| | CVE-2026-5713 |  Red Hat | medium | 6.0 | — | | A flaw was found in Python. A malicious Python process could exploit the "profiling.sampling" module… | Apr 14, 2026 | Apr 14, 2026 |
| | CVE-2026-33929 |  Apache | medium | 4.3 | 0.0%
| | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apac… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2026-31924 | Apache | medium | 5.3 | 0.0%
| | Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.
tencent-cloud-cls l… | Apr 14, 2026 | Apr 17, 2026 |
| | CVE-2026-31923 | Apache | high | 7.5 | 0.0%
| | Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.
This can occur due … | Apr 14, 2026 | Apr 17, 2026 |
| | CVE-2026-31908 | Apache | critical | 9.1 | 0.1%
| | Header injection vulnerability in Apache APISIX.
The attacker can take advantage of certain configu… | Apr 14, 2026 | Apr 17, 2026 |
| | CVE-2026-34984 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in External Secrets Operator. An attacker with the ability to create or update temp… | Apr 14, 2026 | Apr 14, 2026 |
| | CVE-2025-69993 | Red Hat | medium | 6.1 | — | | A flaw was found in Leaflet. This Cross-Site Scripting (XSS) vulnerability exists in the bindPopup()… | Apr 14, 2026 | Apr 14, 2026 |
| | CVE-2026-40312 | Red Hat | medium | 6.2 | — | | A flaw was found in ImageMagick. A remote attacker could exploit an off-by-one error when processing… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-40311 | Red Hat | medium | 5.5 | — | | A flaw was found in ImageMagick. This heap use-after-free vulnerability can be triggered when proces… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-40310 | Red Hat | medium | 6.5 | — | | A flaw was found in ImageMagick. This vulnerability, a heap out-of-bounds write, occurs within the J… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-40183 | Red Hat | medium | 5.5 | — | | A flaw was found in ImageMagick, a software for editing and manipulating digital images. When a user… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-40169 | Red Hat | medium | 6.5 | — | | A flaw was found in ImageMagick. A remote attacker could exploit this vulnerability by providing a s… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-34238 | Red Hat | medium | 5.0 | — | | A flaw was found in ImageMagick, a widely used software for image editing. Specifically, an integer … | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-33908 | Red Hat | high | 7.5 | — | | A flaw was found in ImageMagick, a free and open-source software for editing and manipulating digita… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-33905 | Red Hat | medium | 5.0 | — | | A flaw was found in ImageMagick. This vulnerability allows a local user to cause a denial of service… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-33902 | Red Hat | medium | 5.5 | — | | A flaw was found in ImageMagick, a software used for editing and manipulating digital images. An att… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-33901 | Red Hat | high | 7.5 | — | | A flaw was found in ImageMagick. A remote attacker could exploit a heap buffer overflow vulnerabilit… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-33900 | Red Hat | medium | 5.9 | — | | A flaw was found in ImageMagick, a software suite for editing and manipulating digital images. This … | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-33899 | Red Hat | medium | 5.3 | — | | A flaw was found in ImageMagick. When processing a specially crafted XML file, a remote attacker cou… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-32316 | Red Hat | medium | 6.8 | — | | A flaw was found in jq, a command-line JSON processor. An attacker can exploit an integer overflow v… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-6100 | Red Hat | high | 8.1 | — | | A flaw was found in Python's decompression modules, including `lzma.LZMADecompressor`, `bz2.BZ2Decom… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-28291 | Red Hat | high | 8.1 | — | | A flaw was found in simple-git, a JavaScript library for running native Git commands. An attacker co… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-33858 | Apache | high | 8.8 | 0.1%
| | Dag Authors, who normally should not be able to execute code in the webserver context could craft XC… | Apr 13, 2026 | Apr 17, 2026 |
| | CVE-2025-66236 | Apache | high | 7.5 | 0.1%
| | Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager … | Apr 13, 2026 | Apr 17, 2026 |
| | CVE-2026-1462 | Red Hat | high | 7.8 | — | | A flaw was found in the `keras` package. This vulnerability allows an attacker to execute unauthoriz… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-34476 | Apache | high | 7.1 | 0.0%
| | Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP.
