| | CVE-2026-20185 | Cisco | high | 7.7 | 0.4%
| | A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco 350 Series … | May 6, 2026 | Jun 17, 2026 |
| | CVE-2026-20188 | Cisco | low | 0.0 | 0.3%
| | Following the initial publication of the Security Advisory about a denial of service (DoS) condition… | May 6, 2026 | Jun 17, 2026 |
| | CVE-2026-20189 | Cisco | medium | 4.3 | 0.2%
| | A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an&… | May 6, 2026 | Jun 29, 2026 |
| | CVE-2026-20193 | Cisco | medium | 4.3 | 0.2%
| | A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, r… | May 6, 2026 | Jul 1, 2026 |
| | CVE-2026-20195 | Cisco | medium | 5.3 | 0.3%
| | A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, … | May 6, 2026 | Jun 29, 2026 |
| | CVE-2026-20219 | Cisco | medium | 5.4 | 0.2%
| | A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker … | May 6, 2026 | Jun 17, 2026 |
| | CVE-2026-33079 | Red Hat | high | 7.5 | 0.0%
| | A flaw was found in Mistune, a Markdown parser. This vulnerability, known as Regular Expression Deni… | May 6, 2026 | May 6, 2026 |
| | CVE-2026-41417 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in Netty. A remote attacker can bypass request-line validation by manipulating the … | May 6, 2026 | May 6, 2026 |
| | CVE-2026-3291 | HPE | medium | 5.5 | 0.0%
| | Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when us… | May 6, 2026 | May 11, 2026 |
| | CVE-2025-67202 | Red Hat | medium | 5.4 | 0.0%
| | A flaw was found in Sidekiq-cron, an open-source scheduling add-on for Sidekiq. A remote attacker co… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-41674 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in xmldom and @xmldom/xmldom, a JavaScript library for parsing and serializing XML.… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-42217 | Red Hat | medium | 4.3 | 0.1%
| | A flaw was found in OpenEXR. A remote attacker could exploit this vulnerability by providing a speci… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-40981 | VMware | high | 7.5 | 0.4%
| | When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft… | May 7, 2026 | Jun 30, 2026 |
| | CVE-2026-40982 | VMware | critical | 9.1 | 0.8%
| | Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-… | May 7, 2026 | Jun 30, 2026 |
| | CVE-2026-41002 | VMware | high | 7.2 | 0.0%
| | The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server… | May 7, 2026 | May 12, 2026 |
| | CVE-2026-41004 | VMware | medium | 4.4 | 0.0%
| | When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain … | May 7, 2026 | May 12, 2026 |
| | CVE-2026-41413 | Red Hat | medium | 5.0 | 0.1%
| | A flaw was found in Istio. When a RequestAuthentication resource is created with a jwksUri (JSON Web… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-41139 | Red Hat | high | 8.8 | 0.1%
| | A flaw was found in math.js, an extensive math library for JavaScript and Node.js. This vulnerabilit… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-4430 | Red Hat | medium | 7.6 | 0.0%
| | A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerabil… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-8090 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-8092 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some o… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-8093 | Red Hat | high | 7.5 | 0.0%
| | Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corrupti… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-8094 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunde… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-41650 | Red Hat | medium | 5.4 | 0.0%
| | A flaw was found in fast-xml-parser. The XMLBuilder component does not properly escape specific sequ… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-26129 | Microsoft | high | 7.5 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in M365 Copilot … | May 7, 2026 | Jun 1, 2026 |
| | CVE-2026-26164 | Microsoft | high | 7.5 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in M365 Copilot … | May 7, 2026 | Jun 1, 2026 |
| | CVE-2026-32207 | Microsoft | high | 8.8 | 0.0%
| | Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machin… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-33109 | Microsoft | critical | 9.9 | 0.1%
| | Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-33111 | Microsoft | high | 7.5 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in Copilot Chat … | May 7, 2026 | May 14, 2026 |
| | CVE-2026-33823 | Microsoft | critical | 9.6 | 0.1%
| | Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-33844 | Microsoft | critical | 9.0 | 0.1%
| | Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker… | May 7, 2026 | Jun 1, 2026 |
| | CVE-2026-34327 | Microsoft | high | 8.2 | 0.1%
| | Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows a… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-35428 | Microsoft | critical | 9.6 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in Azure Cloud S… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-35435 | Microsoft | high | 8.6 | 0.0%
| | Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-41105 | Microsoft | high | 8.1 | 0.1%
| | Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to el… | May 7, 2026 | May 14, 2026 |
| | CVE-2026-42826 | Microsoft | critical | 10.0 | 0.1%
| | Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized at… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-42880 | Red Hat | high | 7.7 | 0.0%
| ✓ Fix | Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to bef… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-43356 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
iio: imu: adis: Fix NULL pointer… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43371 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: macb: Shuffle the tx ring b… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43425 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
usb: image: mdc800: kill downloa… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43357 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
iio: gyro: mpu3050-core: fix pm_… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43322 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Bluetooth Host Controller Interface (HCI) synchronization module (`hci_sync`… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43333 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
bpf: reject direct access to nul… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43329 | Red Hat | high | 7.0 | 0.0%
| | A flaw was found in the Netfilter flowtable component of the Linux kernel. This vulnerability occurs… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43338 | Red Hat | low | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's Btrfs filesystem. The qgroup ioctls (input/output control sys… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43301 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
media: chips-media: wave5: Fix P… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43337 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix NULL pointe… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43339 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's IPv6 networking subsystem. Specifically, a Use-after-Free (Ua… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43327 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
USB: dummy-hcd: Fix locking/sync… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43335 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's interconnect driver for Qualcomm SM8450. The issue arises fro… | May 8, 2026 | May 8, 2026 |