| | CVE-2026-43325 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's iwlwifi driver. This vulnerability occurs when the driver att… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43334 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's Bluetooth Security Manager Protocol (SMP). An attacker could … | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43336 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's ChaCha cryptographic algorithm implementation. The `permuted_… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43318 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix sync handling in… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43330 | Red Hat | medium | 7.1 | 0.0%
| | A flaw was found in the Linux kernel's caam cryptographic accelerator driver. When processing a Hash… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43326 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel, specifically within the `sched_ext` component. This vulnerabil… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43328 | Red Hat | medium | 7.0 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
cpufreq: governor: fix double fr… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43323 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel. Incorrect tracking of virtual runtime (zero_vruntime) in the s… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43324 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's dummy-hcd driver. This vulnerability stems from an interrupt … | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43335 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's interconnect driver for Qualcomm SM8450. The issue arises fro… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43327 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
USB: dummy-hcd: Fix locking/sync… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43339 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's IPv6 networking subsystem. Specifically, a Use-after-Free (Ua… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43337 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix NULL pointe… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43301 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
media: chips-media: wave5: Fix P… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43338 | Red Hat | low | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's Btrfs filesystem. The qgroup ioctls (input/output control sys… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43329 | Red Hat | high | 7.0 | 0.0%
| | A flaw was found in the Netfilter flowtable component of the Linux kernel. This vulnerability occurs… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43333 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
bpf: reject direct access to nul… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43322 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Bluetooth Host Controller Interface (HCI) synchronization module (`hci_sync`… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43357 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
iio: gyro: mpu3050-core: fix pm_… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43425 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
usb: image: mdc800: kill downloa… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43371 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: macb: Shuffle the tx ring b… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-43356 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
iio: imu: adis: Fix NULL pointer… | May 8, 2026 | May 8, 2026 |
| | CVE-2026-42880 | Red Hat | high | 7.7 | 0.0%
| ✓ Fix | Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to bef… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-42826 | Microsoft | critical | 10.0 | 0.1%
| | Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized at… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-41105 | Microsoft | high | 8.1 | 0.1%
| | Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to el… | May 7, 2026 | May 14, 2026 |
| | CVE-2026-35435 | Microsoft | high | 8.6 | 0.0%
| | Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-35428 | Microsoft | critical | 9.6 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in Azure Cloud S… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-34327 | Microsoft | high | 8.2 | 0.1%
| | Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows a… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-33844 | Microsoft | critical | 9.0 | 0.1%
| | Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker… | May 7, 2026 | Jun 1, 2026 |
| | CVE-2026-33823 | Microsoft | critical | 9.6 | 0.1%
| | Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-33111 | Microsoft | high | 7.5 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in Copilot Chat … | May 7, 2026 | May 14, 2026 |
| | CVE-2026-33109 | Microsoft | critical | 9.9 | 0.1%
| | Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-32207 | Microsoft | high | 8.8 | 0.0%
| | Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machin… | May 7, 2026 | May 8, 2026 |
| | CVE-2026-26164 | Microsoft | high | 7.5 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in M365 Copilot … | May 7, 2026 | Jun 1, 2026 |
| | CVE-2026-26129 | Microsoft | high | 7.5 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in M365 Copilot … | May 7, 2026 | Jun 1, 2026 |
| | CVE-2026-41650 | Red Hat | medium | 5.4 | 0.0%
| | A flaw was found in fast-xml-parser. The XMLBuilder component does not properly escape specific sequ… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-8094 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunde… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-8093 | Red Hat | high | 7.5 | 0.0%
| | Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corrupti… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-8092 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some o… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-8090 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-4430 | Red Hat | medium | 7.6 | 0.0%
| | A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerabil… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-41139 | Red Hat | high | 8.8 | 0.1%
| | A flaw was found in math.js, an extensive math library for JavaScript and Node.js. This vulnerabilit… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-41413 | Red Hat | medium | 5.0 | 0.1%
| | A flaw was found in Istio. When a RequestAuthentication resource is created with a jwksUri (JSON Web… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-41004 | VMware | medium | 4.4 | 0.0%
| | When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain … | May 7, 2026 | May 12, 2026 |
| | CVE-2026-41002 | VMware | high | 7.2 | 0.0%
| | The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server… | May 7, 2026 | May 12, 2026 |
| | CVE-2026-40982 | VMware | critical | 9.1 | 0.8%
| | Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-… | May 7, 2026 | Jun 30, 2026 |
| | CVE-2026-40981 | VMware | high | 7.5 | 0.4%
| | When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft… | May 7, 2026 | Jun 30, 2026 |
| | CVE-2026-42217 | Red Hat | medium | 4.3 | 0.1%
| | A flaw was found in OpenEXR. A remote attacker could exploit this vulnerability by providing a speci… | May 7, 2026 | May 7, 2026 |
| | CVE-2026-41674 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in xmldom and @xmldom/xmldom, a JavaScript library for parsing and serializing XML.… | May 7, 2026 | May 7, 2026 |
| | CVE-2025-67202 | Red Hat | medium | 5.4 | 0.0%
| | A flaw was found in Sidekiq-cron, an open-source scheduling add-on for Sidekiq. A remote attacker co… | May 7, 2026 | May 7, 2026 |