| | CVE-2025-69420 |  Red Hat | low | 5.9 | 0.2%
| ✓ Fix | Issue summary: A type confusion vulnerability exists in the TimeStamp Response
verification code whe… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-22795 | Red Hat | low | 5.5 | 0.0%
| ✓ Fix | Issue summary: An invalid or NULL pointer dereference can happen in
an application processing a malf… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-22796 | Red Hat | low | 5.9 | 0.1%
| ✓ Fix | Issue summary: A type confusion vulnerability exists in the signature
verification of signed PKCS#7 … | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-1467 | Red Hat | medium | 5.8 | 0.1%
| | A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Ret… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-1484 | Red Hat | medium | 4.2 | 0.1%
| | A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to i… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-1485 | Red Hat | low | 2.8 | 0.0%
| | A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs be… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-1489 | Red Hat | medium | 5.4 | 0.1%
| | A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implement… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2025-28164 | Red Hat | medium | 5.0 | 0.0%
| | Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of s… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2025-28162 | Red Hat | medium | 6.2 | 0.0%
| | Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of s… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-1504 | Red Hat | high | 6.5 | 0.0%
| | Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowe… | Jan 27, 2026 | Jan 27, 2026 |
| | CVE-2026-24400 | Red Hat | medium | 6.1 | 0.0%
| | AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine (JVM). Starting in … | Jan 26, 2026 | Jan 26, 2026 |
| | CVE-2026-24131 | Red Hat | medium | 6.5 | 0.0%
| | pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's `directories.bi… | Jan 26, 2026 | Jan 26, 2026 |
| | CVE-2026-24056 | Red Hat | medium | 6.5 | 0.0%
| | pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a `file:` (directory) or `gi… | Jan 26, 2026 | Jan 26, 2026 |
| | CVE-2026-23890 | Red Hat | medium | 6.5 | 0.0%
| | pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's bin li… | Jan 26, 2026 | Jan 26, 2026 |
| | CVE-2026-23889 | Red Hat | medium | 6.5 | 0.0%
| | pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's tarbal… | Jan 26, 2026 | Jan 26, 2026 |
| | CVE-2025-59472 | Red Hat | medium | 5.9 | 0.1%
| | A denial of service vulnerability exists in Next.js versions with Partial Prerendering (PPR) enabled… | Jan 26, 2026 | Jan 26, 2026 |
| | CVE-2025-59471 | Red Hat | medium | 5.9 | 0.0%
| | A denial of service vulnerability exists in self-hosted Next.js applications that have `remotePatter… | Jan 26, 2026 | Jan 26, 2026 |
| | CVE-2026-23888 | Red Hat | medium | 6.5 | 0.0%
| | pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary… | Jan 26, 2026 | Jan 26, 2026 |
| | CVE-2026-21509 |  Microsoft | high | 7.8 | 9.3%
| ⚠ KEV | Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attac… | Jan 26, 2026 | Feb 11, 2026 |
| | CVE-2025-50537 | Red Hat | medium | 5.5 | 0.0%
| | Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular referenc… | Jan 26, 2026 | Jan 26, 2026 |
| | CVE-2026-22997 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: can: j1939: j1939_xtp_rx_rt… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23005 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
x86/fpu: Clear XSTATE_BV[i] in g… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23012 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
mm/damon/core: remove call_contr… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23004 | Red Hat | medium | 4.7 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
dst: fix races in rt6_uncached_l… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-22996 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Don't store mlx5e_pri… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23001 | Red Hat | medium | 7.8 | 0.0%
| ✓ Fix | In the Linux kernel, the following vulnerability has been resolved:
macvlan: fix possible UAF in mac… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2025-71162 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
dmaengine: tegra-adma: Fix use-a… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23002 | Red Hat | low | 4.7 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
lib/buildid: use __kernel_read()… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-22999 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net/sched: sch_qfq: do not free … | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23013 | Red Hat | medium | 4.4 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net: octeon_ep_vf: fix free_irq … | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23009 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
xhci: sideband: don't dereferenc… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-22998 | Red Hat | medium | 6.4 | 0.0%
| ✓ Fix | In the Linux kernel, the following vulnerability has been resolved:
nvme-tcp: fix NULL pointer deref… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23006 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
ASoC: tlv320adcx140: fix null po… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23011 | Red Hat | medium | 6.6 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
ipv4: ip_gre: make ipgre_header(… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23007 | Red Hat | low | 4.7 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
block: zero non-PI portion of au… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23008 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Fix KMS with 3D on H… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23010 | Red Hat | medium | 7.3 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
ipv6: Fix use-after-free in inet… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23000 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix crash on profile … | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2025-71163 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
dmaengine: idxd: fix device leak… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-23003 | Red Hat | medium | 6.1 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
ip6_tunnel: use skb_vlan_inet_pr… | Jan 25, 2026 | Jan 25, 2026 |
| | CVE-2026-24401 | Red Hat | medium | 6.5 | 0.0%
| | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protoco… | Jan 24, 2026 | Jan 24, 2026 |
| | CVE-2026-1386 | Red Hat | medium | 6.0 | 0.0%
| | A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and ear… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-1299 | Red Hat | medium | 7.1 | 0.0%
| ✓ Fix | The
email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-0994 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python,… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-24515 | Red Hat | low | 2.9 | 0.0%
| | In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-0775 | Red Hat | high | 7.0 | 0.0%
| | npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2025-15059 | Red Hat | high | 7.8 | 0.1%
| ✓ Fix | GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerabi… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2026-24304 | Microsoft | critical | 9.9 | 0.1%
| | Improper access control in Azure Resource Manager allows an authorized attacker to elevate privilege… | Jan 23, 2026 | Feb 12, 2026 |
| | CVE-2026-24137 | Red Hat | medium | 5.8 | 0.0%
| | sigstore framework is a common go library shared across sigstore services and clients. In versions 1… | Jan 23, 2026 | Jan 23, 2026 |
| | CVE-2025-71145 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
usb: phy: isp1301: fix non-OF de… | Jan 23, 2026 | Jan 23, 2026 |