| | CVE-2026-40915 | Red Hat | medium | 5.5 | — | | A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the F… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-40916 | Red Hat | medium | 5.0 | — | | A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decod… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-40917 | Red Hat | medium | 5.0 | — | | A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-40918 | Red Hat | medium | 5.5 | — | | A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can le… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-40919 | Red Hat | medium | 6.1 | — | | A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plug… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6384 | Red Hat | high | 7.3 | — | | A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `R… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6245 | Red Hat | medium | 5.5 | — | | A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() fu… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6383 | Red Hat | medium | 5.4 | — | | A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization … | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-5758 | Red Hat | medium | 6.5 | 0.1%
| | A flaw was found in the `protocol-buffers-schema` JavaScript library. This vulnerability, known as p… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-20186 | Cisco | critical | 9.9 | 5.9%
| | A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacke… | Apr 15, 2026 | Jun 29, 2026 |
| | CVE-2026-20184 | Cisco | critical | 9.8 | 0.5%
| | A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services … | Apr 15, 2026 | Jun 17, 2026 |
| | CVE-2026-20180 | Cisco | critical | 9.9 | 6.0%
| | A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacke… | Apr 15, 2026 | Jul 8, 2026 |
| | CVE-2026-20170 | Cisco | medium | 6.1 | 0.2%
| | A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed … | Apr 15, 2026 | Jul 1, 2026 |
| | CVE-2026-20161 | Cisco | medium | 5.5 | 0.1%
| | A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, loca… | Apr 15, 2026 | Jun 17, 2026 |
| | CVE-2026-20152 | Cisco | medium | 5.3 | 0.3%
| | A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web… | Apr 15, 2026 | Jun 17, 2026 |
| | CVE-2026-20148 | Cisco | medium | 4.9 | 9.2%
| | A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perf… | Apr 15, 2026 | Jul 8, 2026 |
| | CVE-2026-20147 | Cisco | critical | 9.9 | 10.9%
| | A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to exec… | Apr 15, 2026 | Jul 8, 2026 |
| | CVE-2026-20136 | Cisco | medium | 6.0 | 0.5%
| | A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identi… | Apr 15, 2026 | Jul 2, 2026 |
| | CVE-2026-20132 | Cisco | medium | 4.8 | 0.2%
| | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (IS… | Apr 15, 2026 | Jul 2, 2026 |
| | CVE-2026-20081 | Cisco | medium | 6.5 | 0.4%
| | Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker&nbs… | Apr 15, 2026 | Jun 17, 2026 |
| | CVE-2026-20078 | Cisco | medium | 6.5 | 0.4%
| | Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker&nbs… | Apr 15, 2026 | Jun 17, 2026 |
| | CVE-2026-20061 | Cisco | medium | 4.3 | 0.2%
| | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authe… | Apr 15, 2026 | Jun 17, 2026 |
| | CVE-2026-20060 | Cisco | medium | 4.7 | 0.2%
| | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unaut… | Apr 15, 2026 | Jun 17, 2026 |
| | CVE-2026-20059 | Cisco | medium | 6.1 | 0.2%
| | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unaut… | Apr 15, 2026 | Jun 17, 2026 |
| | CVE-2026-20204 | Splunk | high | 7.1 | 0.1%
| | In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform ve… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20203 | Splunk | medium | 4.3 | 0.0%
| | In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform ve… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-20202 | Splunk | medium | 6.6 | 0.0%
| | In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform ve… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2025-12141 | Red Hat | low | 5.0 | 0.1%
| | A flaw was found in Grafana's alerting system. Users with editor permissions, specifically those abl… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-25219 | Apache | medium | 6.5 | 0.0%
| | The `access_key` and `connection_string` connection properties were not marked as sensitive names in… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-4630 | Red Hat | medium | 6.8 | 0.0%
| ✓ Fix | A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Refere… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-30778 | Apache | high | 7.5 | 0.0%
| | The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of M… | Apr 15, 2026 | Apr 20, 2026 |
| | CVE-2026-33805 | Red Hat | high | 7.4 | 0.0%
| ✓ Fix | A flaw was found in @fastify/reply-from and @fastify/http-proxy. A remote attacker can exploit this … | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-3505 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerabilit… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-5588 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. B… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-5598 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core mo… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-0636 | Red Hat | high | 6.5 | 0.0%
| ✓ Fix | Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability i… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2025-14813 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc.… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-5088 | Apache | medium | — | 0.0%
| | Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts… | Apr 15, 2026 | Apr 16, 2026 |
| | CVE-2026-5160 | Red Hat | medium | 6.1 | 0.1%
| | A flaw was found in github.com/yuin/goldmark/renderer/html. This Cross-site Scripting (XSS) vulnerab… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2025-54550 | Apache | high | 8.1 | 0.1%
| | The example example_xcom that was included in airflow documentation implemented unsafe pattern of re… | Apr 15, 2026 | Apr 17, 2026 |
| | CVE-2026-33806 | Red Hat | high | 7.5 | 0.0%
| | A flaw was found in Fastify. A remote attacker could exploit this vulnerability by prepending a spac… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6318 | Red Hat | medium | 9.6 | — | | An use after free flaw was found in the Codecs component of the Chromium browser.
Upstream bug(s):
h… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6358 | Red Hat | high | 8.8 | — | | An use after free flaw was found in the XR component of the Chromium browser.
Upstream bug(s):
https… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6300 | Red Hat | high | 8.8 | — | | An use after free flaw was found in the CSS component of the Chromium browser.
Upstream bug(s):
http… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6306 | Red Hat | high | 9.6 | — | | A heap buffer overflow flaw was found in the PDFium component of the Chromium browser.
Upstream bug(… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6305 | Red Hat | high | 9.6 | — | | A heap buffer overflow flaw was found in the PDFium component of the Chromium browser.
Upstream bug(… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6296 | Red Hat | high | 9.6 | — | | A heap buffer overflow flaw was found in the ANGLE component of the Chromium browser.
Upstream bug(s… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6301 | Red Hat | high | 9.6 | — | | A type confusion flaw was found in the Turbofan component of the Chromium browser.
Upstream bug(s):
… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6302 | Red Hat | high | 8.8 | — | | An use after free flaw was found in the Video component of the Chromium browser.
Upstream bug(s):
ht… | Apr 15, 2026 | Apr 15, 2026 |
| | CVE-2026-6297 | Red Hat | high | 8.3 | — | | An use after free flaw was found in the Proxy component of the Chromium browser.
Upstream bug(s):
ht… | Apr 15, 2026 | Apr 15, 2026 |