| | CVE-2026-42014 | Red Hat | medium | — | — | ✓ Fix | No description is available for this CVE. | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-42015 | Red Hat | medium | 5.3 | 0.1%
| ✓ Fix | A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This… | Apr 29, 2026 | Apr 29, 2026 |
| | CVE-2026-6238 | Red Hat | medium | 6.5 | 0.0%
| ✓ Fix | A flaw was found in glibc (GNU C Library). The deprecated functions ns_printrrf, ns_printrr, and fp_… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-41873 | Apache | critical | 9.8 | — | | ** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-40969 | VMware | low | 3.7 | 0.0%
| | The raw message of every server-side AuthenticationException is returned to the unauthenticated remo… | Apr 28, 2026 | Apr 30, 2026 |
| | CVE-2026-40968 | VMware | medium | 4.2 | 0.0%
| | When an authenticated user is denied access to a gRPC method, their authenticated identity remains b… | Apr 28, 2026 | Apr 30, 2026 |
| | CVE-2026-5944 | Cisco | high | 8.2 | 0.1%
| | An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix… | Apr 28, 2026 | May 18, 2026 |
| | CVE-2026-7321 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7324 | Red Hat | high | 7.5 | 0.0%
| | A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issu… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7323 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7322 | Red Hat | high | 8.8 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7320 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes th… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-5435 | Red Hat | medium | 5.9 | — | ✓ Fix | A flaw was found in glibc, the GNU C Library. Specifically, deprecated functions responsible for pri… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-41607 | Apache | medium | 6.5 | 1.0%
| | Out-of-bounds Read vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-41606 | Apache | medium | 5.3 | 1.1%
| | Uncontrolled Recursion vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.2… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-41605 | Apache | high | 7.3 | 1.0%
| | Integer Overflow or Wraparound vulnerability in Apache Thrift.
This issue affects Apache Thrift: be… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-41604 | Apache | high | 8.2 | 1.0%
| | Out-of-bounds Read vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-41603 | Apache | high | 7.4 | 0.6%
| | Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.
This issue af… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-41602 | Apache | high | 7.5 | 1.2%
| | Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implement… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2025-48431 | Apache | high | 7.5 | 1.1%
| | Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings.
This… | Apr 28, 2026 | Jul 9, 2026 |
| | CVE-2026-41636 | Red Hat | medium | 7.5 | 0.2%
| | No description is available for this CVE. | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-40980 | VMware | medium | 6.5 | 0.0%
| | In Spring AI, a malicious PDF file can be crafted that triggers the allocation of unreasonable amoun… | Apr 28, 2026 | Apr 29, 2026 |
| | CVE-2026-40979 | VMware | medium | 6.1 | 0.0%
| | In Spring AI, having access to a shared environment can expose the ONNX model used by the applicatio… | Apr 28, 2026 | Apr 29, 2026 |
| | CVE-2026-40978 | VMware | high | 8.8 | 0.0%
| | SQL injection vulnerability in Spring AI's `CosmosDBVectorStore` allows attackers to execute arbitra… | Apr 28, 2026 | Apr 29, 2026 |
| | CVE-2026-40966 | VMware | medium | 5.9 | 0.0%
| | In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from oth… | Apr 28, 2026 | Apr 29, 2026 |
| | CVE-2026-40967 | VMware | high | 8.6 | 0.0%
| | In Spring AI, various FilterExpressionConverter implementations accept a filter expression object an… | Apr 28, 2026 | Apr 29, 2026 |
| | CVE-2026-7233 | Red Hat | low | 3.3 | 0.0%
| | A flaw was found in Artifex MuPDF, specifically within its CFF Index Handler component. A local user… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-42510 | Red Hat | medium | 6.6 | 0.0%
| | OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a c… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-40976 | VMware | critical | 9.1 | 0.4%
| | In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized ac… | Apr 28, 2026 | Jun 30, 2026 |
| | CVE-2026-40975 | VMware | medium | 4.8 | 0.2%
| | Values produced by ${random.value} are not suitable for use as secrets. ${random.uuid} is not affect… | Apr 28, 2026 | Jun 30, 2026 |
| | CVE-2026-40356 | Red Hat | high | 5.9 | 0.1%
| | A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit an integer… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-40355 | Red Hat | medium | 5.9 | 0.1%
| | A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit a NULL poi… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7309 | Red Hat | medium | 4.3 | — | | A flaw was found in the OpenShift Container Platform build system. A user with the `edit` ClusterRol… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7351 | Red Hat | high | 5.5 | 0.0%
| | A race flaw was found in the MHTML component of the Chromium browser.
Upstream bug(s):
https://code.… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7353 | Red Hat | high | 8.2 | 0.0%
| | Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who … | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7339 | Red Hat | medium | 8.8 | 0.0%
| | Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7341 | Red Hat | high | 8.8 | 0.0%
| | Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execu… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7338 | Red Hat | high | 8.8 | 0.0%
| | Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local net… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7334 | Red Hat | high | 8.8 | 0.0%
| | Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7340 | Red Hat | medium | 5.4 | 0.0%
| | An integer overflow flaw was found in the ANGLE component of the Chromium browser.
Upstream bug(s):
… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7358 | Red Hat | high | 9.6 | 0.0%
| | Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to ex… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7356 | Red Hat | high | 9.6 | 0.0%
| | Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to e… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7352 | Red Hat | high | 9.0 | 0.0%
| | Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacke… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7359 | Red Hat | high | 9.0 | 0.0%
| | Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had c… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7348 | Red Hat | high | 8.8 | 0.0%
| | Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execu… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7336 | Red Hat | high | 8.8 | 0.0%
| | Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execu… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7360 | Red Hat | high | 8.7 | 0.0%
| | An insufficient validation of untrusted input flaw was found in the Compositing component of the Chr… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7347 | Red Hat | high | 9.8 | 0.1%
| | Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to e… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7363 | Red Hat | high | 9.6 | 0.0%
| | Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remot… | Apr 28, 2026 | Apr 28, 2026 |
| | CVE-2026-7349 | Red Hat | high | 8.8 | 0.0%
| | Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local net… | Apr 28, 2026 | Apr 28, 2026 |