| | CVE-2026-34943 |  Red Hat | medium | 5.0 | — | | A flaw was found in Wasmtime, a runtime for WebAssembly. A malicious guest can exploit an issue wher… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-34944 | Red Hat | medium | 4.7 | — | | A flaw was found in Wasmtime, a runtime for WebAssembly. On x86-64 platforms with SSE3 disabled, Was… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-34945 | Red Hat | medium | 5.6 | — | | A flaw was found in Wasmtime's Winch compiler. This vulnerability, present in versions from 25.0.0 t… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-34946 | Red Hat | medium | 5.3 | — | | A flaw was found in Wasmtime, a runtime for WebAssembly (Wasm) code. A malicious Wasm program, when … | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-34971 | Red Hat | high | 8.5 | — | | A flaw was found in Wasmtime, a runtime for WebAssembly. On aarch64 systems, a miscompilation bug in… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-34983 | Red Hat | low | 2.5 | — | | A flaw was found in Wasmtime, a runtime for WebAssembly. This vulnerability allows for a use-after-f… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-34987 | Red Hat | medium | 8.5 | — | | A flaw was found in Wasmtime, a runtime for WebAssembly. When using its non-default Winch compiler b… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-34988 | Red Hat | medium | 5.6 | — | | A flaw was found in Wasmtime, a runtime for WebAssembly. When Wasmtime's pooling allocator is config… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-35186 | Red Hat | medium | 6.9 | — | | A flaw was found in Wasmtime, a runtime for WebAssembly. The Winch compiler backend incorrectly hand… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-35195 | Red Hat | medium | 6.3 | — | | A flaw was found in Wasmtime, a runtime for WebAssembly. A malicious guest component can exploit an … | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-5194 | Red Hat | critical | 10.0 | — | | A flaw was found in wolfSSL. Missing hash/digest size and Object Identifier (OID) checks allow the a… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-5447 | Red Hat | medium | 5.3 | — | | A flaw was found in wolfSSL. A heap buffer overflow, a type of memory corruption vulnerability, occu… | Apr 9, 2026 | Apr 9, 2026 |
| | CVE-2026-24880 |  Apache | high | 7.5 | 0.0%
| | Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Ap… | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-25854 | Apache | medium | 6.1 | 0.0%
| | Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via th… | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-29129 | Apache | high | 7.5 | 0.0%
| | Configured cipher preference order not preserved vulnerability in Apache Tomcat.
This issue affects… | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-29145 | Apache | critical | 9.1 | 0.1%
| | CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled v… | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-29146 | Apache | high | 7.5 | 0.0%
| | Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration.
This… | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-32990 | Apache | medium | 5.3 | 0.0%
| | Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614.… | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-34483 | Apache | high | 7.5 | 0.0%
| | Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache … | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-34486 | Apache | high | 7.5 | 0.0%
| | Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-2914… | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-34487 | Apache | high | 7.5 | 0.0%
| | Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clusterin… | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-34500 | Apache | medium | 6.5 | 0.1%
| | CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled a… | Apr 9, 2026 | Apr 14, 2026 |
| | CVE-2026-31412 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's USB mass storage gadget module (`usb-gadget-f_mass_storage`).… | Apr 10, 2026 | Apr 10, 2026 |
| | CVE-2026-22750 |  VMware | high | 7.5 | 0.0%
| | When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.… | Apr 10, 2026 | Apr 10, 2026 |
| | CVE-2026-39304 | Apache | high | 7.5 | 0.1%
| | Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker,… | Apr 10, 2026 | May 1, 2026 |
| | CVE-2026-40227 | Red Hat | medium | 6.2 | 0.0%
| | A flaw was found in systemd. A local unprivileged user can exploit this vulnerability by making an I… | Apr 10, 2026 | Apr 10, 2026 |
| | CVE-2026-34477 | Apache | medium | 5.9 | 0.1%
| | The fix for CVE-2025-68161 https://logging.apache.org/security.html#CVE-2025-68161 was incomplete:… | Apr 10, 2026 | May 6, 2026 |
| | CVE-2026-34478 | Apache | high | 7.5 | 0.2%
| | Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424L… | Apr 10, 2026 | Apr 24, 2026 |
| | CVE-2026-34479 | Apache | high | 7.5 | 0.2%
| | The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden b… | Apr 10, 2026 | May 6, 2026 |
| | CVE-2026-34480 | Apache | high | 7.5 | 0.2%
| | Apache Log4j Core's XmlLayout https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout , … | Apr 10, 2026 | Apr 24, 2026 |
| | CVE-2026-34481 | Apache | high | 7.5 | 0.2%
| | Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.… | Apr 10, 2026 | Apr 24, 2026 |
| | CVE-2026-40021 | Apache | medium | 5.3 | 0.2%
| | Apache Log4net's XmlLayout https://logging.apache.org/log4net/manual/configuration/layouts.html#lay… | Apr 10, 2026 | Apr 22, 2026 |
| | CVE-2026-40023 | Apache | medium | 5.3 | 0.2%
| | Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx_1_1xml_1_1XMLLayou… | Apr 10, 2026 | Apr 21, 2026 |
| | CVE-2026-5483 | Red Hat | high | 8.5 | 0.1%
| ✓ Fix | A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard`… | Apr 10, 2026 | Apr 10, 2026 |
| | CVE-2026-33119 |  Microsoft | medium | 5.4 | 0.0%
| | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) all… | Apr 10, 2026 | Apr 24, 2026 |
| | CVE-2026-33118 | Microsoft | medium | 4.3 | 0.1%
| | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Apr 10, 2026 | Apr 24, 2026 |
| | CVE-2026-33555 | Red Hat | medium | 4.0 | — | | A flaw was found in HAProxy. A remote attacker could exploit this vulnerability by sending a special… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-30998 | Red Hat | medium | 5.3 | — | | A flaw was found in FFmpeg. An improper resource deallocation and closure vulnerability in the `tool… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-30999 | Red Hat | medium | 5.3 | — | | A flaw was found in FFmpeg. A remote attacker could exploit a heap buffer overflow vulnerability in … | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-30997 | Red Hat | medium | 5.9 | — | | A flaw was found in FFmpeg. An attacker can exploit an out-of-bounds read vulnerability within the `… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31427 | Red Hat | medium | 5.8 | — | | A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nf_conntrack_sip… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31428 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel's netfilter component. When manually constructing the NFULA_PAY… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31415 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel. A local attacker can exploit an integer overflow vulnerability… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31423 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's Hierarchical Fair Service Curve (HFSC) network scheduler. Whe… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31420 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's bridge subsystem, specifically within the Multiple Registrati… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31417 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's X.25 network protocol implementation (net/x25). An attacker c… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31425 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel. A local user can trigger a null pointer dereference in the Rel… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31422 | Red Hat | medium | 4.7 | — | | A flaw was found in the Linux kernel's networking scheduler (net/sched) component, specifically with… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31426 | Red Hat | medium | 5.8 | — | | A flaw was found in the Linux kernel's Advanced Configuration and Power Interface (ACPI) Embedded Co… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31424 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's netfilter subsystem, specifically within the x_tables and arp… | Apr 13, 2026 | Apr 13, 2026 |