| | CVE-2026-42788 | Red Hat | high | 7.5 | 0.0%
| | Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthen… | May 1, 2026 | May 1, 2026 |
| | CVE-2026-42786 | Red Hat | high | 7.5 | 0.1%
| | Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthen… | May 1, 2026 | May 1, 2026 |
| | CVE-2026-39804 | Red Hat | high | 7.5 | 0.1%
| | Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthen… | May 1, 2026 | May 1, 2026 |
| | CVE-2026-39805 | Red Hat | high | 7.4 | 0.0%
| | Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smu… | May 1, 2026 | May 1, 2026 |
| | CVE-2026-7598 | Red Hat | high | 9.1 | 0.1%
| ✓ Fix | A flaw was found in the libssh2 library. A remote attacker can exploit an integer overflow vulnerabi… | May 1, 2026 | May 1, 2026 |
| | CVE-2026-43058 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
media: vidtv: fix pass-by-value … | May 2, 2026 | May 2, 2026 |
| | CVE-2026-43824 | Red Hat | high | 9.6 | 0.0%
| | A flaw was found in Argo CD. The ServerSideDiff feature allows for the reading of cleartext Kubernet… | May 2, 2026 | May 2, 2026 |
| | CVE-2026-6525 | Red Hat | medium | 5.5 | 0.0%
| | IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 | May 2, 2026 | May 2, 2026 |
| | CVE-2026-37459 | Red Hat | high | 7.5 | 0.1%
| | A flaw was found in FRRouting (FRR). An unauthenticated remote attacker can exploit an integer under… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-37458 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in FRRouting (FRR). An authenticated remote attacker can exploit a missing input va… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-39852 | Red Hat | high | 8.2 | 0.0%
| ✓ Fix | A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization by… | May 4, 2026 | May 4, 2026 |
| | CVE-2025-70071 | Red Hat | high | 7.5 | — | | A flaw was found in Assimp. A remote attacker can exploit a vulnerability in the `FBXParser.cpp` fil… | May 4, 2026 | May 4, 2026 |
| | CVE-2025-70067 | Red Hat | medium | 5.6 | — | | A flaw was found in Assimp, an open-source asset import library, specifically within its FBX Importe… | May 4, 2026 | May 4, 2026 |
| | CVE-2025-70069 | Red Hat | high | 7.5 | — | | A flaw was found in Assimp. A remote attacker can exploit this vulnerability by interacting with the… | May 4, 2026 | May 4, 2026 |
| | CVE-2025-70070 | Red Hat | medium | 6.5 | — | | A flaw was found in Assimp. A remote attacker can exploit this vulnerability by manipulating the FBX… | May 4, 2026 | May 4, 2026 |
| | CVE-2025-70072 | Red Hat | medium | 6.5 | — | | A flaw was found in Assimp. A remote attacker can exploit this vulnerability by manipulating the FBX… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-7736 | Red Hat | high | 7.5 | 0.0%
| | A flaw was found in osrg GoBGP. A remote attacker can exploit this vulnerability by executing a mani… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-43859 | Red Hat | low | 3.7 | 0.0%
| | A flaw was found in mutt, an email client, where it mishandles cryptographic digests used for IMAP (… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-43860 | Red Hat | low | 3.7 | 0.0%
| | A flaw was found in mutt. During the IMAP CRAM-MD5 (Challenge-Response Authentication Mechanism - Me… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-7737 | Red Hat | high | 7.5 | 0.0%
| | A flaw was found in osrg GoBGP. A remote attacker can exploit an out-of-bounds read vulnerability wi… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-43861 | Red Hat | low | 3.7 | 0.0%
| | A flaw was found in mutt, an email client. The `url_pct_decode` function, which is responsible for d… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-43862 | Red Hat | low | 3.7 | 0.0%
| | A flaw was found in mutt, an email client. The `imap_auth_gss` security level, which is used for sec… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-43863 | Red Hat | low | 3.7 | 0.0%
| | A flaw was found in mutt, an email client. A remote attacker could exploit this vulnerability by sen… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-43864 | Red Hat | medium | 4.7 | 0.0%
| | A flaw was found in mutt. This vulnerability, a null pointer dereference in the `show_sig_summary` f… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-33846 | Red Hat | high | 7.5 | 0.1%
| | A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTL… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-24072 | Red Hat | medium | 5.5 | 0.0%
