| | CVE-2026-34032 |  Apache | medium | 5.3 | — | | Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server.
This issue affec… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-23918 | Apache | medium | — | — | | Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.
This iss… | May 4, 2026 | May 5, 2026 |
| | CVE-2026-29169 | Apache | high | 7.5 | 0.3%
| | A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an att… | May 4, 2026 | May 5, 2026 |
| | CVE-2026-33006 | Apache | medium | 4.8 | — | | A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authe… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-33007 | Apache | medium | 5.3 | — | | A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows … | May 4, 2026 | May 4, 2026 |
| | CVE-2026-33523 | Apache | medium | 6.5 | — | | HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compr… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-40563 | Apache | high | 8.1 | 0.1%
| | Description:
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Atlas… | May 4, 2026 | May 6, 2026 |
| | CVE-2026-40682 | Apache | critical | 9.1 | 0.0%
| | XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersis… | May 4, 2026 | May 6, 2026 |
| | CVE-2026-42027 | Apache | critical | 9.8 | 0.3%
| | Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader
Versions Aff… | May 4, 2026 | May 6, 2026 |
| | CVE-2026-42440 | Apache | high | 7.5 | 0.0%
| | OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader
Version… | May 4, 2026 | May 6, 2026 |
| | CVE-2026-42809 | Apache | critical | 9.9 | 0.1%
| | Apache Polaris can issue broad temporary ("vended") storage credentials during
staged
table creation… | May 4, 2026 | May 12, 2026 |
| | CVE-2026-42810 | Apache | critical | 9.9 | 0.1%
| | Apache Polaris accepts literal `*` characters in namespace and table names. When it
later builds tem… | May 4, 2026 | May 12, 2026 |
| | CVE-2026-42811 | Apache | critical | 9.9 | 0.1%
| | In plain terms, Apache Polaris is supposed to issue short-lived GCS credentials
that
only work for o… | May 4, 2026 | May 12, 2026 |
| | CVE-2026-42812 | Apache | critical | 9.9 | 0.1%
| | In Apache Iceberg, the table's metadata files are control files: they tell readers
which data files … | May 4, 2026 | May 12, 2026 |
| | CVE-2026-43869 | Apache | high | 7.3 | 0.0%
| | Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.
This issue af… | May 5, 2026 | May 6, 2026 |
| | CVE-2026-43868 | Apache | medium | 5.3 | 0.0%
| | Memory Allocation with Excessive Size Value vulnerability in Apache Thrift.
This issue affects Apac… | May 5, 2026 | May 6, 2026 |
| | CVE-2026-43870 | Apache | high | 7.3 | 0.0%
| | Origin Validation Error, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversa… | May 5, 2026 | May 6, 2026 |
| | CVE-2026-34000 |  Red Hat | medium | 6.1 | — | | A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry pr… | May 5, 2026 | May 5, 2026 |
| | CVE-2026-34002 | Red Hat | medium | 6.1 | — | | A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (… | May 5, 2026 | May 5, 2026 |
| | CVE-2026-29168 | Apache | high | 7.3 | 0.1%
| | Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md v… | May 5, 2026 | May 6, 2026 |
| | CVE-2026-28780 | Apache | critical | 9.8 | 0.0%
| | Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server.
If mod_proxy_ajp co… | May 5, 2026 | May 6, 2026 |
| | CVE-2026-43274 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's mailbox subsystem, specifically within the mchp-ipc-sbi compo… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43223 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel's pvrusb2 media driver. When the `pvr2_send_request_ex()` funct… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43201 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's Advanced Processor Error Interface (APEI) / Generic Hardware … | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43197 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's netconsole component. The system processes messages from the … | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43177 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel's ipu6 driver. This issue occurs due to a runtime Power Managem… | May 6, 2026 | May 6, 2026 |
| | CVE-2025-71286 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel, specifically within the Advanced Linux Sound Architecture (ALS… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43140 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's HID (Human Interface Device) magicmouse driver. A local attac… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43125 | Red Hat | high | 7.0 | — | | A flaw was found in the Linux kernel's Distributed Lock Manager (dlm) module. An attacker could send… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43161 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's Intel IOMMU (Input/Output Memory Management Unit) virtual tec… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43168 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's Oracle Cluster File System version 2 (ocfs2). This vulnerabil… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43147 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel. A local user can cause a system deadlock by performing specifi… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43129 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's Integrity Measurement Architecture (IMA) subsystem. When a se… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43224 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's io_uring/zcrx subsystem. Under specific conditions, a failure… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43198 | Red Hat | high | 7.0 | — | | A flaw was found in the Linux kernel. A race condition exists in the TCP (Transmission Control Proto… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43178 | Red Hat | high | 7.0 | — | | A flaw was found in the Linux kernel's procfs component. A local user, by providing a malformed inpu… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43189 | Red Hat | medium | 7.0 | — | | A flaw was found in the `v4l2-async` component of the Linux kernel. Improper error handling during a… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43126 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's Advanced Linux Sound Architecture (ALSA) Open Sound System (O… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43131 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel. When the System Management Unit (SMU) is disabled during Relia… | May 6, 2026 | May 6, 2026 |
| | CVE-2025-71273 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's rtw88 Wi-Fi driver. This vulnerability is caused by a memory … | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43234 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's team driver. A local user can exploit this vulnerability by m… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43213 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's rtw89_pci component. This vulnerability allows an attacker to… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43247 | Red Hat | medium | — | — | | A flaw was found in the `wave5` media driver within the Linux kernel. This vulnerability can lead to… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43180 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's kaweth USB network driver. The kaweth_set_rx_mode() function … | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43144 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's `brcmfmac` Wi-Fi driver. When the probe of an SDIO (Secure Di… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43172 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's `iwlwifi` driver. This vulnerability occurs during SMEM parsi… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43279 | Red Hat | high | 7.0 | — | | A flaw was found in the Linux kernel's ALSA (Advanced Linux Sound Architecture) USB audio subsystem.… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43130 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel. When handling PCIe devices in scalable mode, the kernel may at… | May 6, 2026 | May 6, 2026 |
| | CVE-2025-71292 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's Journaled File System (JFS). This vulnerability occurs when a… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-43158 | Red Hat | high | 7.0 | — | | A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes (xattrs), whi… | May 6, 2026 | May 6, 2026 |