| | CVE-2025-71148 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net/handshake: restore destructo… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2025-71154 | Red Hat | low | 4.0 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: usb: rtl8150: fix memory le… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22989 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
nfsd: check that server is runni… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22988 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
arp: do not assume dev_hard_head… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22993 | Red Hat | medium | 4.7 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
idpf: Fix RSS LUT NULL ptr issue… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22987 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net/sched: act_api: avoid derefe… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2025-71159 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix use-after-free warnin… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22995 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
ublk: fix use-after-free in ublk… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22985 | Red Hat | medium | 6.2 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
idpf: Fix RSS LUT NULL pointer c… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22978 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
wifi: avoid kernel-infoleak from… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22991 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
libceph: make free_choose_arg_ma… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22980 | Red Hat | medium | 4.4 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
nfsd: provide locking for v4_end… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22981 | Red Hat | medium | 4.7 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
idpf: detach and close netdevs w… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22992 | Red Hat | medium | 6.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
libceph: return the handler erro… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22984 | Red Hat | medium | 7.1 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
libceph: prevent potential out-o… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22986 | Red Hat | medium | 5.3 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
gpiolib: fix race condition for … | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2025-71160 | Red Hat | medium | 4.4 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: avoid chai… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22982 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: mscc: ocelot: Fix crash whe… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2025-71158 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
gpio: mpsse: ensure worker is to… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22994 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix reference count leak in… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22983 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: do not write to msg_get_inq… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22990 | Red Hat | medium | 7.1 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
libceph: replace overzealous BUG… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2025-71161 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
dm-verity: disable recursive for… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-22979 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: fix memory leak in skb_segm… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-24307 | Microsoft | critical | 9.3 | 0.1%
| | Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to di… | Jan 22, 2026 | Feb 12, 2026 |
| | CVE-2026-24306 | Microsoft | critical | 9.8 | 0.1%
| | Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privile… | Jan 22, 2026 | Feb 27, 2026 |
| | CVE-2026-24305 | Microsoft | critical | 9.3 | 0.1%
| | Azure Entra ID Elevation of Privilege Vulnerability | Jan 22, 2026 | Feb 3, 2026 |
| | CVE-2026-21524 | Microsoft | high | 7.4 | 0.1%
| | Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthor… | Jan 22, 2026 | Feb 3, 2026 |
| | CVE-2026-21521 | Microsoft | high | 7.4 | 0.1%
| | Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized atta… | Jan 22, 2026 | Feb 2, 2026 |
| | CVE-2026-21520 | Microsoft | high | 7.5 | 0.1%
| | Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticate… | Jan 22, 2026 | Feb 2, 2026 |
| | CVE-2026-21264 | Microsoft | critical | 9.3 | 0.0%
| | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Ac… | Jan 22, 2026 | Feb 3, 2026 |
| | CVE-2026-21227 | Microsoft | high | 8.2 | 0.1%
| | Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps a… | Jan 22, 2026 | Feb 3, 2026 |
| | CVE-2026-24117 | Red Hat | medium | 5.3 | 0.0%
| | Rekor is a software supply chain transparency log. In versions 1.4.3 and below, attackers can trigge… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-20912 | Red Hat | critical | 9.1 | 0.0%
| | Gitea does not properly validate repository ownership when linking attachments to releases. An attac… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-20897 | Red Hat | critical | 9.1 | 0.0%
| | Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-20888 | Red Hat | medium | 4.3 | 0.0%
| | Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interf… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-20904 | Red Hat | medium | 6.5 | 0.0%
| | Gitea does not properly validate ownership when toggling OpenID URI visibility. An authenticated use… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-20883 | Red Hat | medium | 6.5 | 0.0%
| | Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-20736 | Red Hat | high | 7.5 | 0.0%
| | Gitea does not properly verify repository context when deleting attachments. A user who previously u… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-0798 | Red Hat | low | 3.5 | 0.0%
| | Gitea may send release notification emails for private repositories to users whose access has been r… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-20750 | Red Hat | critical | 9.1 | 0.0%
| | Gitea does not properly validate project ownership in organization project operations. A user with p… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-23831 | Red Hat | medium | 5.3 | 0.0%
| | Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementa… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2025-22234 | Red Hat | medium | 5.3 | 0.0%
| | The fix applied in CVE-2025-22228 inadvertently broke the timing attack mitigation implemented in Da… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-1260 | Red Hat | high | 7.8 | 0.0%
| ✓ Fix | Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, … | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2025-15523 | Red Hat | medium | 4.4 | 0.0%
| | MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and … | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-1225 | Red Hat | medium | 5.0 | 0.0%
| | ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including versi… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2025-71176 | Red Hat | medium | 6.8 | 0.0%
| | pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-{user} name pattern, whic… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-24049 | Red Hat | high | 7.1 | 0.0%
| ✓ Fix | wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-24006 | Red Hat | high | 7.5 | 0.0%
| | Seroval facilitates JS value stringification, including complex structures beyond JSON.stringify cap… | Jan 22, 2026 | Jan 22, 2026 |
| | CVE-2026-24001 | Red Hat | high | 7.5 | 0.0%
| | jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and … | Jan 22, 2026 | Jan 22, 2026 |