| | CVE-2026-3539 |  Red Hat | high | 8.8 | 0.0%
| | Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who … | Mar 3, 2026 | Mar 3, 2026 |
| | CVE-2026-3543 | Red Hat | high | 8.8 | 0.1%
| | Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacke… | Mar 3, 2026 | Mar 3, 2026 |
| | CVE-2026-3544 | Red Hat | high | 8.8 | 0.1%
| | Heap buffer overflow in WebCodecs in Google Chrome prior to 145.0.7632.159 allowed a remote attacker… | Mar 3, 2026 | Mar 3, 2026 |
| | CVE-2026-3338 | Red Hat | high | 7.5 | 0.0%
| | Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass s… | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-3337 | Red Hat | medium | 6.5 | 0.1%
| | Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to pote… | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-3336 | Red Hat | high | 7.5 | 0.0%
| | Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass… | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-2256 | Red Hat | medium | 6.5 | 2.3%
| | A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, al… | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-25884 | Red Hat | low | 5.3 | 0.0%
| | Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP … | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-27596 | Red Hat | low | 5.3 | 0.1%
| | Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP … | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-27631 | Red Hat | low | 5.3 | 0.0%
| | Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP … | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-23865 | Red Hat | medium | 5.3 | 0.0%
| | An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in vers… | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-23600 |  HPE | medium | — | 0.2%
| | A remote authentication bypass vulnerability
exists in HPE AutoPass License Server (APLS). | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2025-58107 |  Microsoft | high | 7.5 | 0.0%
| | In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers … | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-3441 | Red Hat | medium | 6.1 | — | | No description is available for this CVE. | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-3442 | Red Hat | medium | 6.1 | — | | No description is available for this CVE. | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-3429 | Red Hat | medium | 4.2 | 0.0%
| | A flaw was identified in the Account REST API of Keycloak that allows a user authenticated at a lowe… | Mar 2, 2026 | Mar 2, 2026 |
| | CVE-2026-28422 | Red Hat | low | 2.2 | 0.0%
| | Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow … | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28421 | Red Hat | medium | 5.3 | 0.0%
| | Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overf… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28420 | Red Hat | medium | 4.4 | 0.0%
| | Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer over… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28419 | Red Hat | medium | 5.3 | 0.0%
| | Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer unde… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28418 | Red Hat | medium | 5.3 | 0.0%
| | Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer over… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28417 | Red Hat | medium | 4.4 | 0.0%
| | Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection … | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28416 | Red Hat | high | 8.2 | 0.0%
| | Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Se… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28415 | Red Hat | medium | 4.3 | 0.0%
| | Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the … | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-27167 | Red Hat | low | 3.7 | 0.1%
| | Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 a… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28406 | Red Hat | high | 8.5 | 0.1%
| | kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes clust… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28351 | Red Hat | medium | 6.5 | 0.1%
| | pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who use… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-22717 |  VMware | low | 2.7 | 0.0%
| | Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor… | Feb 27, 2026 | Mar 2, 2026 |
| | CVE-2026-22716 | VMware | medium | 5.0 | 0.0%
| | Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an acto… | Feb 27, 2026 | Mar 2, 2026 |
| | CVE-2026-2293 | Red Hat | high | 7.5 | 0.1%
| | A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-3304 | Red Hat | high | 7.5 | 0.1%
| | Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior t… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-2359 | Red Hat | high | 7.5 | 0.1%
| | Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior t… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-3293 | Red Hat | low | 3.3 | 0.0%
| | A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function S… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28364 | Red Hat | high | 7.9 | 0.0%
| | In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-28208 | Red Hat | medium | 5.9 | 0.1%
| | Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversa… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-22715 | VMware | medium | 5.9 | 0.0%
| | VMWare Workstation and Fusion contain a logic flaw in the management of network packets.
Known att… | Feb 26, 2026 | Feb 27, 2026 |
| | CVE-2026-27141 | Red Hat | medium | 5.3 | 0.1%
| | Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27970 | Red Hat | high | 7.1 | 0.0%
| | Angular is a development platform for building mobile and desktop web applications using TypeScript/… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27959 | Red Hat | high | 8.2 | 0.1%
| | Koa is middleware for Node.js using ES2017 async functions. Prior to versions 3.1.2 and 2.16.4, Koa'… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27942 | Red Hat | medium | 7.5 | 0.1%
| | fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object wi… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27945 |  Check Point | medium | 6.5 | 0.0%
| | ZITADEL is an open source identity management platform. Zitadel Action V2 (introduced as early previ… | Feb 26, 2026 | Mar 5, 2026 |
| | CVE-2026-27904 | Red Hat | medium | 6.5 | 0.1%
| | minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objec… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27903 | Red Hat | medium | 5.9 | 0.1%
| | minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objec… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27902 | Red Hat | medium | 4.2 | 0.0%
| | Svelte performance oriented web framework. Prior to version 5.53.5, errors from `transformError` wer… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27901 | Red Hat | medium | 5.4 | 0.0%
| | Svelte performance oriented web framework. Prior to version 5.53.5, the contents of `bind:innerText`… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27896 | Red Hat | high | 7.2 | 0.1%
| | The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message pars… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27830 | Red Hat | high | 8.0 | 0.1%
| ✓ Fix | c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serial… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27888 | Red Hat | medium | 5.3 | 0.0%
| | pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this v… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27837 | Red Hat | medium | 6.3 | 0.1%
| | Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 co… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27976 | Check Point | high | 8.8 | 0.0%
| | Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, … | Feb 26, 2026 | Mar 5, 2026 |