | 0.0%
| | A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthe… | Feb 10, 2026 | Feb 12, 2026 |
| | CVE-2026-22153 | Fortinet | high | 8.1 | 0.1%
| | An Authentication Bypass by Primary Weakness vulnerability [CWE-305] vulnerability in Fortinet Forti… | Feb 10, 2026 | Feb 12, 2026 |
| | CVE-2025-31648 | Red Hat | low | 2.5 | 0.0%
| | Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an es… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2025-35998 | Red Hat | high | 7.9 | 0.0%
| | Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technolog… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-25646 | Red Hat | high | 7.0 | 0.1%
| ✓ Fix | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl… | Feb 10, 2026 | Feb 10, 2026 |