| | CVE-2026-40962 |  Red Hat | medium | 4.8 | 0.0%
| | A flaw was found in FFmpeg. This vulnerability, stemming from an integer overflow and a subsequent o… | Apr 16, 2026 | Apr 16, 2026 |
| | CVE-2026-30656 | Red Hat | medium | 5.5 | — | | A flaw was found in fio (Flexible I/O Tester). A local user could exploit this vulnerability by prov… | Apr 16, 2026 | Apr 16, 2026 |
| | CVE-2026-6388 | Red Hat | high | 9.1 | — | | A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-21726 |  Grafana | medium | 5.3 | 0.0%
| | The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single… | Apr 15, 2026 | Apr 24, 2026 |
| | CVE-2025-41118 | Grafana | critical | 9.1 | 0.0%
| | Pyroscope is an open-source continuous profiling database. The database supports various storage bac… | Apr 15, 2026 | Apr 24, 2026 |
| | CVE-2026-6385 | Red Hat | medium | 6.5 | — | | A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specia… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-21727 | Grafana | low | 3.3 | 0.0%
| | ---
title: Cross-Tenant Legacy Correlation Disclosure and Deletion
draft: false
hero:
image: /stat… | Apr 15, 2026 | Apr 24, 2026 |
| | CVE-2026-40915 | Red Hat | medium | 5.5 | — | | A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the F… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-40916 | Red Hat | medium | 5.0 | — | | A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decod… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-40917 | Red Hat | medium | 5.0 | — | | A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-40918 | Red Hat | medium | 5.5 | — | | A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can le… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-40919 | Red Hat | medium | 6.1 | — | | A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plug… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6384 | Red Hat | high | 7.3 | — | | A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `R… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6245 | Red Hat | medium | 5.5 | — | | A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() fu… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6383 | Red Hat | medium | 5.4 | — | | A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization … | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-20186 |  Cisco | critical | 9.9 | 0.2%
| | A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacke… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20184 | Cisco | critical | 9.8 | 0.1%
| | A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services … | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20180 | Cisco | critical | 9.9 | 0.2%
| | A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacke… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20170 | Cisco | medium | 6.1 | 0.1%
| | A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed … | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20161 | Cisco | medium | 5.5 | 0.0%
| | A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, loca… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20152 | Cisco | medium | 5.3 | 0.1%
| | A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20148 | Cisco | medium | 4.9 | 0.0%
| | A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perf… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20147 | Cisco | critical | 9.9 | 0.2%
| | A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to exec… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20136 | Cisco | medium | 6.0 | 0.1%
| | A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identi… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20132 | Cisco | medium | 4.8 | 0.0%
| | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (IS… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20081 | Cisco | medium | 6.5 | 0.1%
| | Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker&nbs… | Apr 15, 2026 | Apr 28, 2026 |
| | CVE-2026-20078 | Cisco | medium | 6.5 | 0.1%
| | Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker&nbs… | Apr 15, 2026 | Apr 28, 2026 |
| | CVE-2026-20061 | Cisco | medium | 4.3 | 0.0%
| | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authe… | Apr 15, 2026 | Apr 28, 2026 |
| | CVE-2026-20060 | Cisco | medium | 4.7 | 0.0%
| | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unaut… | Apr 15, 2026 | Apr 28, 2026 |
| | CVE-2026-20059 | Cisco | medium | 6.1 | 0.0%
| | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unaut… | Apr 15, 2026 | Apr 28, 2026 |
| | CVE-2026-20204 |  Splunk | high | 7.1 | 0.1%
| | In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform ve… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20203 | Splunk | medium | 4.3 | 0.0%
| | In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform ve… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20202 | Splunk | medium | 6.6 | 0.0%
| | In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform ve… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2025-12141 | Grafana | medium | 6.5 | 0.0%
| | In Grafana's alerting system, users with edit permissions for a contact point, specifically the perm… | Apr 15, 2026 | Apr 20, 2026 |
| | CVE-2026-25219 |  Apache | medium | 6.5 | 0.0%
| | The `access_key` and `connection_string` connection properties were not marked as sensitive names in… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-30778 | Apache | high | 7.5 | 0.0%
| | The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of M… | Apr 15, 2026 | Apr 20, 2026 |
| | CVE-2026-5088 | Apache | medium | — | 0.0%
| | Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts… | Apr 15, 2026 | Apr 16, 2026 |
| | CVE-2025-54550 | Apache | high | 8.1 | 0.1%
| | The example example_xcom that was included in airflow documentation implemented unsafe pattern of re… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-33806 | Red Hat | high | 7.5 | 0.0%
| | A flaw was found in Fastify. A remote attacker could exploit this vulnerability by prepending a spac… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6318 | Red Hat | medium | 9.6 | — | | An use after free flaw was found in the Codecs component of the Chromium browser.
Upstream bug(s):
h… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6358 | Red Hat | high | 8.8 | — | | An use after free flaw was found in the XR component of the Chromium browser.
Upstream bug(s):
https… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6300 | Red Hat | high | 8.8 | — | | An use after free flaw was found in the CSS component of the Chromium browser.
Upstream bug(s):
http… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6306 | Red Hat | high | 9.6 | — | | A heap buffer overflow flaw was found in the PDFium component of the Chromium browser.
Upstream bug(… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6305 | Red Hat | high | 9.6 | — | | A heap buffer overflow flaw was found in the PDFium component of the Chromium browser.
Upstream bug(… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6296 | Red Hat | high | 9.6 | — | | A heap buffer overflow flaw was found in the ANGLE component of the Chromium browser.
Upstream bug(s… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6301 | Red Hat | high | 9.6 | — | | A type confusion flaw was found in the Turbofan component of the Chromium browser.
Upstream bug(s):
… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6302 | Red Hat | high | 8.8 | — | | An use after free flaw was found in the Video component of the Chromium browser.
Upstream bug(s):
ht… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6297 | Red Hat | high | 8.3 | — | | An use after free flaw was found in the Proxy component of the Chromium browser.
Upstream bug(s):
ht… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6359 | Red Hat | high | 9.0 | — | | An use after free flaw was found in the Video component of the Chromium browser.
Upstream bug(s):
ht… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6298 | Red Hat | high | 7.4 | — | | A heap buffer overflow flaw was found in the Skia component of the Chromium browser.
Upstream bug(s)… | Apr 15, 2026 | Apr 15, 2026 |