| ✓ Fix | A flaw was found in Apache HTTP Server. This escalation of privilege vulnerability allows local atta… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-7482 | Red Hat | critical | 9.1 | 0.0%
| | A flaw was found in Ollama. A remote attacker can exploit a heap out-of-bounds read vulnerability in… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-34059 | Red Hat | medium | 8.2 | 0.1%
| ✓ Fix | A flaw was found in the mod_proxy_ajp module of httpd. When processing AJP (Apache JServ Protocol) m… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-34032 | Red Hat | medium | 8.2 | 0.2%
| ✓ Fix | A flaw was found in the mod_proxy_ajp module of httpd. When processing AJP (Apache JServ Protocol) m… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-33857 | Red Hat | medium | 7.5 | 0.2%
| ✓ Fix | A flaw was found in the mod_proxy_ajp module of httpd. When processing AJP (Apache JServ Protocol) m… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-6266 | Red Hat | high | 8.3 | — | ✓ Fix | A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatical… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-33523 | Red Hat | medium | 6.5 | 0.3%
| ✓ Fix | A flaw was found in httpd. When processing responses from an untrusted or compromised backend server… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-33007 | Red Hat | medium | 5.3 | 0.6%
| ✓ Fix | A flaw was found in the mod_authn_socache module of httpd. This vulnerability allows an unauthentica… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-33006 | Red Hat | medium | 4.8 | 0.2%
| ✓ Fix | A flaw was found in the mod_auth_digest module of httpd. A remote unauthenticated attacker can bypas… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-23918 | Apache | medium | — | 42.8%
| | Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.
This iss… | May 4, 2026 | Jun 30, 2026 |
| | CVE-2026-29169 | Red Hat | low | 7.5 | 0.6%
| ✓ Fix | A flaw was found in the mod_dav_lock module of httpd. This vulnerability allows a remote unauthentic… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-40563 | Apache | high | 8.1 | 0.1%
| | Description:
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Atlas… | May 4, 2026 | May 6, 2026 |
| | CVE-2026-24118 | Red Hat | high | 9.1 | 0.2%
| | A flaw was found in vm2, an open-source sandbox for Node.js. This sandbox breakout vulnerability all… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-24120 | Red Hat | high | 9.1 | 0.1%
| | A flaw was found in vm2, an open-source sandbox for Node.js. This vulnerability allows a remote atta… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-24781 | Red Hat | high | 8.1 | 0.2%
| | A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-26332 | Red Hat | high | 9.1 | 0.1%
| | A flaw was found in vm2, an open-source sandbox for Node.js. This vulnerability allows a remote atta… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-26956 | Red Hat | high | 9.8 | 0.1%
| | A flaw was found in vm2, an open-source sandbox for Node.js. An attacker can exploit this vulnerabil… | May 4, 2026 | May 4, 2026 |
| | CVE-2026-40682 | Apache | critical | 9.1 | 0.4%
| | XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersis… | May 4, 2026 | Jun 30, 2026 |
| | CVE-2026-42027 | Apache | critical | 9.8 | 0.7%
| | Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader
Versions Aff… | May 4, 2026 | Jun 30, 2026 |
| | CVE-2026-42440 | Apache | high | 7.5 | 0.6%
| | OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader
Version… | May 4, 2026 | Jul 3, 2026 |
| | CVE-2026-42809 | Apache | critical | 9.9 | 0.1%
| | Apache Polaris can issue broad temporary ("vended") storage credentials during
staged
table creation… | May 4, 2026 | May 12, 2026 |
| | CVE-2026-42810 | Apache | critical | 9.9 | 0.1%
| | Apache Polaris accepts literal `*` characters in namespace and table names. When it
later builds tem… | May 4, 2026 | May 12, 2026 |
| | CVE-2026-42811 | Apache | critical | 9.9 | 0.1%
| | In plain terms, Apache Polaris is supposed to issue short-lived GCS credentials
that
only work for o… | May 4, 2026 | May 12, 2026 |
| | CVE-2026-42812 | Apache | critical | 9.9 | 0.1%
| | In Apache Iceberg, the table's metadata files are control files: they tell readers
which data files … | May 4, 2026 | May 12, 2026 |
| | CVE-2026-29004 | Red Hat | high | 8.8 | 0.0%
| | A flaw was found in BusyBox. A heap buffer overflow vulnerability exists in the Dynamic Host Configu… | May 4, 2026 | May 4, 2026 |