| | CVE-2026-41602 | Apache | high | 7.5 | 1.2%
| | Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implement… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-41604 | Apache | high | 8.2 | 1.0%
| | Out-of-bounds Read vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-41605 | Apache | high | 7.3 | 1.0%
| | Integer Overflow or Wraparound vulnerability in Apache Thrift.
This issue affects Apache Thrift: be… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-41607 | Apache | medium | 6.5 | 1.0%
| | Out-of-bounds Read vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-5435 | Red Hat | medium | 5.9 | — | ✓ Fix | A flaw was found in glibc, the GNU C Library. Specifically, deprecated functions responsible for pri… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7320 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7322 | Red Hat | high | 8.8 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7323 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7324 | Red Hat | high | 7.5 | 0.0%
| | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7321 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-5944 | Cisco | high | 8.2 | 0.1%
| | An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix… | Apr 28, 2026 | May 18, 2026 |
| | CVE-2026-40968 | VMware | medium | 4.2 | 0.0%
| | When an authenticated user is denied access to a gRPC method, their authenticated identity remains b… | Apr 28, 2026 | Apr 30, 2026 |
| | CVE-2026-40969 | VMware | low | 3.7 | 0.0%
| | The raw message of every server-side AuthenticationException is returned to the unauthenticated remo… | Apr 28, 2026 | Apr 30, 2026 |
| | CVE-2026-41873 | Apache | critical | 9.8 | — | | ** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-6238 | Red Hat | medium | 6.5 | 0.0%
| ✓ Fix | A flaw was found in glibc (GNU C Library). The deprecated functions ns_printrrf, ns_printrr, and fp_… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-42015 | Red Hat | medium | 5.3 | 0.1%
| ✓ Fix | A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-42014 | Red Hat | medium | — | — | ✓ Fix | No description is available for this CVE. | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-5260 | Red Hat | medium | 8.2 | 0.1%
| ✓ Fix | A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret dur… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-42013 | Red Hat | medium | 8.2 | 0.0%
| ✓ Fix | A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-42012 | Red Hat | medium | 7.1 | 0.0%
| ✓ Fix | A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a speci… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-42011 | Red Hat | medium | 7.4 | 0.0%
| ✓ Fix | A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorr… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-42010 | Red Hat | high | 7.1 | 0.1%
| ✓ Fix | A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key)… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-42009 | Red Hat | high | 7.5 | 0.2%
| ✓ Fix | A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-37555 | Red Hat | high | 8.2 | 0.0%
| ✓ Fix | A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur whe… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-38993 | Red Hat | high | 8.1 | 0.1%
| | A flaw was found in Cockpit. This vulnerability, identified as a directory traversal, allows authent… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-6429 | Red Hat | medium | 6.5 | 0.0%
| ✓ Fix | A flaw was found in libcurl. When configured to use a .netrc file for credentials and follow HTTP re… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-5545 | Red Hat | medium | 6.5 | 0.0%
| ✓ Fix | A flaw was found in libcurl. An application using libcurl that performs an authenticated HTTP(S) req… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-6276 | Red Hat | low | 3.7 | 0.0%
| ✓ Fix | A flaw was found in libcurl. This vulnerability allows for information disclosure when a custom `Hos… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-6253 | Red Hat | medium | 5.3 | 0.0%
| ✓ Fix | A flaw was found in curl. When curl is configured to use distinct proxies for different URL schemes,… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-5773 | Red Hat | medium | 6.5 | 0.0%
| ✓ Fix | A flaw was found in libcurl. Due to a logical error in the connection reuse mechanism for SMB (Serve… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-4873 | Red Hat | medium | 5.3 | 0.0%
| ✓ Fix | A flaw was found in curl. A remote attacker could exploit this by initiating an unencrypted connecti… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-22740 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in Spring WebFlux, a component of the Spring Framework. A remote attacker can explo… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-22741 | Red Hat | medium | 5.9 | 0.1%
| | A flaw was found in Spring MVC and Spring WebFlux applications. A remote attacker can exploit this v… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-22745 | Red Hat | medium | 5.3 | 0.1%
| | A flaw was found in Spring MVC and Spring WebFlux applications. When an application is configured to… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-42519 | Red Hat | medium | 6.5 | 0.1%
| | A flaw was found in Jenkins Script Security Plugin. An attacker with Overall/Read permission can exp… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-42198 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in pgjdbc, an open-source PostgreSQL JDBC Driver. A malicious server can exploit th… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-6915 | Red Hat | medium | 6.3 | 0.0%
| | A flaw was found in MongoDB. An authenticated user could exploit an authorization flaw in the user m… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-31693 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
cifs: some missing initializatio… | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-31786 | Red Hat | medium | 7.1 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
Buffer overflow in drivers/xen/s… | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-31692 | Red Hat | medium | 7.1 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
rtnetlink: add missing netlink_n… | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-31787 | Red Hat | medium | 7.3 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
xen/privcmd: fix double free via… | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-7500 | Red Hat | medium | 5.4 | — | | When Keycloak is started with `--features-disabled=account,account-api`, the Account REST API is onl… | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-7376 | Red Hat | medium | 5.0 | — | | A flaw was found in sharkd, a component of Wireshark. This vulnerability allows a local user to trig… | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-7375 | Red Hat | medium | 6.5 | — | | A flaw was found in Wireshark. A remote attacker could exploit an infinite loop in the UDS (Unix Dom… | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-7378 | Red Hat | medium | 5.5 | — | | A flaw was found in sharkd, a component of Wireshark. This vulnerability allows a local attacker to … | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-6868 | Red Hat | medium | 5.5 | — | | A flaw was found in Wireshark. A local user could be tricked into opening a specially crafted networ… | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-6867 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the SMB2 protocol … | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-6869 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the WebSocket prot… | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-6870 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in Wireshark. A user processing a specially crafted GSM RP protocol dissector file … | Apr 30, 2026 | Apr 30, 2026 |
| | CVE-2026-6522 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in Wireshark. The RPKI-Router protocol dissector contains an infinite loop. A remot… | Apr 30, 2026 | Apr 30, 2026 |