| | CVE-2026-54423 | Red Hat | medium | 6.5 | — | | A malicious user with access to deploy a node directly via Ironic can specify the IPMI send_raw depl… | Jul 8, 2026 | Jul 8, 2026 |
| | CVE-2026-15154 | Red Hat | medium | 6.5 | — | | A flaw was found in `guardrails-detectors`, a component of Red Hat OpenShift AI. This vulnerability,… | Jul 8, 2026 | Jul 8, 2026 |
| | CVE-2026-55195 | Red Hat | medium | 6.5 | — | | A flaw was found in py7zr, a Python library for 7zip archive handling. This vulnerability allows a r… | Jul 8, 2026 | Jul 8, 2026 |
| | CVE-2026-55206 | Red Hat | medium | 6.5 | — | | A flaw was found in py7zr, a Python library for 7zip archives. A remote attacker could exploit this … | Jul 8, 2026 | Jul 8, 2026 |
| | CVE-2026-58525 | Microsoft | high | 8.2 | 0.4%
| | Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass… | Jul 8, 2026 | Jul 9, 2026 |
| | CVE-2026-47646 | Microsoft | critical | 9.3 | 0.5%
| | Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365… | Jul 9, 2026 | Jul 9, 2026 |
| | CVE-2026-59269 | VMware | low | 3.8 | — | | A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elev… | Jul 9, 2026 | Jul 9, 2026 |
| | CVE-2026-57111 | Apache | high | 7.5 | 0.2%
| | Permissive Cross-Origin Resource Sharing (CORS) in the REST API (helix-rest, org.apache.helix.rest.s… | Jul 9, 2026 | Jul 9, 2026 |
| | CVE-2026-12590 | Red Hat | medium | 5.9 | — | | A flaw was found in body-parser. When the parser is configured with an invalid limit option, such as… | Jul 9, 2026 | Jul 9, 2026 |
| | CVE-2026-15308 | Red Hat | high | 7.5 | — | | A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By se… | Jul 9, 2026 | Jul 9, 2026 |
| | CVE-2026-53363 | Red Hat | medium | — | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
xfrm: iptfs: preserve shared-fra… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-28564 | Apache | medium | — | — | | Insufficient Session Expiration, Authentication Bypass by Capture-replay vulnerability in Apache IoT… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-40005 | Apache | medium | — | — | | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apac… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-40006 | Apache | medium | — | — | | Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, M… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-40007 | Apache | medium | — | — | | Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB.
When pipe_a… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-40008 | Apache | medium | — | — | | Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in … | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-40009 | Apache | medium | — | — | | Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB.
Authenticated … | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-40452 | Apache | medium | — | — | | Incorrect Authorization, Improper Access Control vulnerability in Apache IoTDB.
Authorization bypass… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-40454 | Apache | medium | — | — | | Out-of-bounds Read, Improper Input Validation vulnerability in Apache IoTDB C++ client.
Out-of-bound… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-15143 | Red Hat | high | 9.3 | 0.3%
| | A flaw was found in the file_type content detector of guardrails-detectors. This vulnerability allow… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-15378 | Red Hat | high | 9.3 | 0.4%
| | A flaw was found in the `guardrails-detectors` component. This vulnerability allows a remote attacke… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-56373 | Red Hat | medium | 5.9 | 0.2%
| | ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a s… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-56366 | Red Hat | low | 3.3 | 0.1%
| | ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing … | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-59180 | Red Hat | low | 3.1 | 0.2%
| | Apprise is an open source library which allows you to send a notification to almost all of the most … | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-53448 | Red Hat | high | 7.2 | 0.7%
| | Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.12.0, the coturn HTT… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-53449 | Red Hat | medium | 6.0 | 0.2%
| | Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print … | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-53450 | Red Hat | high | 7.4 | 0.3%
| | Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-15146 | Red Hat | medium | 5.9 | 0.1%
| | GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP pa… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-55827 | Red Hat | high | 7.5 | 0.5%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients la… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-57158 | Red Hat | medium | 5.4 | 0.5%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. From 3.21.0 before 3.28.0, FreeRDP … | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-57157 | Red Hat | medium | 6.5 | 0.5%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server imp… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-57156 | Red Hat | high | 8.8 | 0.5%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0 on 32-bit builds, F… | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-52761 | Red Hat | medium | 5.8 | 0.4%
| | ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS … | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-52747 | Red Hat | medium | 5.8 | 0.5%
| | ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS … | Jul 10, 2026 | Jul 10, 2026 |
| | CVE-2026-56372 | Red Hat | medium | 6.1 | 0.1%
| | ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation t… | Jul 11, 2026 | Jul 11, 2026 |
| | CVE-2026-61857 | Red Hat | medium | 6.5 | 0.2%
| | ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null chec… | Jul 11, 2026 | Jul 11, 2026 |
| | CVE-2026-61465 | Red Hat | medium | 5.5 | 0.1%
| | ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit… | Jul 11, 2026 | Jul 11, 2026 |
| | CVE-2026-61858 | Red Hat | low | 3.3 | 0.1%
| | ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external … | Jul 11, 2026 | Jul 11, 2026 |
| | CVE-2026-61861 | Red Hat | medium | 5.9 | 0.3%
| | ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption metho… | Jul 11, 2026 | Jul 11, 2026 |
| | CVE-2026-61870 | Red Hat | low | 2.9 | 0.1%
| | ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory all… | Jul 11, 2026 | Jul 11, 2026 |
| | CVE-2026-49876 | Apache | medium | — | — | | Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and … | Jul 13, 2026 | Jul 13, 2026 |
| | CVE-2026-41041 | Apache | medium | — | — | | URL path injection via unencoded user-supplied identifiers vulnerability in Apache Gravitino.
This … | Jul 13, 2026 | Jul 13, 2026 |