| | CVE-2026-1609 | Red Hat | high | 8.1 | — | | A flaw was found in Keycloak. When the JSON Web Token (JWT) authorization grant preview feature is e… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-25598 | Red Hat | medium | 4.3 | 0.0%
| | Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to … | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2025-14778 | Red Hat | medium | 5.4 | 0.0%
| ✓ Fix | A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserMa… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24684 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async p… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-1486 | Red Hat | high | 8.8 | 0.0%
| ✓ Fix | A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the s… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24683 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. ainput_send_input_event caches chan… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24682 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audin_server_recv_… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-1529 | Red Hat | high | 8.1 | 0.0%
| ✓ Fix | A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organizati… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24681 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24680 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdl_Pointer_New fr… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24679 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client … | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24678 | Red Hat | high | 5.3 | 0.0%
| ✓ Fix | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread s… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24677 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecam_encoder_compr… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24676 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, AUDIN format reneg… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24675 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, urb_select_interfa… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24491 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, video_timer can se… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-23948 | Red Hat | medium | 5.3 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer der… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2025-66630 | Red Hat | high | 7.7 | 0.0%
| | Fiber is an Express inspired web framework written in Go. Before 2.52.11, on Go versions prior to 1.… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2025-14831 | Red Hat | medium | 5.3 | 0.0%
| ✓ Fix | A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Ce… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-24098 | Apache | medium | 6.5 | 0.0%
| | Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with per… | Feb 9, 2026 | Mar 11, 2026 |
| | CVE-2026-23903 | Red Hat | medium | 5.3 | 0.1%
| | Authentication Bypass by Alternate Name vulnerability in Apache Shiro.
This issue affects Apache Shi… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-2239 | Red Hat | low | 2.8 | — | | No description is available for this CVE. | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-1615 | Red Hat | high | 9.8 | 0.1%
| | Versions of the package jsonpath before 1.2.0 are vulnerable to Arbitrary Code Injection via unsafe … | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-1584 | Red Hat | high | 7.5 | — | | A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sen… | Feb 9, 2026 | Feb 9, 2026 |
| | CVE-2026-25793 | Red Hat | high | 8.1 | 0.0%
| | Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 cert… | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-25749 | Red Hat | medium | 7.3 | 0.0%
| | Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow v… | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-25592 | Microsoft | critical | 9.9 | 0.1%
| | Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. … | Feb 6, 2026 | Feb 19, 2026 |
| | CVE-2026-25580 | Red Hat | high | 8.6 | 0.0%
| | Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. … | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-25731 | Red Hat | high | 7.8 | 0.0%
| | calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection (SSTI) vulnerability … | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-25635 | Red Hat | high | 8.6 | 0.2%
| | calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnera… | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-25636 | Red Hat | high | 8.2 | 0.0%
| | calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB… | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-25640 | Red Hat | high | 7.1 | 0.0%
| | Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. … | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-25727 | Red Hat | medium | 5.9 | 0.0%
| | time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input … | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-24851 | Red Hat | medium | 6.0 | 0.1%
| | OpenFGA is a high-performance and flexible authorization/permission engine built for developers and … | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-1709 | Red Hat | critical | 9.4 | 0.0%
| ✓ Fix | A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-si… | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-23740 | Red Hat | high | 7.8 | 0.0%
| | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cer… | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-23739 | Red Hat | low | 2.0 | 0.1%
| | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cer… | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-25556 | Red Hat | medium | 5.3 | 0.1%
| | MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_disp… | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-21643 | Fortinet | critical | 9.8 | 62.5%
| ⚠ KEV | An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit… | Feb 6, 2026 | Apr 16, 2026 |
| | CVE-2026-2100 | Red Hat | medium | 5.3 | — | | No description is available for this CVE. | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-0598 | Red Hat | medium | 4.2 | 0.0%
| | A security flaw was identified in the Ansible Lightspeed API conversation endpoints that handle AI c… | Feb 6, 2026 | Feb 6, 2026 |
| | CVE-2026-24302 | Microsoft | high | 8.6 | 0.1%
| | Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a ne… | Feb 5, 2026 | Apr 10, 2026 |
| | CVE-2025-68157 | Red Hat | low | 3.7 | 0.0%
| | Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is en… | Feb 5, 2026 | Feb 5, 2026 |
| | CVE-2025-68458 | Red Hat | low | 3.7 | 0.0%
| | Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is en… | Feb 5, 2026 | Feb 5, 2026 |
| | CVE-2026-25815 | Fortinet | low | 3.2 | 0.0%
| | Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configu… | Feb 5, 2026 | Feb 6, 2026 |
| | CVE-2026-0391 | Microsoft | medium | 6.5 | 0.0%
| | User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows a… | Feb 5, 2026 | Mar 13, 2026 |
| | CVE-2026-24300 | Microsoft | critical | 9.8 | 0.1%
| | Azure Front Door Elevation of Privilege Vulnerability | Feb 5, 2026 | Mar 13, 2026 |
| | CVE-2026-21532 | Microsoft | high | 8.2 | 0.1%
| | Azure Function Information Disclosure Vulnerability | Feb 5, 2026 | Mar 13, 2026 |
| | CVE-2025-47911 | Red Hat | medium | 5.3 | 0.0%
| | The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing ce… | Feb 5, 2026 | Feb 5, 2026 |
| | CVE-2025-58190 | Red Hat | medium | 4.3 | 0.0%
| ✓ Fix | The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certai… | Feb 5, 2026 | Feb 5, 2026 |