| | CVE-2026-52903 | Red Hat | high | 8.8 | — | | A deserialization of untrusted data vulnerability was found in ManageIQ. The YamlLoadAliases module… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-52902 | Red Hat | medium | 4.7 | 0.0%
| | A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include directiv… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-41855 | VMware | high | 8.1 | 0.3%
| | In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageCon… | Jun 9, 2026 | Jun 29, 2026 |
| | CVE-2026-41854 | VMware | medium | 4.2 | 0.1%
| | Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate … | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41853 | VMware | medium | 5.3 | 0.2%
| | Spring MVC and WebFlux applications are vulnerable to Multipart request smuggling attacks.
Affected… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41852 | VMware | low | 3.7 | 0.2%
| | A vulnerability in Spring Expression Language (SpEL) evaluation logic allows for arbitrary zero-argu… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41851 | VMware | medium | 5.3 | 0.4%
| | Applications which accept user-supplied Spring Expression Language (SpEL) expressions may be vulnera… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41850 | VMware | high | 7.5 | 0.4%
| | Applications that evaluate user-supplied Spring Expression Language (SpEL) expressions are vulnerabl… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41849 | VMware | high | 7.5 | 0.0%
| | An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language (… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-41848 | VMware | low | 3.7 | 0.3%
| | Applications may be vulnerable to a Regular Expression Denial of Service (ReDoS) attack if an attack… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41847 | VMware | medium | 4.8 | 0.0%
| | Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL.… | Jun 9, 2026 | Jun 11, 2026 |
| | CVE-2026-41846 | VMware | medium | 5.9 | 0.1%
| | Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyl… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41845 | VMware | high | 7.1 | 0.2%
| | Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape() may lead to JavaScript code… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41844 | VMware | medium | 4.2 | 0.1%
| | A Spring MVC or Spring WebFlux application which configures a mapping for "/**" where the view name … | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41843 | VMware | medium | 5.9 | 0.3%
| | Spring MVC and WebFlux applications are vulnerable to Path Traversal attacks when resolving static r… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41842 | VMware | high | 7.5 | 0.4%
| | Spring MVC and WebFlux applications are vulnerable to Denial of Service (DoS) attacks when resolving… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41841 | VMware | medium | 5.9 | 0.3%
| | Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving … | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41840 | VMware | medium | 5.9 | 0.2%
| | Spring WebFlux applications are vulnerable to Denial of Service (DoS) attacks when processing multip… | Jun 9, 2026 | Jun 26, 2026 |
| | CVE-2026-41838 | VMware | medium | 4.8 | 0.2%
| | IDs for WebSocket sessions in the spring-websocket module are not cryptographically unpredictable, w… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41007 | VMware | high | 7.5 | 0.3%
| | Spring HATEOAS maintains an unbounded static cache of StringLinkRelation instances keyed on attacker… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-41006 | VMware | high | 7.5 | 0.3%
| | Spring HATEOAS's internal PropertyUtils.createObjectFromProperties method, used by the Collection+JS… | Jun 9, 2026 | Jun 27, 2026 |
| | CVE-2026-46315 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's `io_uring` subsystem, specifically within the `IORING_OP_WAIT… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46317 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's KVM (Kernel-based Virtual Machine) for arm64 architectures. A… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46321 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel. A local attacker with access to the tun/tap device can exploit… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46319 | Red Hat | high | 7.0 | — | | A flaw was found in the Linux kernel. A race condition in the `act_ct` module, specifically during t… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46324 | Red Hat | medium | 7.0 | — | | No description is available for this CVE. | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46316 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's Kernel-based Virtual Machine (KVM) for ARM64, specifically wi… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46318 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel's hugetlbfs component. An issue in the `mmap_prepare` stage inc… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46320 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's tap driver. This vulnerability occurs in the `tap_get_user_xd… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46322 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's `tun` driver. This vulnerability occurs when the `build_skb()… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46327 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel's device mapper (dm) component. The `dm_blk_report_zones` funct… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46332 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's Greybus subsystem, specifically in the `gb-beagleplay` driver… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46326 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel, specifically within the `iio: pressure: mprls0025pa` driver. T… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-52906 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's 9p filesystem. When mounting, access mode flags were incorrec… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46330 | Red Hat | high | 7.0 | — | | A flaw was found in the Linux kernel's TCP User-Level Protocol (ULP) support for SMC. This vulnerabi… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46328 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's AppArmor security module. The system's rlimit (resource limit… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-52907 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel, specifically within the `media: rockchip: rkcif` component. Th… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46325 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's Remote Direct Memory Access (RDMA) subsystem, specifically wi… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-52904 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's `drm/nouveau` component. This issue arises during device init… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-52905 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's Data Access MONitor (DAMON) core. The `damon_start()` functio… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-46329 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's erofs filesystem. This vulnerability occurs due to improper h… | Jun 9, 2026 | Jun 9, 2026 |
| | CVE-2026-49975 | Apache | high | 7.5 | 11.5%
| | Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to … | Jun 8, 2026 | Jul 9, 2026 |
| | CVE-2026-48913 | Apache | high | 7.3 | 0.0%
| | Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already ex… | Jun 8, 2026 | Jun 10, 2026 |
| | CVE-2026-44631 | Apache | critical | 9.8 | 0.0%
| | Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configur… | Jun 8, 2026 | Jun 11, 2026 |
| | CVE-2026-44186 | Apache | high | 7.3 | 0.0%
| | Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in … | Jun 8, 2026 | Jun 11, 2026 |
| | CVE-2026-44119 | Apache | medium | 5.5 | 0.0%
| | Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .h… | Jun 8, 2026 | Jun 11, 2026 |
| | CVE-2026-43951 | Apache | medium | 6.5 | 0.0%
| | Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple re… | Jun 8, 2026 | Jun 11, 2026 |
| | CVE-2026-42535 | Apache | critical | 9.1 | 0.0%
| | A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to d… | Jun 8, 2026 | Jun 9, 2026 |
| | CVE-2026-34356 | Apache | high | 7.5 | 0.0%
| | Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and Pr… | Jun 8, 2026 | Jun 9, 2026 |
| | CVE-2026-29170 | Apache | medium | 6.1 | 0.0%
| | A cross-site scripting vulnerability exists in mod_proxy_ftp's HTML directory list generation in Apa… | Jun 8, 2026 | Jun 9, 2026 |