| | CVE-2026-41240 | Red Hat | medium | 8.1 | 0.0%
| ✓ Fix | A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could ex… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41239 | Red Hat | medium | 6.8 | 0.1%
| | A flaw was found in DOMPurify. A remote attacker could exploit this cross-site scripting (XSS) vulne… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41238 | Red Hat | medium | 6.8 | 0.0%
| | A flaw was found in DOMPurify, a software library used to clean potentially malicious code from web … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-34003 | Red Hat | high | 7.8 | — | | A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could se… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-34001 | Red Hat | high | 7.8 | — | | A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-33999 | Red Hat | high | 7.8 | — | | A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XK… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2025-66286 | Red Hat | medium | 4.7 | — | | An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2025-13763 | Red Hat | low | 5.7 | — | | Multiple uses of uninitialized variables were found in libopensc that may lead to information disclo… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41990 | Red Hat | low | 3.3 | 0.0%
| ✓ Fix | A flaw was found in Libgcrypt. During Dilithium signing operations, the library fails to perform a b… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41989 | Red Hat | medium | 7.5 | 0.0%
| ✓ Fix | A flaw was found in Libgcrypt. A remote attacker could exploit this vulnerability by sending crafted… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41988 | Red Hat | low | 2.8 | 0.0%
| | A flaw was found in uuid. When external output buffers are used with UUID versions 3, 5, or 6, an at… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41196 | Red Hat | high | 8.2 | 0.1%
| | A flaw was found in Luanti (formerly Minetest), an open-source game platform. A malicious mod, when … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41179 | Red Hat | high | 9.8 | 0.1%
| | A flaw was found in Rclone, a command-line program for syncing files with cloud storage. An unauthen… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-31532 | Red Hat | high | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's Controller Area Network (CAN) raw socket implementation. A us… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-31531 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel. A local user can trigger a denial of service by querying a nex… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-31533 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net/tls: fix use-after-free in -… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41176 | Red Hat | high | 9.8 | 16.7%
| | Rclone is a command-line program to sync files and directories to and from different cloud storage p… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-41134 | Microsoft | high | 7.8 | 0.1%
| | Kiota is an OpenAPI based HTTP Client code generator. Versions prior to 1.31.1 are affected by a cod… | Apr 22, 2026 | May 14, 2026 |
| | CVE-2026-41314 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in pypdf, a pure-Python PDF library. An attacker can exploit this vulnerability by … | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-41313 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in pypdf. An attacker can craft a malicious PDF file with a large trailer `/Size` v… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-41312 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in pypdf. An attacker can craft a malicious PDF file containing a specially compres… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-41168 | Red Hat | medium | 6.5 | 0.1%
| | A flaw was found in pypdf. An attacker can craft a malicious PDF file containing oversized cross-ref… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-6019 | Red Hat | medium | 6.8 | 0.0%
| | http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-41326 | Red Hat | high | 8.8 | 0.1%
| | Kata Containers is an open source project focusing on a standard implementation of lightweight Virtu… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-41651 | Red Hat | high | 8.8 | — | | A flaw was found in PackageKit. A time-of-check time-of-use (TOCTOU) race condition on transaction f… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-6857 | Apache | high | 7.5 | 0.7%
| | A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the Prot… | Apr 22, 2026 | Jun 30, 2026 |
| | CVE-2026-31431 | Fortinet | high | 7.8 | 96.8%
| ⚠ KEV | In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Revert to … | Apr 22, 2026 | Jul 1, 2026 |
| | CVE-2026-40542 | Apache | high | 7.3 | 0.6%
| | Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the cli… | Apr 22, 2026 | Jun 30, 2026 |
| | CVE-2026-22754 | VMware | high | 7.5 | 0.2%
| | Vulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/se… | Apr 22, 2026 | Jun 30, 2026 |
| | CVE-2026-22747 | VMware | medium | 6.8 | 0.2%
| | Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle cer… | Apr 22, 2026 | Jun 30, 2026 |
| | CVE-2026-22753 | Red Hat | medium | 6.5 | 0.1%
| | A flaw was found in Spring Security. When an application uses specific configurations involving `sec… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-22748 | Red Hat | medium | 5.3 | 0.1%
| | A flaw was found in Spring Security. When an application is configured to decode JSON Web Tokens (JW… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-22746 | Red Hat | low | 3.7 | 0.1%
| | A flaw was found in Spring Security. If an application uses the UserDetails#isEnabled, #isAccountNon… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31433 | Red Hat | medium | — | 0.0%
| | A flaw was found in the ksmbd module of the Linux kernel. A remote attacker can exploit this vulnera… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31432 | Red Hat | medium | — | 0.0%
| | A flaw was found in the ksmbd component of the Linux kernel. This vulnerability allows an attacker t… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31467 | Red Hat | medium | 5.5 | — | | No description is available for this CVE. | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31519 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's Btrfs filesystem. A race condition, a situation where the out… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31488 | Red Hat | medium | — | — | | No description is available for this CVE. | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31440 | Red Hat | medium | 5.5 | — | | No description is available for this CVE. | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31476 | Red Hat | medium | — | — | | A flaw was found in ksmbd in the Linux kernel. A remote attacker can exploit this vulnerability by s… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31498 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's Bluetooth L2CAP (Logical Link Control and Adaptation Protocol… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31524 | Red Hat | low | 5.5 | — | | A flaw was found in the Linux kernel's Human Interface Device (HID) subsystem, specifically within t… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31493 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's RDMA/efa component. When an admin command completes with an e… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31450 | Red Hat | medium | 7.0 | — | | No description is available for this CVE. | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31460 | Red Hat | medium | — | — | | A flaw was found in the `drm/amd/display` component of the Linux kernel. This vulnerability occurs b… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31459 | Red Hat | medium | — | — | | No description is available for this CVE. | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31448 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel's ext4 filesystem. When creating a directory or node, if an ext… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31487 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel, specifically within its Serial Peripheral Interface (SPI) subs… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31508 | Red Hat | high | 7.0 | — | | No description is available for this CVE. | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-31480 | Red Hat | medium | 7.0 | — | | A flaw was found in the Linux kernel. A local attacker or a user with specific privileges could expl… | Apr 22, 2026 | Apr 22, 2026 |