| | CVE-2026-34352 | Red Hat | medium | 6.3 | 0.0%
| ✓ Fix | In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the … | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-28377 | Grafana | high | 7.5 | 0.2%
| | A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /statu… | Mar 26, 2026 | Jun 17, 2026 |
| | CVE-2026-33672 | Red Hat | medium | 5.3 | 0.1%
| | Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulner… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33671 | Red Hat | medium | 6.5 | 0.0%
| | Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulner… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-1556 | Red Hat | high | 7.7 | — | | A flaw was found in Drupal File (Field) Paths. This information disclosure vulnerability allows auth… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-3650 | Red Hat | medium | 6.5 | — | | A flaw was found in the Grassroots DICOM library (GDCM). This memory leak vulnerability occurs when … | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33658 | Red Hat | medium | 7.5 | 0.0%
| | Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-21724 | Grafana | medium | 5.4 | 0.2%
| | A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning… | Mar 26, 2026 | Jun 17, 2026 |
| | CVE-2026-33375 | Grafana | medium | 6.5 | 0.4%
| | The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer… | Mar 26, 2026 | Jun 17, 2026 |
| | CVE-2026-33536 | Red Hat | medium | 5.0 | 0.0%
| | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33535 | Red Hat | low | 4.0 | 0.0%
| | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33532 | Red Hat | medium | 6.5 | 0.0%
| | `yaml` is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of `ya… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-32287 | Red Hat | medium | 6.2 | 0.0%
| ✓ Fix | Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, l… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-32285 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | The Delete function fails to properly validate offsets when processing malformed JSON input. This ca… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-32286 | Red Hat | high | 7.5 | 0.1%
| ✓ Fix | The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised Pos… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-32284 | Red Hat | medium | 5.9 | 0.1%
| | The msgpack decoder fails to properly validate the input buffer length when processing truncated fix… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-4923 | Red Hat | medium | 5.9 | 0.0%
| | Impact:
When using multiple wildcards, combined with at least one parameter, a regular expression ca… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-4926 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | Impact:
A bad regular expression is generated any time you have multiple sequential optional groups … | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33490 | Red Hat | medium | 6.5 | — | | A flaw was found in H3, a minimal HTTP framework. The `mount()` method, responsible for routing requ… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33487 | Red Hat | high | 7.5 | 0.0%
| ✓ Fix | goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the `validateSig… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33636 | Red Hat | medium | 7.6 | 0.0%
| ✓ Fix | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33416 | Red Hat | medium | 7.5 | 0.0%
| ✓ Fix | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-4867 | Red Hat | medium | 5.3 | 0.0%
| | Impact:
A bad regular expression is generated any time you have three or more parameters within a si… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33413 | Red Hat | medium | 7.7 | — | | A flaw was found in etcd, a distributed key-value store. Unauthorized users can bypass authenticatio… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33343 | Red Hat | medium | 6.5 | 0.0%
| | etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-4897 | Red Hat | medium | 5.5 | — | | A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessiv… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-1961 | Red Hat | high | 8.0 | — | ✓ Fix | A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Fo… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-4887 | Red Hat | medium | 6.1 | — | | A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an of… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-23397 | Red Hat | medium | 4.4 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
nfnetlink_osf: validate individu… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-4874 | Red Hat | low | 3.1 | 0.0%
| | A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSR… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33526 | Red Hat | high | 7.5 | 2.0%
| | A flaw was found in Squid. A remote attacker can exploit a heap Use-After-Free vulnerability when ha… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33515 | Red Hat | medium | 5.3 | 1.0%
| | A flaw was found in Squid, a caching proxy for the Web. Due to improper input validation, Squid is v… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-32748 | Red Hat | high | 7.5 | 1.8%
| | A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially cra… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-29976 | Red Hat | low | 2.8 | — | | A flaw was found in ZerBea hcxpcapngtool. A local attacker can exploit a buffer overflow vulnerabili… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-23396 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix NULL deref i… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-23398 | Red Hat | medium | 6.2 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
icmp: fix NULL pointer dereferen… | Mar 26, 2026 | Mar 26, 2026 |
| | CVE-2026-33249 | Red Hat | medium | 6.4 | 0.0%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Star… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33223 | Red Hat | medium | 6.4 | 0.0%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prio… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33248 | Red Hat | medium | 4.8 | 0.0%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prio… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33222 | Red Hat | medium | 4.9 | 0.0%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prio… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33247 | Red Hat | high | 7.5 | 0.0%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prio… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33219 | Red Hat | high | 7.5 | 0.1%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prio… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33218 | Red Hat | high | 7.5 | 0.1%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prio… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33246 | Red Hat | medium | 6.4 | 0.0%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The … | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33217 | Red Hat | high | 8.1 | 0.0%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prio… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33216 | Red Hat | high | 8.6 | 0.0%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prio… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-29785 | Red Hat | high | 7.5 | 0.1%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prio… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-27889 | Red Hat | high | 7.5 | 0.1%
| | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Star… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-33809 | Red Hat | medium | 6.5 | 0.0%
| | A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, c… | Mar 25, 2026 | Mar 25, 2026 |
| | CVE-2026-1001 | Red Hat | low | 4.8 | 0.1%
| | Domoticz versions prior to 2026.1 contain a stored cross-site scripting vulnerability in the Add Har… | Mar 25, 2026 | Mar 25, 2026 |