| | CVE-2025-66560 |  Red Hat | medium | 5.9 | 0.0%
| ✓ Fix | Quarkus is a Cloud Native, (Linux) Container First framework for writing Java applications. Prior to… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2026-0716 | Red Hat | medium | 4.8 | 0.1%
| | A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages. If a non-d… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2026-0719 | Red Hat | high | 8.6 | 0.1%
| ✓ Fix | A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2025-50334 | Red Hat | high | 7.5 | 0.1%
| | An issue in Technitium DNS Server v.13.5 allows a remote attacker to cause a denial of service via t… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2025-65518 | Red Hat | high | 7.5 | 0.0%
| | Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable to a Denial of Service (DoS) condition.… | Jan 8, 2026 | Jan 8, 2026 |
| | CVE-2026-21869 | Red Hat | high | 8.1 | 0.3%
| | llama.cpp is an inference of several LLM models in C/C++. In commits 55d4206c8 and prior, the n_disc… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2025-62224 |  Microsoft | medium | 5.5 | 0.1%
| | User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows a… | Jan 7, 2026 | Feb 2, 2026 |
| | CVE-2026-21441 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient … | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2025-69264 | Red Hat | high | 8.8 | 0.1%
| | pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute ar… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2025-69263 | Red Hat | high | 7.5 | 0.0%
| | pnpm is a package manager. Versions 10.26.2 and below store HTTP tarball dependencies (and git-hoste… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2025-13151 | Red Hat | low | 5.9 | 0.1%
| | Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2026-22185 | Red Hat | medium | 6.8 | 0.0%
| | OpenLDAP Lightning Memory-Mapped Database (LMDB) versions up to and including 0.9.14, prior to commi… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2026-22184 | Red Hat | high | 8.6 | 0.0%
| | zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility loca… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2025-69262 | Red Hat | medium | 7.5 | 0.1%
| | pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability wh… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2026-0669 | Red Hat | medium | 6.5 | 0.1%
| | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wiki… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2026-0668 | Red Hat | medium | 6.5 | 0.1%
| | Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki - VisualDa… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2026-20029 |  Cisco | medium | 4.9 | 0.0%
| | A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco ISE… | Jan 7, 2026 | Jan 8, 2026 |
| | CVE-2026-20027 | Cisco | medium | 5.3 | 0.0%
| | Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that c… | Jan 7, 2026 | Jan 8, 2026 |
| | CVE-2026-20026 | Cisco | medium | 5.8 | 0.1%
| | Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests t… | Jan 7, 2026 | Jan 8, 2026 |
| | CVE-2025-67366 |  Check Point | high | 7.5 | 0.1%
| | @sylphxltd/filesystem-mcp v0.5.8 is an MCP server that provides file content reading functionality. … | Jan 7, 2026 | Jan 29, 2026 |
| | CVE-2025-67364 | Check Point | high | 7.5 | 0.0%
| | fast-filesystem-mcp version 3.4.0 contains a critical path traversal vulnerability in its file opera… | Jan 7, 2026 | Jan 29, 2026 |
| | CVE-2025-12543 |  Apache | critical | 9.6 | 0.0%
| | A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Ja… | Jan 7, 2026 | Apr 29, 2026 |
| | CVE-2025-9611 | Microsoft | medium | — | 0.3%
| | Microsoft Playwright MCP Server versions prior to 0.0.40 fails to validate the Origin header on inco… | Jan 7, 2026 | Jan 8, 2026 |
| | CVE-2026-25211 | Red Hat | low | 3.8 | 0.0%
| | Llama Stack (aka llama-stack) before 0.4.0rc3 does not censor the pgvector password in the initializ… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2026-0707 | Red Hat | medium | 5.3 | 0.0%
| ✓ Fix | A flaw was found in Keycloak. The Keycloak Authorization header parser is overly permissive regardin… | Jan 7, 2026 | Jan 7, 2026 |
| | CVE-2025-13812 | Check Point | medium | 4.3 | 0.0%
| | The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plug… | Jan 6, 2026 | Jan 8, 2026 |
| | CVE-2025-15444 | Red Hat | medium | 6.8 | 0.0%
| | Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libso… | Jan 6, 2026 | Jan 6, 2026 |
| | CVE-2025-69230 | Red Hat | low | 5.4 | 0.0%
| | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 a… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-69229 | Red Hat | medium | 5.8 | 0.1%
| | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 a… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-69228 | Red Hat | medium | 6.8 | 0.1%
| ✓ Fix | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and … | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-69227 | Red Hat | medium | 7.5 | 0.1%
| ✓ Fix | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and … | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-69225 | Red Hat | low | 5.4 | 0.0%
| | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and … | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-69226 | Red Hat | medium | 5.3 | 0.1%
| | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and … | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-69224 | Red Hat | medium | 5.4 | 0.0%
| | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and … | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-69223 | Red Hat | high | 7.5 | 0.1%
| ✓ Fix | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and … | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68428 | Red Hat | high | 8.6 | 0.0%
| ✓ Fix | jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-66648 | Red Hat | high | 7.2 | 0.1%
| | vega-functions provides function implementations for the Vega expression language. Prior to version … | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-65110 | Red Hat | high | 8.1 | 0.1%
| | Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive … | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68760 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: Fix potential out-of-… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68766 | Red Hat | medium | — | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
irqchip/mchp-eic: Fix error code… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68754 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
rtc: amlogic-a4: fix double free… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68761 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
hfs: fix potential use after fre… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68753 | Red Hat | low | 5.5 | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
ALSA: firewire-motu: add bounds … | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68756 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
block: Use RCU in blk_mq_[un]qui… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68765 | Red Hat | medium | — | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
mt76: mt7615: Fix memory leak in… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68755 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
staging: most: remove broken i2c… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68751 | Red Hat | low | 3.3 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
s390/fpu: Fix false-positive kms… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68764 | Red Hat | medium | 6.1 | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
NFS: Automounted filesystems sho… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68759 | Red Hat | medium | — | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
wifi: rtl818x: Fix potential mem… | Jan 5, 2026 | Jan 5, 2026 |
| | CVE-2025-68763 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
crypto: starfive - Correctly han… | Jan 5, 2026 | Jan 5, 2026 |