| | CVE-2025-70888 |  Red Hat | critical | 10.0 | 0.0%
| | An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate … | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-3889 | Red Hat | medium | 5.4 | — | | A spoofing flaw has been found in Thunderbird. | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-33412 | Red Hat | high | 7.3 | — | | A flaw was found in Vim. By including a newline character in a pattern passed to Vim's glob() functi… | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-33349 | Red Hat | medium | 5.9 | — | | A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by providing s… | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-32948 | Red Hat | medium | 5.7 | — | | A flaw was found in sbt, a build tool for Scala and Java. On Windows, sbt uses the `cmd /c` command … | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-32854 | Red Hat | medium | 5.3 | — | | A flaw was found in LibVNCServer. This vulnerability allows a remote attacker to cause a Denial of S… | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-32853 | Red Hat | medium | 5.4 | — | | A flaw was found in LibVNCServer. A malicious VNC server can exploit an improper bounds checking vul… | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-32647 |  F5 | high | 7.8 | 0.0%
| | NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might… | Mar 24, 2026 | Mar 26, 2026 |
| | CVE-2026-28755 | F5 | medium | 5.4 | 0.0%
| | NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the… | Mar 24, 2026 | Mar 26, 2026 |
| | CVE-2026-28753 | F5 | low | 3.7 | 0.0%
| | NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_module module due to the … | Mar 24, 2026 | Mar 26, 2026 |
| | CVE-2026-27784 | F5 | high | 7.8 | 0.0%
| | The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module… | Mar 24, 2026 | Mar 30, 2026 |
| | CVE-2026-27654 | F5 | high | 8.2 | 0.0%
| | NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might a… | Mar 24, 2026 | Mar 26, 2026 |
| | CVE-2026-27651 | F5 | high | 7.5 | 0.0%
| | When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed… | Mar 24, 2026 | Mar 30, 2026 |
| | CVE-2026-4775 | Red Hat | high | 7.8 | — | | A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow v… | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-32642 |  Apache | medium | 4.3 | 0.0%
| | Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists wh… | Mar 24, 2026 | Mar 30, 2026 |
| | CVE-2026-4649 | Red Hat | medium | 6.1 | 0.0%
| | A flaw was found in Apache Artemis and KNIME Business Hub. A user with normal privileges and the abi… | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-3260 | Apache | medium | 5.9 | 0.5%
| | A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP … | Mar 24, 2026 | Mar 26, 2026 |
| | CVE-2026-33306 | Red Hat | medium | 6.7 | — | | A flaw was found in bcrypt-ruby, a Ruby binding for the OpenBSD bcrypt() password hashing algorithm,… | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-33554 | Red Hat | medium | 8.8 | — | | A flaw was found in FreeIPMI. The `ipmi-oem` program is used to send Intelligent Platform Management… | Mar 24, 2026 | Mar 24, 2026 |
| | CVE-2026-26209 | Red Hat | medium | 5.5 | — | | A flaw was found in cbor2, a library for encoding and decoding Concise Binary Object Representation … | Mar 23, 2026 | Mar 23, 2026 |
| | CVE-2026-3635 | Red Hat | medium | 6.1 | — | | A flaw was found in fastify. When the trustProxy option is configured with a restrictive trust funct… | Mar 23, 2026 | Mar 23, 2026 |
| | CVE-2026-4647 | Red Hat | medium | 6.1 | — | | A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files … | Mar 23, 2026 | Mar 23, 2026 |
| | CVE-2026-22737 |  VMware | medium | 5.9 | 0.1%
| | Use of Java scripting engine enabled (e.g. JRuby, Jython) template views in Spring MVC and Spring We… | Mar 20, 2026 | Apr 23, 2026 |
| | CVE-2026-22735 | VMware | low | 2.6 | 0.0%
| | Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Event… | Mar 20, 2026 | Apr 23, 2026 |
| | CVE-2026-22733 | VMware | high | 8.2 | 0.0%
| | Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability… | Mar 20, 2026 | Apr 23, 2026 |
| | CVE-2026-22732 | VMware | critical | 9.1 | 0.0%
