| | CVE-2026-5903 | Red Hat | low | 6.1 | 0.0%
| | Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5897 | Red Hat | low | 4.3 | 0.0%
| | Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5902 | Red Hat | low | 3.7 | 0.1%
| | Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had c… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5864 | Red Hat | high | 6.5 | 0.0%
| | Heap buffer overflow in WebAudio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker t… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5877 | Red Hat | medium | 9.6 | 0.2%
| | Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to ex… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5861 | Red Hat | high | 9.6 | 0.2%
| | Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute ar… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5868 | Red Hat | high | 8.8 | 0.1%
| | Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attack… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5914 | Red Hat | low | 5.0 | 0.0%
| | Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a us… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-28386 | Red Hat | medium | 5.9 | 0.0%
| ✓ Fix | Issue summary: Applications using AES-CFB128 encryption or decryption on
systems with AVX-512 and VA… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-28387 | Red Hat | low | 3.7 | 0.0%
| ✓ Fix | Issue summary: An uncommon configuration of clients performing DANE TLSA-based
server authentication… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-28388 | Red Hat | low | 5.9 | 0.0%
| ✓ Fix | Issue summary: When a delta CRL that contains a Delta CRL Indicator extension
is processed a NULL po… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-28389 | Red Hat | low | 5.9 | 0.1%
| ✓ Fix | Issue summary: During processing of a crafted CMS EnvelopedData message
with KeyAgreeRecipientInfo a… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-31789 | Red Hat | low | 5.8 | 0.0%
| ✓ Fix | Issue summary: Converting an excessively large OCTET STRING value to
a hexadecimal string leads to a… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5745 | Red Hat | medium | 5.5 | — | | A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing l… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-31790 | Red Hat | medium | 5.9 | — | | A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely e… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-1839 | Red Hat | medium | 6.7 | 0.0%
| | A flaw was found in HuggingFace Transformers. A remote attacker can exploit this vulnerability by su… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-28810 | Red Hat | medium | 5.3 | 0.1%
| | A flaw was found in Erlang/OTP kernel. The built-in DNS resolver (inet_res) uses predictable 16-bit … | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33227 | Apache | medium | 4.3 | 0.1%
| | Improper validation and restriction of a classpath path name vulnerability in
Apache ActiveMQ Cli… | Apr 7, 2026 | Apr 20, 2026 |
| | CVE-2026-34197 | Apache | high | 8.8 | 96.2%
| ⚠ KEV | Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability i… | Apr 7, 2026 | Jun 30, 2026 |
| | CVE-2026-23818 | HPE | high | 8.8 | — | | A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Pr… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-32144 | Red Hat | high | 7.4 | — | | A flaw was found in Erlang OTP public_key. This improper certificate validation vulnerability allows… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-28808 | Red Hat | high | 7.4 | — | | A flaw was found in Erlang OTP (inets modules). A remote unauthenticated attacker could exploit an i… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5731 | Red Hat | high | 8.8 | 0.1%
| ✓ Fix | Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Fi… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5732 | Red Hat | high | 8.8 | 0.0%
| ✓ Fix | Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability … | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5733 | Red Hat | high | 8.8 | 0.0%
| | Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Fir… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5734 | Red Hat | high | 8.8 | 0.1%
| ✓ Fix | Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thun… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5735 | Red Hat | high | 7.5 | 0.1%
| | Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evi… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-35554 | Red Hat | medium | 6.8 | 0.0%
| ✓ Fix | A flaw was found in the Apache Kafka Java producer client. A race condition in the client's buffer p… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-20884 | Red Hat | medium | 7.5 | 0.1%
| | An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit … | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-24450 | Red Hat | medium | 7.5 | — | | A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by pro… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-24660 | Red Hat | high | 7.5 | — | | A flaw was found in LibRaw. A remote attacker could exploit a heap-based buffer overflow vulnerabili… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-20889 | Red Hat | high | 7.5 | — | | A flaw was found in LibRaw, a library used for processing raw image files. This vulnerability, a hea… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-21413 | Red Hat | high | 7.5 | — | | A flaw was found in LibRaw. A heap-based buffer overflow vulnerability exists in the `lossless_jpeg_… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-20911 | Red Hat | high | 7.5 | — | | A flaw was found in LibRaw. A remote attacker can exploit a heap-based buffer overflow vulnerability… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-4740 | Red Hat | high | 8.2 | — | | A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluste… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-3902 | Red Hat | medium | 5.3 | — | | A flaw was found in Django. A remote attacker can exploit an ambiguous mapping of header variants (w… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-4277 | Red Hat | medium | 5.4 | — | | A flaw was found in Django. This vulnerability allows an attacker to bypass permission validation by… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-4292 | Red Hat | medium | 5.3 | — | | A flaw was found in Django. Admin changelist forms utilizing `ModelAdmin.list_editable` were suscept… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33033 | Red Hat | medium | 5.3 | — | | A flaw was found in Django. A remote attacker can exploit this vulnerability by submitting specially… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33034 | Red Hat | medium | 5.3 | — | | A flaw was found in Django. A remote attacker can exploit this vulnerability by sending ASGI (Asynch… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33551 | Red Hat | low | 3.5 | 0.0%
| | A flaw was found in OpenStack Keystone. An authenticated user with a reader role can exploit a vulne… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-35515 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in Nest, a framework for building Node.js server-side applications. An attacker can… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33815 | Red Hat | high | 8.3 | 0.0%
| ✓ Fix | Memory-safety vulnerability in github.com/jackc/pgx/v5. | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33816 | Red Hat | high | 8.3 | 0.0%
| ✓ Fix | Memory-safety vulnerability in github.com/jackc/pgx/v5. | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-4631 | Red Hat | critical | 9.8 | — | | Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface t… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-35611 | Red Hat | medium | 6.5 | 0.0%
| | Addressable is an alternative implementation to the URI implementation that is part of Ruby's standa… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-32588 | Red Hat | medium | 4.3 | 0.1%
| | Authenticated DoS over CQL in Apache Cassandra 4.0, 4.1, 5.0 allows authenticated user to raise quer… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-39314 | Red Hat | medium | 4.0 | 0.0%
| ✓ Fix | A flaw was found in CUPS, an open-source printing system. An unprivileged local user can exploit an … | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-39316 | Red Hat | medium | 4.0 | 0.0%
| ✓ Fix | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-27314 | Apache | high | 8.8 | 0.0%
| | Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator all… | Apr 7, 2026 | Apr 15, 2026 |