| | CVE-2026-23218 |  Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
gpio: loongson-64bit: Fix incorr… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2025-71228 | Red Hat | medium | — | — | | No description is available for this CVE. | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-23211 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
mm, swap: restore swap_space att… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-2681 | Red Hat | medium | 5.3 | 0.1%
| | A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, sp… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-22048 |  Microsoft | high | 7.1 | 0.0%
| | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.12 and 12.0.0.4 with Single Sig… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-23599 |  HPE | high | 7.8 | 0.0%
| | A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-27171 | Red Hat | low | 2.9 | 0.0%
| | zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-2641 | Red Hat | low | 3.3 | 0.0%
| | A weakness has been identified in universal-ctags ctags up to 6.2.1. The affected element is the fun… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-27099 | Red Hat | medium | 4.6 | 0.0%
| | Jenkins 2.483 through 2.550 (both inclusive), LTS 2.492.1 through 2.541.1 (both inclusive) does not … | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-27100 | Red Hat | medium | 4.3 | 0.1%
| | Jenkins 2.550 and earlier, LTS 2.541.1 and earlier accepts Run Parameter values that refer to builds… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-23215 |  VMware | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
x86/vmware: Fix hypercall clobb… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-2507 |  F5 | high | 7.5 | 0.1%
| | When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2025-14009 | Red Hat | high | 8.8 | 0.6%
| | A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all version… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-20137 |  Splunk | low | 3.5 | 0.0%
| | In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, and Splunk Cloud Platfo… | Feb 18, 2026 | Feb 20, 2026 |
| | CVE-2026-20138 | Splunk | medium | 6.8 | 0.0%
| | In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Sea… | Feb 18, 2026 | Feb 20, 2026 |
| | CVE-2026-20139 | Splunk | medium | 4.3 | 0.0%
| | In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, and Splunk Cloud Platf… | Feb 18, 2026 | Feb 20, 2026 |
| | CVE-2026-20141 | Splunk | medium | 4.3 | 0.0%
| | In Splunk Enterprise versions below 10.0.2, 10.0.3, 9.4.8, and 9.3.9, a low-privileged user who does… | Feb 18, 2026 | Feb 23, 2026 |
| | CVE-2026-20142 | Splunk | medium | 6.8 | 0.0%
| | In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Sea… | Feb 18, 2026 | Feb 23, 2026 |
| | CVE-2026-20144 | Splunk | medium | 6.8 | 0.0%
| | In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platf… | Feb 18, 2026 | Feb 23, 2026 |
| | CVE-2026-22860 | Red Hat | high | 7.5 | 0.1%
| | Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, `Rack::Dir… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-25500 | Red Hat | medium | 5.4 | 0.0%
| | Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, `Rack::Dir… | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2026-2708 | Red Hat | low | 3.7 | — | | No description is available for this CVE. | Feb 18, 2026 | Feb 18, 2026 |
| | CVE-2025-10256 |  Check Point | medium | 5.3 | 0.0%
| | A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_fire… | Feb 18, 2026 | Feb 26, 2026 |
| | CVE-2025-69725 | Red Hat | medium | 4.7 | 0.0%
| | An Open Redirect vulnerability in the go-chi/chi >=5.2.2 RedirectSlashes function allows remote atta… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-2733 | Red Hat | low | 3.8 | 0.1%
| ✓ Fix | A flaw was identified in the Docker v2 authentication endpoint of Keycloak, where tokens continue to… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-25535 | Red Hat | high | 7.5 | 0.1%
| | jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the first argumen… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-25755 | Red Hat | high | 9.6 | 0.0%
| | jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the argument of t… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-25940 | Red Hat | high | 9.6 | 0.0%
| | jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of properties and me… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-24834 | Red Hat | high | 9.3 | 0.0%
| | Kata Containers is an open source project focusing on a standard implementation of lightweight Virtu… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-2817 | Red Hat | medium | 4.4 | 0.0%
| | Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, p… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-26030 | Microsoft | critical | 9.9 | 0.1%
| | Semantic Kernel, Microsoft's semantic kernel Python SDK, has a remote code execution vulnerability i… | Feb 19, 2026 | Mar 3, 2026 |
| | CVE-2026-26200 | Red Hat | high | 7.8 | 0.0%
| | HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` f… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-26057 |  Cisco | medium | 6.5 | 0.1%
| | Skill Scanner is a security scanner for AI Agent Skills that detects prompt injection, data exfiltra… | Feb 19, 2026 | Feb 26, 2026 |
| | CVE-2026-26278 | Red Hat | high | 7.5 | 0.1%
| | fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object wi… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-26280 | Red Hat | high | 8.4 | 0.1%
| | systeminformation is a System and OS information library for node.js. In versions prior to 5.30.8, a… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-26318 | Red Hat | high | 8.8 | 0.1%
| | systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are v… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-26267 | Check Point | high | 7.5 | 0.0%
| | soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the … | Feb 19, 2026 | Feb 20, 2026 |
| | CVE-2026-21535 | Microsoft | high | 8.2 | 0.1%
| | Improper access control in Microsoft Teams allows an unauthorized attacker to disclose information o… | Feb 19, 2026 | Mar 13, 2026 |
| | CVE-2026-24122 | Red Hat | low | 3.7 | 0.0%
| | Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and bel… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-26958 | Red Hat | low | 3.7 | 0.1%
| | filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for b… | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-26963 | Red Hat | medium | 6.1 | 0.0%
| | Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions … | Feb 19, 2026 | Feb 19, 2026 |
| | CVE-2026-3195 | Red Hat | high | 7.4 | — | | A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the `vir… | Feb 20, 2026 | Feb 20, 2026 |
| | CVE-2026-3196 | Red Hat | medium | 5.5 | — | | An integer overflow vulnerability was found in the virtio-snd device via PCM_INFO requests from the … | Feb 20, 2026 | Feb 20, 2026 |
| | CVE-2026-26967 | Red Hat | high | 8.4 | 0.0%
| | PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and … | Feb 20, 2026 | Feb 20, 2026 |
| | CVE-2026-26960 | Red Hat | medium | 7.1 | 0.0%
| | node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below,… | Feb 20, 2026 | Feb 20, 2026 |
| | CVE-2026-26996 | Red Hat | medium | 6.5 | 0.1%
| | minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objec… | Feb 20, 2026 | Feb 20, 2026 |
| | CVE-2026-2739 | Red Hat | medium | 5.3 | 0.0%
| | This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupt… | Feb 20, 2026 | Feb 20, 2026 |
| | CVE-2026-21620 | Red Hat | medium | 4.2 | 0.0%
| | Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erla… | Feb 20, 2026 | Feb 20, 2026 |
| | CVE-2026-2818 | Red Hat | high | 7.1 | 0.1%
| | A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows … | Feb 20, 2026 | Feb 20, 2026 |
| | CVE-2026-2472 | Red Hat | high | 8.1 | 0.2%
| | Stored Cross-Site Scripting (XSS) in the _genai/_evals_visualization component of Google Cloud Verte… | Feb 20, 2026 | Feb 20, 2026 |