| | When applications specify HTTP response headers for servlet applications using Spring Security, ther… | Mar 19, 2026 | Apr 16, 2026 |
| | CVE-2026-22731 | VMware | high | 8.2 | 0.1%
| | Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability… | Mar 19, 2026 | Apr 16, 2026 |
| | CVE-2026-32721 | Red Hat | high | 8.8 | — | | A flaw was found in LuCI, the OpenWrt Configuration Interface. A remote attacker can exploit a store… | Mar 19, 2026 | Mar 19, 2026 |
| | CVE-2026-30874 | Red Hat | high | 8.2 | — | | A flaw was found in the `procd` component of OpenWrt. A highly privileged local attacker can bypass … | Mar 19, 2026 | Mar 19, 2026 |
| | CVE-2026-32194 |  Microsoft | critical | 9.8 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in Microsoft Bin… | Mar 19, 2026 | Apr 14, 2026 |
| | CVE-2026-30873 | Red Hat | medium | 4.5 | — | | A flaw was found in the `jsonpath` component of the OpenWrt Project. The `jp_get_token` function, wh… | Mar 19, 2026 | Mar 19, 2026 |
| | CVE-2026-30872 | Red Hat | critical | 9.8 | — | | A flaw was found in OpenWrt's mdns daemon. A remote attacker can exploit a stack-based buffer overfl… | Mar 19, 2026 | Mar 19, 2026 |
| | CVE-2026-30871 | Red Hat | critical | 9.8 | — | | A flaw was found in the OpenWrt mdns daemon. A remote attacker can exploit a Stack-based Buffer Over… | Mar 19, 2026 | Mar 19, 2026 |
| | CVE-2026-32191 | Microsoft | critical | 9.8 | 0.1%
| | Improper neutralization of special elements used in an os command ('os command injection') in Micros… | Mar 19, 2026 | Apr 14, 2026 |
| | CVE-2026-32169 | Microsoft | critical | 10.0 | 0.1%
| | Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate p… | Mar 19, 2026 | Apr 14, 2026 |
| | CVE-2026-26139 | Microsoft | high | 8.6 | 0.1%
| | Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate p… | Mar 19, 2026 | Mar 24, 2026 |
| | CVE-2026-26138 | Microsoft | high | 8.6 | 0.1%
| | Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate p… | Mar 19, 2026 | Mar 24, 2026 |
| | CVE-2026-26137 | Microsoft | critical | 9.9 | 0.0%
| | Server-side request forgery (ssrf) in Microsoft Exchange allows an authorized attacker to elevate pr… | Mar 19, 2026 | Mar 27, 2026 |
| | CVE-2026-26136 | Microsoft | medium | 6.5 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in Microsoft Cop… | Mar 19, 2026 | Apr 1, 2026 |
| | CVE-2026-26120 | Microsoft | medium | 6.5 | 0.1%
| | Server-side request forgery (ssrf) in Microsoft Bing allows an unauthorized attacker to perform tamp… | Mar 19, 2026 | Apr 1, 2026 |
| | CVE-2026-24299 | Microsoft | medium | 5.3 | 0.0%
| | Improper neutralization of special elements used in a command ('command injection') in M365 Copilot … | Mar 19, 2026 | Mar 24, 2026 |
| | CVE-2026-23659 | Microsoft | high | 8.6 | 0.1%
| | Exposure of sensitive information to an unauthorized actor in Azure Data Factory allows an unauthori… | Mar 19, 2026 | Apr 1, 2026 |
| | CVE-2026-23658 | Microsoft | high | 8.6 | 0.1%
| | Insufficiently protected credentials in Azure DevOps allows an unauthorized attacker to elevate priv… | Mar 19, 2026 | Apr 1, 2026 |
| | CVE-2026-25667 | Microsoft | high | 7.5 | 2.7%
| | ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote … | Mar 19, 2026 | Apr 22, 2026 |
| | CVE-2006-10003 | Red Hat | high | 8.8 | 0.0%
| | A flaw was found in XML::Parser, a Perl module for parsing XML. This vulnerability, an off-by-one he… | Mar 19, 2026 | Mar 19, 2026 |
| | CVE-2006-10002 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in XML::Parser for Perl. This vulnerability allows an attacker to cause a heap corr… | Mar 19, 2026 | Mar 19, 2026 |
| | CVE-2026-4424 | Red Hat | high | 7.5 | — | | A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive… | Mar 19, 2026 | Mar 19, 2026 |
| | CVE-2026-4426 | Red Hat | medium | 6.5 | — | | A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompressi… | Mar 19, 2026 | Mar 19, 2026 |
| | CVE-2026-31965 | Red Hat | medium | 5.6 | — | | A flaw was found in HTSlib, a library for reading and writing bioinformatics file formats. This vuln… | Mar 18, 2026 | Mar 18, 2026 |
| | CVE-2026-31964 | Red Hat | medium | 5.0 | — | | A flaw was found in HTSlib, a library for reading and writing bioinformatics file formats. When proc… | Mar 18, 2026 | Mar 18, 2026 |