| | CVE-2026-42959 | Red Hat | high | 7.5 | 0.0%
| | A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation… | May 20, 2026 | May 20, 2026 |
| | CVE-2026-43618 | Red Hat | high | 8.1 | 0.1%
| | A flaw was found in rsync. An authenticated daemon peer can exploit an integer overflow vulnerabilit… | May 20, 2026 | May 20, 2026 |
| | CVE-2026-29518 | Red Hat | high | 7.8 | 0.0%
| | Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in daemon… | May 20, 2026 | May 20, 2026 |
| | CVE-2026-43620 | Red Hat | medium | 6.5 | 0.0%
| | Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv… | May 20, 2026 | May 20, 2026 |
| | CVE-2026-43619 | Red Hat | medium | 6.3 | 0.0%
| | A flaw was found in rsync. A local attacker with filesystem access on the daemon host can exploit a … | May 20, 2026 | May 20, 2026 |
| | CVE-2026-43617 | Red Hat | medium | 4.2 | 0.0%
| | A flaw was found in rsync. When an rsync daemon is configured with "daemon chroot = /X" and uses hos… | May 20, 2026 | May 20, 2026 |
| | CVE-2026-42960 | Red Hat | medium | 5.9 | 0.0%
| ✓ Fix | A flaw was found in Unbound's handling of DNS reply messages, complementing the earlier CVE-2025-114… | May 20, 2026 | May 20, 2026 |
| | CVE-2026-42923 | Red Hat | medium | 5.3 | 0.1%
| ✓ Fix | A flaw was found in Unbound's DNSSEC validator where the code path for consulting the negative cache… | May 20, 2026 | May 20, 2026 |
| | CVE-2026-45585 | Microsoft | medium | 6.8 | 0.1%
| | Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as &qu… | May 19, 2026 | May 21, 2026 |
| | CVE-2026-42526 | Apache | medium | 5.3 | 0.4%
| | In the AWS Secrets Manager and SSM Parameter Store secrets backends of `apache-airflow-providers-ama… | May 19, 2026 | Jul 2, 2026 |
| | CVE-2026-27173 | Apache | high | 8.7 | 0.2%
| | JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read… | May 19, 2026 | Jul 2, 2026 |
| | CVE-2026-32882 | Red Hat | high | 7.1 | — | | A flaw was found in libheif, a library used for handling High Efficiency Image File Format (HEIF) an… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-32741 | Red Hat | high | 7.1 | — | | A flaw was found in libheif, a library for decoding and encoding HEIF (High Efficiency Image File Fo… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-32814 | Red Hat | medium | 6.5 | — | | A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. When processing a spec… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-32740 | Red Hat | high | 8.8 | — | | A flaw was found in libheif, a library for decoding and encoding HEIF and AVIF image files. This hea… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-32739 | Red Hat | medium | 6.5 | — | | A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. A remote attacker coul… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-32738 | Red Hat | medium | 6.5 | — | | A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. A remote attacker coul… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-47358 | Tenable | high | 7.5 | 0.0%
| | Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL re… | May 19, 2026 | May 20, 2026 |
| | CVE-2026-47357 | Tenable | high | 7.5 | 0.0%
| | Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the remote_url … | May 19, 2026 | May 20, 2026 |
| | CVE-2026-47356 | Tenable | high | 7.5 | 0.0%
| | Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the webhook_url… | May 19, 2026 | May 20, 2026 |
| | CVE-2026-8711 | F5 | high | 8.1 | 0.1%
| | NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at least o… | May 19, 2026 | Jun 4, 2026 |
| | CVE-2026-47323 | Apache | critical | 9.8 | 1.4%
| | Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering
The CXF and Knat… | May 19, 2026 | Jun 27, 2026 |
| | CVE-2026-8975 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these … | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8974 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8970 | Red Hat | low | 3.4 | 0.0%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8968 | Red Hat | low | 3.4 | 0.1%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8962 | Red Hat | low | 3.4 | 0.0%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8961 | Red Hat | low | 3.4 | 0.0%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8959 | Red Hat | medium | 6.1 | 0.2%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8958 | Red Hat | medium | 6.1 | 0.1%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8957 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8956 | Red Hat | medium | 6.1 | 0.1%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8955 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8954 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8953 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8950 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8947 | Red Hat | high | 7.5 | 0.1%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-8946 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-7504 | Red Hat | high | 8.1 | 0.0%
| | A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malici… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-7507 | Red Hat | high | 7.5 | 0.0%
| | A session fixation vulnerability was found in Keycloak's login-actions endpoints. An unauthenticated… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-7571 | Red Hat | medium | 7.1 | 0.0%
| | A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-37978 | Red Hat | medium | 4.9 | 0.0%
| | A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can exploit… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-7307 | Red Hat | high | 7.5 | 0.1%
| | A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML in… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-37981 | Red Hat | medium | 4.3 | 0.0%
| | A flaw was found in Keycloak. A broken access control vulnerability in the Account Resources user lo… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-46586 | Apache | high | 8.8 | 0.1%
| | Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Directives in … | May 19, 2026 | May 20, 2026 |
| | CVE-2026-45434 | Apache | critical | 9.8 | 0.3%
| | Improper Authentication vulnerability in Apache OFBiz via Password-Change Logic Flaw Leading to Remo… | May 19, 2026 | May 20, 2026 |
| | CVE-2026-45187 | Apache | medium | 6.5 | 0.0%
| | Improper Authorization vulnerability in Apache OFBiz Webtools.
This issue affects Apache OFBiz: bef… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-41919 | Apache | critical | 9.1 | 0.0%
| | Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability i… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-31986 | Apache | critical | 9.1 | 0.0%
| | Use of Hard-coded Cryptographic Key vulnerability in Apache OFBiz.
This issue affects Apache OFBiz:… | May 19, 2026 | May 19, 2026 |
| | CVE-2026-31910 | Apache | high | 7.5 | 0.0%
| | Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz.
This issue affects Apache OFBiz: … | May 19, 2026 | May 19, 2026 |