| | CVE-2026-27315 | Apache | medium | 5.5 | 0.0%
| | Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, … | Apr 7, 2026 | Apr 15, 2026 |
| | CVE-2026-39363 | Red Hat | high | 7.5 | — | | A flaw was found in Vite, a frontend tooling framework. A remote attacker can exploit this vulnerabi… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-39364 | Red Hat | high | 7.5 | — | | A flaw was found in Vite, a frontend tooling framework for JavaScript. On the Vite development serve… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-39365 | Red Hat | medium | 5.3 | — | | A flaw was found in Vite. The development server's handling of `.map` requests contains a path trave… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-39373 | Red Hat | high | 7.5 | — | | A flaw was found in JWCrypto, a Python library for JSON Web Key (JWK), JSON Web Signature (JWS), and… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-39395 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in Cosign, a tool for code signing and transparency for containers and binaries. A … | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34045 | Red Hat | high | 8.2 | 0.1%
| ✓ Fix | A flaw was found in Podman Desktop. A remote attacker can exploit an unauthenticated HTTP server, wh… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34080 | Red Hat | medium | 5.5 | 0.0%
| | xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerabi… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34580 | Red Hat | high | 9.1 | 0.0%
| | Botan is a C++ cryptography library. In 3.11.0, the function Certificate_Store::certificate_known ha… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34582 | Red Hat | high | 9.1 | 0.0%
| | A flaw was found in Botan, a C++ cryptography library. The TLS 1.3 implementation in Botan allows ap… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34765 | Red Hat | medium | 7.1 | 0.0%
| | Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34781 | Red Hat | medium | 5.0 | 0.0%
| | A flaw was found in Electron. An application that calls `clipboard.readImage()` may be vulnerable to… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34078 | Red Hat | high | 9.0 | 0.1%
| | Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak p… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34079 | Red Hat | medium | 6.7 | 0.2%
| | Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching f… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-35406 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in aardvark-dns where a specially crafted TCP DNS query followed by a connection re… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-28390 | Red Hat | medium | 7.5 | 0.1%
| ✓ Fix | Issue summary: During processing of a crafted CMS EnvelopedData message
with KeyTransportRecipientIn… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-6846 | Red Hat | high | 7.8 | 0.0%
| | A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a speciall… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-31411 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's Asynchronous Transfer Mode (ATM) networking component. A loca… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32591 | Red Hat | high | 5.2 | — | | A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administr… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32590 | Red Hat | medium | 7.1 | — | | A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload p… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32589 | Red Hat | high | 7.1 | — | | A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push a… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32282 | Red Hat | medium | 7.8 | 0.0%
| ✓ Fix | On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in pro… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-33810 | Red Hat | high | 8.8 | 0.0%
| ✓ Fix | When verifying a certificate chain containing excluded DNS constraints, these constraints are not co… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-27144 | Red Hat | medium | 8.1 | 0.0%
| | A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32289 | Red Hat | medium | 5.4 | 0.0%
| | A flaw was found in the `html/template` package. This vulnerability arises from improper tracking of… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-27140 | Red Hat | high | 9.0 | 0.0%
| ✓ Fix | SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrar… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32283 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically a… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-27143 | Red Hat | medium | 8.1 | 0.0%
| | A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correc… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32288 | Red Hat | medium | 4.3 | 0.0%
| | A flaw was found in Go's `archive/tar` package. A remote attacker could exploit this vulnerability b… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32280 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the proc… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32281 | Red Hat | medium | 5.9 | 0.0%
| | A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-5795 | Red Hat | high | 7.4 | 0.0%
| ✓ Fix | A flaw was found in Eclipse Jetty. The `JASPIAuthenticator` class is responsible for handling authen… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2025-58713 | Red Hat | medium | 6.4 | — | | A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2025-57854 | Red Hat | medium | 6.4 | — | | A container privilege escalation flaw was found in certain OpenShift Update Service (OSUS) images. T… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2025-57853 | Red Hat | medium | 6.4 | — | | A container privilege escalation flaw was found in certain Web Terminal images. This issue stems fro… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2025-57851 | Red Hat | medium | 6.4 | — | | A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes images… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2025-57847 | Red Hat | medium | 6.4 | — | | A container privilege escalation flaw was found in certain Ansible Automation Platform images. This … | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-39865 | Red Hat | medium | 5.9 | — | | A flaw was found in Axios, a promise-based HTTP client. A malicious server can exploit a state corru… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-33753 | Red Hat | medium | 6.2 | — | | A flaw was found in rfc3161-client, a Python library implementing the Time-Stamp Protocol (TSP). Thi… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-2377 | Red Hat | high | 6.5 | — | | A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by provi… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2025-14243 | Red Hat | medium | 5.3 | — | | A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, rem… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-20709 | Red Hat | medium | 6.6 | 0.0%
| | A flaw was found in some Intel Pentium Processor Silver Series, Intel Celeron Processor J Series, an… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-23869 | Red Hat | high | 7.5 | 0.8%
| | A flaw was found in react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-39881 | Red Hat | medium | 5.0 | — | | A flaw was found in Vim. A command injection vulnerability in Vim's NetBeans interface allows a mali… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-39892 | Red Hat | high | 7.3 | 0.0%
| ✓ Fix | cryptography is a package designed to expose cryptographic primitives and recipes to Python develope… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-5858 | Red Hat | high | 8.8 | 0.1%
| | Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to e… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-5874 | Red Hat | high | 9.6 | 0.1%
| | Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who co… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-5894 | Red Hat | medium | 5.4 | 0.0%
| | Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacke… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-40024 | Red Hat | high | 7.9 | 0.0%
| | A flaw was found in The Sleuth Kit, specifically in the tsk_recover tool. An attacker can exploit th… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-6862 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fai… | Apr 9, 2026 | Apr 9, 2026 |