| | CVE-2026-0908 |  Red Hat | low | — | 0.1%
| | Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potenti… | Jan 13, 2026 | Jan 13, 2026 |
| | CVE-2024-58340 | Red Hat | medium | 5.3 | 0.1%
| | LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service (ReDoS) … | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2025-15514 | Red Hat | high | 7.5 | 0.1%
| | Ollama 0.11.5-rc0 through current version 0.13.5 contain a null pointer dereference vulnerability in… | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2026-22801 | Red Hat | medium | 6.6 | 0.0%
| ✓ Fix | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl… | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2026-22695 | Red Hat | medium | 6.1 | 0.0%
| ✓ Fix | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl… | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2026-22772 | Red Hat | medium | 5.8 | 0.0%
| ✓ Fix | Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect (OIDC)… | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2026-22776 | Red Hat | high | 7.5 | 0.1%
| | cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0… | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2026-22771 | Red Hat | high | 8.8 | 0.0%
| | Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based… | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2025-68471 | Red Hat | medium | 6.5 | 0.0%
| | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protoco… | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2025-68468 | Red Hat | medium | 6.5 | 0.0%
| | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protoco… | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2025-68276 | Red Hat | medium | 5.5 | 0.0%
| | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protoco… | Jan 12, 2026 | Jan 12, 2026 |
| | CVE-2025-68493 | Red Hat | high | 7.1 | 0.0%
| | Missing XML Validation vulnerability in Apache Struts, Apache Struts.
This issue affects Apache Stru… | Jan 11, 2026 | Jan 11, 2026 |
| | CVE-2026-0824 | Red Hat | medium | 3.5 | 0.1%
| | A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of t… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-0822 | Red Hat | high | 6.3 | 0.1%
| | A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function j… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-0821 | Red Hat | high | 7.3 | 0.1%
| | A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the fu… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22773 | Red Hat | medium | 6.5 | 0.0%
| ✓ Fix | vLLM is an inference and serving engine for large language models (LLMs). In versions from 0.6.4 to … | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22699 |  Check Point | high | 7.5 | 0.2%
| | RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography (ECC) support, including … | Jan 10, 2026 | Jan 22, 2026 |
| | CVE-2026-22703 | Red Hat | medium | 5.5 | 0.0%
| | Cosign provides code signing and transparency for containers and binaries. Prior to versions 2.6.2 a… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22702 | Red Hat | medium | 4.5 | 0.0%
| | virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TO… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22701 | Red Hat | medium | 5.3 | 0.0%
| | filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race cond… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22693 | Red Hat | medium | 5.3 | 0.1%
| | HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22691 | Red Hat | medium | 6.5 | 0.0%
| | pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible … | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22690 | Red Hat | medium | 6.5 | 0.0%
| | pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible … | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22610 | Red Hat | medium | 7.3 | 0.0%
| | Angular is a development platform for building mobile and desktop web applications using TypeScript/… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22030 | Red Hat | medium | 6.5 | 0.0%
| | React Router is a router for React. In @remix-run/server-runtime version prior to 2.17.3. and react-… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-22029 | Red Hat | high | 8.0 | 0.0%
| ✓ Fix | React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2026-21884 | Red Hat | high | 8.2 | 0.0%
| ✓ Fix | React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2025-61686 | Red Hat | critical | 9.1 | 0.0%
| | React Router is a router for React. In @react-router/node versions 7.0.0 through 7.9.3, @remix-run/d… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2025-59057 | Red Hat | high | 7.6 | 0.0%
| ✓ Fix | React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. and react-ro… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2025-68470 | Red Hat | medium | 6.5 | 0.0%
| | React Router is a router for React. In versions 6.0.0 through 6.30.1 and 7.0.0 through 7.9.5, an att… | Jan 10, 2026 | Jan 10, 2026 |
| | CVE-2025-9222 | Red Hat | high | 8.7 | 0.0%
| | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2.2 before 18.5.5, 18.… | Jan 9, 2026 | Jan 9, 2026 |
| | CVE-2025-13772 | Red Hat | high | 7.1 | 0.0%
| | GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.5.5, 18.6 bef… | Jan 9, 2026 | Jan 9, 2026 |
| | CVE-2025-13761 | Red Hat | high | 8.0 | 0.0%
| | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.3, and 1… | Jan 9, 2026 | Jan 9, 2026 |
| | CVE-2025-70974 | Red Hat | critical | 10.0 | 0.0%
| | Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the… | Jan 9, 2026 | Jan 9, 2026 |
| | CVE-2025-14525 | Red Hat | medium | 6.4 | 0.0%
| | A flaw was found in kubevirt. A user within a virtual machine (VM), if the guest agent is active, ca… | Jan 9, 2026 | Jan 9, 2026 |
| | CVE-2026-0665 | Red Hat | medium | 6.5 | 0.0%
| | An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw… | Jan 9, 2026 | Jan 9, 2026 |
| | CVE-2025-14505 | Red Hat | medium | 5.6 | 0.0%
| | The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value … | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2025-68158 | Red Hat | medium | 5.7 | 0.0%
| | Authlib is a Python library which builds OAuth and OpenID Connect servers. In version 1.6.5 and prio… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2025-59470 |  Veeam | critical | 9.0 | 0.2%
| | This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres u… | Jan 8, 2026 | Jan 14, 2026 |
| | CVE-2025-59469 | Veeam | critical | 9.0 | 0.0%
| | This vulnerability allows a Backup or Tape Operator to write files as root. | Jan 8, 2026 | Jan 14, 2026 |
| | CVE-2025-59468 | Veeam | critical | 9.0 | 0.1%
| | This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postg… | Jan 8, 2026 | Jan 14, 2026 |
| | CVE-2025-55125 | Veeam | high | 7.8 | 0.1%
| | This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root b… | Jan 8, 2026 | Jan 12, 2026 |
| | CVE-2025-68151 | Red Hat | medium | 5.3 | 0.1%
| | CoreDNS is a DNS server that chains plugins. Prior to version 1.14.0, multiple CoreDNS server implem… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2025-67858 | Red Hat | high | 7.8 | 0.0%
| | A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity los… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2025-67603 | Red Hat | medium | 7.3 | 0.0%
| | A Improper Authorization vulnerability in Foomuuri llows arbitrary users to influence the firewall c… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2026-22028 | Red Hat | medium | 6.1 | 0.1%
| | Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DO… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2026-21895 | Red Hat | low | 5.5 | 0.0%
| | The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a R… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2025-14459 | Red Hat | high | 8.5 | 0.0%
| ✓ Fix | A flaw was found in KubeVirt Containerized Data Importer (CDI). This vulnerability allows a user to … | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2025-14017 | Red Hat | medium | 4.8 | 0.0%
| | When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl,
changing TLS options in one … | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2026-21883 | Red Hat | medium | 5.4 | 0.0%
| | Bokeh is an interactive visualization library written in Python. In versions 3.8.1 and below, if a s… | Jan 8, 2026 | Jan 8, 2026 |