| | CVE-2026-58293 | Microsoft | high | 8.1 | 0.5%
| | External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized atta… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-58292 | Microsoft | high | 7.5 | 0.3%
| | Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to exec… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-58289 | Microsoft | critical | 9.0 | 0.5%
| | Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) all… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-57991 | Microsoft | high | 7.4 | 0.8%
| | Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) al… | Jul 3, 2026 | Jul 6, 2026 |
| | CVE-2026-57986 | Microsoft | high | 7.5 | 0.4%
| | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code ov… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-57974 | Microsoft | high | 8.8 | 0.6%
| | Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-45488 | Microsoft | medium | 5.4 | 0.3%
| | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) all… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-58287 | Microsoft | high | 8.3 | 0.4%
| | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code ov… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-57992 | Microsoft | high | 7.5 | 0.4%
| | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code ov… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-57988 | Microsoft | high | 7.1 | 0.5%
| | Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execut… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-57975 | Microsoft | high | 7.5 | 0.4%
| | Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) all… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-56645 | Microsoft | high | 8.8 | 0.6%
| | Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to exe… | Jul 3, 2026 | Jul 7, 2026 |
| | CVE-2026-55945 | Microsoft | medium | 4.2 | 0.1%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Micro… | Jul 3, 2026 | Jul 6, 2026 |
| | CVE-2026-14615 | Red Hat | medium | 4.3 | 0.2%
| | A flaw was found in the Fine-Grained Admin Permissions (FGAP) v2 implementation within Keycloak's ad… | Jul 3, 2026 | Jul 3, 2026 |
| | CVE-2026-14614 | Red Hat | medium | 5.4 | 0.2%
| | A flaw was found in the ClientResource component of Keycloak's admin services when Fine-Grained Admi… | Jul 3, 2026 | Jul 3, 2026 |
| | CVE-2026-14613 | Red Hat | medium | 4.3 | 0.2%
| | A vulnerability was discovered in Keycloak's administrative interface that allows certain administra… | Jul 3, 2026 | Jul 3, 2026 |
| | CVE-2026-14612 | Red Hat | low | 4.2 | 0.1%
| | Two off-by-one errors in the FreeIPA ipa-otpd daemon's OAuth2 device authorization handler can cause… | Jul 3, 2026 | Jul 3, 2026 |
| | CVE-2026-47896 | Apache | high | 7.5 | 0.5%
| | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apac… | Jul 3, 2026 | Jul 8, 2026 |
| | CVE-2026-47898 | Apache | critical | 9.8 | 0.1%
| | Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net (Lucene.Net… | Jul 3, 2026 | Jul 8, 2026 |
| | CVE-2026-47897 | Apache | high | 7.5 | 0.4%
| | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apac… | Jul 3, 2026 | Jul 8, 2026 |
| | CVE-2026-14544 | Red Hat | high | 9.8 | — | | A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplet… | Jul 3, 2026 | Jul 3, 2026 |
| | CVE-2026-57100 | Microsoft | critical | 9.9 | 0.6%
| | Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an au… | Jul 2, 2026 | Jul 8, 2026 |
| | CVE-2026-54998 | Microsoft | high | 8.8 | 0.6%
| | Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privil… | Jul 2, 2026 | Jul 7, 2026 |
| | CVE-2026-45499 | Microsoft | critical | 9.9 | 0.6%
| | Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileg… | Jul 2, 2026 | Jul 7, 2026 |
| | CVE-2026-41106 | Microsoft | critical | 9.3 | 0.5%
| | Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker … | Jul 2, 2026 | Jul 7, 2026 |
| | CVE-2026-26145 | Microsoft | medium | 4.8 | 0.3%
| | Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a … | Jul 2, 2026 | Jul 7, 2026 |
| | CVE-2026-11946 | Red Hat | high | 7.5 | — | | A flaw was found in open62541. An unauthenticated remote attacker can exploit a vulnerability in the… | Jul 2, 2026 | Jul 2, 2026 |
| | CVE-2026-53357 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's Bluetooth component. A Use-After-Free (UAF) vulnerability exi… | Jul 2, 2026 | Jul 2, 2026 |
| | CVE-2026-53358 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's Bluetooth L2CAP (Logical Link Control and Adaptation Protocol… | Jul 2, 2026 | Jul 2, 2026 |
| | CVE-2026-50521 | Microsoft | high | 8.3 | 0.8%
| | Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over… | Jul 1, 2026 | Jul 3, 2026 |
| | CVE-2026-54428 | Apache | high | 7.5 | 0.4%
| | Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpCompo… | Jul 1, 2026 | Jul 6, 2026 |
| | CVE-2026-54399 | Apache | high | 7.5 | 0.4%
| | Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpCompone… | Jul 1, 2026 | Jul 6, 2026 |
| | CVE-2026-20244 | Cisco | high | 7.5 | — | | A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attac… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-20243 | Cisco | high | 7.5 | — | | A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attac… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-20217 | Cisco | high | 7.5 | — | | A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote at… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-20216 | Cisco | high | 7.5 | — | | A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, re… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-20215 | Cisco | high | 7.5 | 0.4%
| | A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attack… | Jul 1, 2026 | Jul 6, 2026 |
| | CVE-2026-20214 | Cisco | high | 7.5 | 0.5%
| | A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attac… | Jul 1, 2026 | Jul 6, 2026 |
| | CVE-2026-20213 | Cisco | high | 7.5 | 0.5%
| | A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attack… | Jul 1, 2026 | Jul 6, 2026 |
| | CVE-2026-20191 | Cisco | high | 7.5 | — | | A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arb… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-58031 | Red Hat | medium | 4.6 | — | | A flaw was found in Wikimedia Foundation MediaWiki. This vulnerability, categorized as an Improper N… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-5138 | Red Hat | medium | 4.3 | — | ✓ Fix | A flaw was found in Foreman. An authenticated user with host-edit permissions could exploit a cross-… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-5136 | Red Hat | high | 8.8 | — | ✓ Fix | A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignme… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-56016 | Red Hat | high | 7.4 | 0.2%
| | A flaw was found in perl-CGI-Session. This vulnerability allows a remote attacker to predict session… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-53488 | Red Hat | high | 8.8 | 0.2%
| | A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (C… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-14324 | Red Hat | medium | 6.5 | — | | RAOP module accepts unbounded Content-Length values and does not check the pw_array_add() return. | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-14330 | Red Hat | medium | 5.5 | — | | Multiple unbounded alloca() calls in the PulseAudio protocol server. | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-53333 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel's memory management (mm/mincore). This vulnerability occurs whe… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-53353 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel's High-availability Seamless Redundancy (HSR) module. An incorr… | Jul 1, 2026 | Jul 1, 2026 |
| | CVE-2026-53349 | Red Hat | medium | 5.5 | — | | A flaw was found in the Linux kernel's netfilter component, specifically within `nf_conntrack`. When… | Jul 1, 2026 | Jul 1, 2026 |