| | CVE-2026-23421 |  Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
drm/xe/configfs: Free ctx_restor… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-23419 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net/rds: Fix circular locking de… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-23420 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
wifi: wlcore: Fix a locking bug
… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-23424 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
accel/amdxdna: Validate command … | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-23422 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
dpaa2-switch: Fix interrupt stor… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-26135 |  Microsoft | critical | 9.6 | 0.0%
| | Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an author… | Apr 3, 2026 | Apr 6, 2026 |
| | CVE-2026-32211 | Microsoft | critical | 9.1 | 0.0%
| | Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to … | Apr 3, 2026 | Apr 6, 2026 |
| | CVE-2026-32213 | Microsoft | critical | 10.0 | 0.0%
| | Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges ove… | Apr 3, 2026 | Apr 6, 2026 |
| | CVE-2026-33105 | Microsoft | critical | 10.0 | 0.0%
| | Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elev… | Apr 3, 2026 | Apr 6, 2026 |
| | CVE-2026-33107 | Microsoft | critical | 10.0 | 0.0%
| | Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate pr… | Apr 3, 2026 | Apr 6, 2026 |
| | CVE-2026-35535 | Red Hat | high | 7.4 | 0.0%
| | In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a … | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-35536 | Red Hat | medium | 5.4 | 0.0%
| | In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesi… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-32186 | Microsoft | critical | 10.0 | 0.0%
| | Server-side request forgery (ssrf) in Microsoft Bing allows an unauthorized attacker to elevate priv… | Apr 3, 2026 | Apr 24, 2026 |
| | CVE-2026-27447 | Red Hat | medium | 6.4 | 0.0%
| | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-34990 | Red Hat | medium | 5.2 | 0.0%
| | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-34978 | Red Hat | medium | 6.5 | 0.1%
| | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-34979 | Red Hat | medium | 5.3 | 0.0%
| | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-34980 | Red Hat | medium | 6.4 | 0.0%
| | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.… | Apr 3, 2026 | Apr 3, 2026 |
| | CVE-2026-35616 |  Fortinet | critical | 9.1 | 25.3%
| ⚠ KEV | A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an … | Apr 4, 2026 | Apr 21, 2026 |
| | CVE-2016-20050 |  Trellix | medium | 6.2 | 0.0%
| | NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows … | Apr 4, 2026 | Apr 14, 2026 |
| | CVE-2026-31410 | Red Hat | medium | — | 0.0%
| | A flaw was found in ksmbd in the Linux kernel. This vulnerability occurs because ksmbd incorrectly u… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-31409 | Red Hat | medium | — | 0.0%
| | A flaw was found in ksmbd, a component of the Linux kernel. This vulnerability occurs when a multich… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-31405 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's dvb-net component. A remote attacker could exploit this vulne… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-31408 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's Bluetooth SCO (Synchronous Connection-Oriented) protocol impl… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-31406 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel, specifically within its xfrm (IP eXtensible FRamework) compone… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-31407 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's netfilter conntrack subsystem. Missing netlink policy validat… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-37977 | Red Hat | low | 3.7 | 0.0%
| | A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) h… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-5673 | Red Hat | medium | 5.6 | 0.0%
| | A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AV… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-5704 | Red Hat | medium | 5.0 | — | | A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious … | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-33540 | Red Hat | medium | 3.1 | — | | A flaw was found in Distribution, a toolkit for managing container content. When operating in pull-t… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34982 | Red Hat | high | 8.2 | — | | A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34378 | Red Hat | medium | 6.5 | — | | A flaw was found in OpenEXR, a widely used image storage format. A remote attacker could exploit a m… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34379 | Red Hat | high | 7.1 | — | | A flaw was found in OpenEXR, an image storage format library for the motion picture industry. A remo… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34380 | Red Hat | medium | 5.3 | — | | A flaw was found in OpenEXR, an image storage format library. A remote attacker could exploit a sign… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34444 | Red Hat | high | 8.1 | — | | A flaw was found in Lupa, a tool that integrates Lua or LuaJIT2 runtimes into CPython. An attacker c… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34588 | Red Hat | high | 8.8 | — | | A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attac… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34589 | Red Hat | high | 8.8 | — | | A flaw was found in OpenEXR. The DWA lossy decoder, responsible for processing EXR image files, inco… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34753 | Red Hat | medium | 5.4 | — | | A flaw was found in vLLM. This server-side request forgery (SSRF) vulnerability allows an attacker w… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34755 | Red Hat | high | 6.5 | — | | A flaw was found in vLLM, an inference and serving engine for large language models. A remote attack… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34756 | Red Hat | high | 6.5 | — | | A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). An unaut… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34764 | Red Hat | low | 2.3 | — | | A flaw was found in Electron, a framework for building desktop applications. This vulnerability, a u… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-35166 | Red Hat | medium | 4.6 | — | | A flaw was found in Hugo, a static site generator. This vulnerability arises from improper escaping … | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-35177 | Red Hat | medium | 4.1 | — | | A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially cra… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-35199 | Microsoft | medium | 6.1 | 0.1%
| | SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to befor… | Apr 6, 2026 | Apr 16, 2026 |
| | CVE-2026-5745 | Red Hat | medium | 5.5 | — | | A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing l… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-31790 | Red Hat | medium | 5.9 | — | | A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely e… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-1839 | Red Hat | medium | 6.7 | 0.0%
| | A flaw was found in HuggingFace Transformers. A remote attacker can exploit this vulnerability by su… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34197 |  Apache | medium | — | 6.2%
| ⚠ KEV | Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability i… | Apr 7, 2026 | Apr 17, 2026 |
| | CVE-2026-28810 | Red Hat | medium | 5.3 | 0.1%
| | A flaw was found in Erlang/OTP kernel. The built-in DNS resolver (inet_res) uses predictable 16-bit … | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33227 | Apache | medium | 4.3 | 0.1%
| | Improper validation and restriction of a classpath path name vulnerability in
Apache ActiveMQ Cli… | Apr 7, 2026 | Apr 20, 2026 |