This issue af… | Apr 13, 2026 | Apr 20, 2026 |
| | CVE-2026-35565 | Apache | medium | 5.4 | 0.0%
| | Stored Cross-Site Scripting (XSS) via Unsanitized Topology Metadata in Apache Storm UI
Versions Af… | Apr 13, 2026 | Apr 15, 2026 |
| | CVE-2026-35337 | Apache | high | 8.8 | 0.4%
| | Deserialization of Untrusted Data vulnerability in Apache Storm.
Versions Affected:
before 2.8.6.
… | Apr 13, 2026 | Apr 15, 2026 |
| | CVE-2026-0234 |  Microsoft | high | 7.2 | 0.0%
| | An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex … | Apr 13, 2026 | Apr 14, 2026 |
| | CVE-2026-40447 | Red Hat | medium | 5.1 | 0.0%
| | A flaw was found in Escargot. This integer overflow or wraparound vulnerability can lead to undefine… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31421 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's `cls_fw` network scheduler component. This vulnerability, a n… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31424 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's netfilter subsystem, specifically within the x_tables and arp… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31426 | Red Hat | medium | 5.8 | — | | A flaw was found in the Linux kernel's Advanced Configuration and Power Interface (ACPI) Embedded Co… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31422 | Red Hat | medium | 4.7 | — | | A flaw was found in the Linux kernel's networking scheduler (net/sched) component, specifically with… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31425 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel. A local user can trigger a null pointer dereference in the Rel… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31417 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's X.25 network protocol implementation (net/x25). An attacker c… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31420 | Red Hat | medium | — | — | | A flaw was found in the Linux kernel's bridge subsystem, specifically within the Multiple Registrati… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31423 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's Hierarchical Fair Service Curve (HFSC) network scheduler. Whe… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31415 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel. A local attacker can exploit an integer overflow vulnerability… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31428 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel's netfilter component. When manually constructing the NFULA_PAY… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-31427 | Red Hat | medium | 5.8 | — | | A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nf_conntrack_sip… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-30997 | Red Hat | medium | 5.9 | — | | A flaw was found in FFmpeg. An attacker can exploit an out-of-bounds read vulnerability within the `… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-30999 | Red Hat | medium | 5.3 | — | | A flaw was found in FFmpeg. A remote attacker could exploit a heap buffer overflow vulnerability in … | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-30998 | Red Hat | medium | 5.3 | — | | A flaw was found in FFmpeg. An improper resource deallocation and closure vulnerability in the `tool… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-33555 | Red Hat | medium | 4.0 | — | | A flaw was found in HAProxy. A remote attacker could exploit this vulnerability by sending a special… | Apr 13, 2026 | Apr 13, 2026 |
| | CVE-2026-33118 | Microsoft | medium | 4.3 | 0.1%
| | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Apr 10, 2026 | Apr 24, 2026 |
| | CVE-2026-33119 | Microsoft | medium | 5.4 | 0.0%
| | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) all… | Apr 10, 2026 | Apr 24, 2026 |
| | CVE-2026-5483 | Red Hat | high | 8.5 | 0.1%
| ✓ Fix | A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard`… | Apr 10, 2026 | Apr 10, 2026 |
| | CVE-2026-40023 | Apache | medium | 5.3 | 0.2%
| | Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx_1_1xml_1_1XMLLayou… | Apr 10, 2026 | Apr 21, 2026 |
| | CVE-2026-40021 | Apache | medium | 5.3 | 0.2%
| | Apache Log4net's XmlLayout https://logging.apache.org/log4net/manual/configuration/layouts.html#lay… | Apr 10, 2026 | Apr 22, 2026 |