| | CVE-2026-41176 | Red Hat | high | 9.8 | 16.7%
| | Rclone is a command-line program to sync files and directories to and from different cloud storage p… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31533 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net/tls: fix use-after-free in -… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-31531 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel. A local user can trigger a denial of service by querying a nex… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-31532 | Red Hat | high | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's Controller Area Network (CAN) raw socket implementation. A us… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41179 | Red Hat | high | 9.8 | 0.1%
| | A flaw was found in Rclone, a command-line program for syncing files with cloud storage. An unauthen… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41196 | Red Hat | high | 8.2 | 0.1%
| | A flaw was found in Luanti (formerly Minetest), an open-source game platform. A malicious mod, when … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41988 | Red Hat | low | 2.8 | 0.0%
| | A flaw was found in uuid. When external output buffers are used with UUID versions 3, 5, or 6, an at… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41989 | Red Hat | medium | 7.5 | 0.0%
| ✓ Fix | A flaw was found in Libgcrypt. A remote attacker could exploit this vulnerability by sending crafted… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41990 | Red Hat | low | 3.3 | 0.0%
| ✓ Fix | A flaw was found in Libgcrypt. During Dilithium signing operations, the library fails to perform a b… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2025-13763 | Red Hat | low | 5.7 | — | | Multiple uses of uninitialized variables were found in libopensc that may lead to information disclo… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2025-66286 | Red Hat | medium | 4.7 | — | | An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-33999 | Red Hat | high | 7.8 | — | | A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XK… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-34001 | Red Hat | high | 7.8 | — | | A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-34003 | Red Hat | high | 7.8 | — | | A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could se… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41238 | Red Hat | medium | 6.8 | 0.0%
| | A flaw was found in DOMPurify, a software library used to clean potentially malicious code from web … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41239 | Red Hat | medium | 6.8 | 0.1%
| | A flaw was found in DOMPurify. A remote attacker could exploit this cross-site scripting (XSS) vulne… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41240 | Red Hat | medium | 8.1 | 0.0%
| ✓ Fix | A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could ex… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-6919 | Red Hat | high | 8.8 | 0.1%
| | Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who ha… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-6920 | Red Hat | high | 9.0 | 0.1%
| | Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attac… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-6921 | Red Hat | high | 9.6 | 0.0%
| | Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potenti… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-33694 | Tenable | high | 7.4 | — | | This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files… | Apr 23, 2026 | Apr 24, 2026 |
| | CVE-2026-40886 | Red Hat | high | 7.7 | 0.1%
| | A flaw was found in Argo Workflows, an open-source system for managing tasks in Kubernetes. An attac… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41246 | Red Hat | high | 8.1 | 0.1%
| | Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41205 | Red Hat | medium | 5.9 | 0.1%
| | Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vuln… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-24303 | Microsoft | critical | 9.6 | 0.0%
| | Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privile… | Apr 23, 2026 | Apr 28, 2026 |
| | CVE-2026-26150 | Microsoft | high | 8.6 | 0.1%
| | Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate p… | Apr 23, 2026 | Apr 29, 2026 |
| | CVE-2026-32172 | Microsoft | high | 8.0 | 0.0%
| | Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute … | Apr 23, 2026 | Apr 29, 2026 |
| | CVE-2026-32210 | Microsoft | critical | 9.3 | 0.0%
| | Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacke… | Apr 23, 2026 | May 5, 2026 |
| | CVE-2026-33102 | Microsoft | critical | 9.3 | 0.0%
| | Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker … | Apr 23, 2026 | Apr 29, 2026 |
| | CVE-2026-33819 | Microsoft | critical | 10.0 | 0.4%
| | Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code … | Apr 23, 2026 | May 5, 2026 |
| | CVE-2026-35431 | Microsoft | critical | 10.0 | 0.1%
| | Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthoriz… | Apr 23, 2026 | Apr 28, 2026 |
| | CVE-2026-31589 | Red Hat | medium | 6.6 | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
mm: call ->free_folio() directly… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31636 | Red Hat | medium | 7.1 | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
rxrpc: fix RESPONSE authenticato… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31538 | Red Hat | medium | — | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
smb: server: make use of smbdire… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31639 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix key reference count l… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31585 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's vidtv media driver. When the `vidtv_start_streaming()` functi… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31665 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's netfilter connection tracking (nf_conntrack) component. This … | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31578 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's as102_usb driver. A local user could exploit a race condition… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31539 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's `smbdirect` module. A race condition in the receive credit ma… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31611 | Red Hat | medium | — | 0.0%
| | A flaw was found in the ksmbd component of the Linux kernel. A remote attacker could exploit this vu… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31631 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel, specifically within its rxrpc communication protocol. This vul… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31642 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's rxrpc module. This vulnerability occurs due to incorrect hand… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31612 | Red Hat | medium | — | 0.0%
| | A flaw was found in ksmbd, a Linux kernel module. A remote attacker can exploit this vulnerability b… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31647 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's idpf driver. This vulnerability arises from improper nesting … | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31628 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel. On systems utilizing Zen1 processors, the hardware divider can… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31670 | Red Hat | low | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's rfkill component. A local user can exploit this by creating a… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31635 | Red Hat | high | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's rxrpc component. An inverted length check in the `rxgk_verify… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31668 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's Segment Routing over IPv6 (SRv6) lightweight tunnel (seg6 lwt… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31653 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's Data Access MONitor (DAMON) subsystem. When a process being m… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31618 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's fbdev subsystem, specifically affecting the tdfxfb and udlfb … | Apr 24, 2026 | Apr 24, 2026 |