| | CVE-2026-32281 |  Red Hat | medium | 5.9 | 0.0%
| | A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32288 | Red Hat | medium | 4.3 | 0.0%
| | A flaw was found in Go's `archive/tar` package. A remote attacker could exploit this vulnerability b… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-27143 | Red Hat | medium | 8.1 | 0.0%
| | A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correc… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32289 | Red Hat | medium | 5.4 | 0.0%
| | A flaw was found in the `html/template` package. This vulnerability arises from improper tracking of… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-27144 | Red Hat | medium | 8.1 | 0.0%
| | A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32589 | Red Hat | high | 7.1 | — | | A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push a… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32590 | Red Hat | medium | 7.1 | — | | A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload p… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-32591 | Red Hat | high | 5.2 | — | | A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administr… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-31411 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's Asynchronous Transfer Mode (ATM) networking component. A loca… | Apr 8, 2026 | Apr 8, 2026 |
| | CVE-2026-39373 | Red Hat | high | 7.5 | — | | A flaw was found in JWCrypto, a Python library for JSON Web Key (JWK), JSON Web Signature (JWS), and… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-39365 | Red Hat | medium | 5.3 | — | | A flaw was found in Vite. The development server's handling of `.map` requests contains a path trave… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-39364 | Red Hat | high | 7.5 | — | | A flaw was found in Vite, a frontend tooling framework for JavaScript. On the Vite development serve… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-39363 | Red Hat | high | 7.5 | — | | A flaw was found in Vite, a frontend tooling framework. A remote attacker can exploit this vulnerabi… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-32588 |  Apache | medium | 6.5 | 0.0%
| | Authenticated DoS over CQL in Apache Cassandra 4.0, 4.1, 5.0 allows authenticated user to raise quer… | Apr 7, 2026 | Apr 15, 2026 |
| | CVE-2026-27315 | Apache | medium | 5.5 | 0.0%
| | Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, … | Apr 7, 2026 | Apr 15, 2026 |
| | CVE-2026-27314 | Apache | high | 8.8 | 0.0%
| | Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator all… | Apr 7, 2026 | Apr 15, 2026 |
| | CVE-2026-4631 | Red Hat | critical | 9.8 | — | | Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface t… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33034 | Red Hat | medium | 5.3 | — | | A flaw was found in Django. A remote attacker can exploit this vulnerability by sending ASGI (Asynch… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33033 | Red Hat | medium | 5.3 | — | | A flaw was found in Django. A remote attacker can exploit this vulnerability by submitting specially… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-4292 | Red Hat | medium | 5.3 | — | | A flaw was found in Django. Admin changelist forms utilizing `ModelAdmin.list_editable` were suscept… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-4277 | Red Hat | medium | 5.4 | — | | A flaw was found in Django. This vulnerability allows an attacker to bypass permission validation by… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-3902 | Red Hat | medium | 5.3 | — | | A flaw was found in Django. A remote attacker can exploit an ambiguous mapping of header variants (w… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-4740 | Red Hat | high | 8.2 | — | | A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluste… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-20911 | Red Hat | high | 7.5 | — | | A flaw was found in LibRaw. A remote attacker can exploit a heap-based buffer overflow vulnerability… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-21413 | Red Hat | high | 7.5 | — | | A flaw was found in LibRaw. A heap-based buffer overflow vulnerability exists in the `lossless_jpeg_… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-20889 | Red Hat | high | 7.5 | — | | A flaw was found in LibRaw, a library used for processing raw image files. This vulnerability, a hea… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-24660 | Red Hat | high | 7.5 | — | | A flaw was found in LibRaw. A remote attacker could exploit a heap-based buffer overflow vulnerabili… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-24450 | Red Hat | medium | 7.5 | — | | A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by pro… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-28808 | Red Hat | high | 7.4 | — | | A flaw was found in Erlang OTP (inets modules). A remote unauthenticated attacker could exploit an i… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-32144 | Red Hat | high | 7.4 | — | | A flaw was found in Erlang OTP public_key. This improper certificate validation vulnerability allows… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-23818 |  HPE | high | 8.8 | — | | A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Pr… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-33227 | Apache | medium | 4.3 | 0.1%
| | Improper validation and restriction of a classpath path name vulnerability in
Apache ActiveMQ Cli… | Apr 7, 2026 | Apr 20, 2026 |
| | CVE-2026-28810 | Red Hat | medium | 5.3 | 0.1%
| | A flaw was found in Erlang/OTP kernel. The built-in DNS resolver (inet_res) uses predictable 16-bit … | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-34197 | Apache | medium | — | 6.2%
| ⚠ KEV | Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability i… | Apr 7, 2026 | Apr 17, 2026 |
| | CVE-2026-1839 | Red Hat | medium | 6.7 | 0.0%
| | A flaw was found in HuggingFace Transformers. A remote attacker can exploit this vulnerability by su… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-31790 | Red Hat | medium | 5.9 | — | | A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely e… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-5745 | Red Hat | medium | 5.5 | — | | A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing l… | Apr 7, 2026 | Apr 7, 2026 |
| | CVE-2026-35199 |  Microsoft | medium | 6.1 | 0.1%
| | SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to befor… | Apr 6, 2026 | Apr 16, 2026 |
| | CVE-2026-35177 | Red Hat | medium | 4.1 | — | | A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially cra… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-35166 | Red Hat | medium | 4.6 | — | | A flaw was found in Hugo, a static site generator. This vulnerability arises from improper escaping … | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34764 | Red Hat | low | 2.3 | — | | A flaw was found in Electron, a framework for building desktop applications. This vulnerability, a u… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34756 | Red Hat | high | 6.5 | — | | A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). An unaut… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34755 | Red Hat | high | 6.5 | — | | A flaw was found in vLLM, an inference and serving engine for large language models. A remote attack… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34753 | Red Hat | medium | 5.4 | — | | A flaw was found in vLLM. This server-side request forgery (SSRF) vulnerability allows an attacker w… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34589 | Red Hat | high | 8.8 | — | | A flaw was found in OpenEXR. The DWA lossy decoder, responsible for processing EXR image files, inco… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34588 | Red Hat | high | 8.8 | — | | A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attac… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34444 | Red Hat | high | 8.1 | — | | A flaw was found in Lupa, a tool that integrates Lua or LuaJIT2 runtimes into CPython. An attacker c… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34380 | Red Hat | medium | 5.3 | — | | A flaw was found in OpenEXR, an image storage format library. A remote attacker could exploit a sign… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34379 | Red Hat | high | 7.1 | — | | A flaw was found in OpenEXR, an image storage format library for the motion picture industry. A remo… | Apr 6, 2026 | Apr 6, 2026 |
| | CVE-2026-34378 | Red Hat | medium | 6.5 | — | | A flaw was found in OpenEXR, a widely used image storage format. A remote attacker could exploit a m… | Apr 6, 2026 | Apr 6, 2026 |