Red Hat

1391 CVEs tracked in the last 90 days

1391 Total CVEs

9 Critical

325 High

831 Medium

226 Low

Severity Distribution

Critical 9 (0.6%)

High 325 (23.4%)

Medium 831 (59.7%)

Low 226 (16.2%)

Top Affected Products

Red Hat Enterprise Linux 10 861

Red Hat Enterprise Linux 8 850

Red Hat Enterprise Linux 7 836

Red Hat Enterprise Linux 6 834

Red Hat Enterprise Linux 9 805

Red Hat OpenShift Container Platform 4 106

Red Hat OpenShift AI (RHOAI) 98

Red Hat Enterprise Linux 10.0 Extended Update Support 82

Latest CVEs

CVE ID	Severity	CVSS	Description	Date
CVE-2025-57849	medium	6.4	A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /e…	Mar 13, 2026
CVE-2025-8766	high	6.4	A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. T…	Mar 13, 2026
CVE-2026-4105	medium	7.8	A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulner…	Mar 13, 2026
CVE-2026-32597	high	7.5	A missing verification step has been discovered in PyJWT. PyJWT does not validate the crit (Critical…	Mar 12, 2026
CVE-2026-2229	high	7.5	A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerab…	Mar 12, 2026
CVE-2026-1528	high	7.5	A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a speciall…	Mar 12, 2026
CVE-2026-1527	medium	6.5	A flaw was found in undici, a Node.js HTTP/1.1 client. This vulnerability allows a remote attacker t…	Mar 12, 2026
CVE-2026-2581	medium	5.9	A flaw was found in Undici. When the `interceptors.deduplicate()` feature is enabled, response data …	Mar 12, 2026
CVE-2026-1526	high	7.5	A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially …	Mar 12, 2026
CVE-2026-1525	medium	6.5	A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerab…	Mar 12, 2026
CVE-2026-32274	high	7.5	A user input sanitization flaw has been discovered in the Black python code formatter. Black writes …	Mar 12, 2026
CVE-2026-32237	medium	4.4	A data exposure flaw has been discovered in the @backstage/plugin-scaffolder-backend npm library. Au…	Mar 12, 2026
CVE-2026-32236	medium	0.0	A server side request forgery flaw has been discovered in the npm @backstage/plugin-auth-backend pac…	Mar 12, 2026
CVE-2026-32235	medium	5.9	An allowlist bypass flaw has been discovered in the npm @backstage/plugin-auth-backend package. Inst…	Mar 12, 2026
CVE-2026-3497	high	8.2	A flaw was found in the OpenSSH GSSAPI (Generic Security Service Application Program Interface) delt…	Mar 12, 2026
CVE-2026-32141	high	7.5	A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function …	Mar 12, 2026
CVE-2025-70873	low	3.3	A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile exte…	Mar 12, 2026
CVE-2026-3909	high	8.8	An out of bounds write flaw was found in the Skia component of the Chromium browser. Upstream bug(s)…	Mar 12, 2026
CVE-2026-3910	high	8.8	An inappropriate implementation flaw was found in the V8 component of the Chromium browser. Upstream…	Mar 12, 2026
CVE-2026-2808	medium	6.8	A flaw was found in HashiCorp Consul. When configured with Kubernetes authentication, a highly privi…	Mar 11, 2026
CVE-2026-31958	medium	5.3	A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a sp…	Mar 11, 2026
CVE-2026-3950	low	3.3	A flaw was found in libheif. A local attacker could exploit an out-of-bounds read vulnerability in t…	Mar 11, 2026
CVE-2026-3949	low	3.3	A flaw was found in libheif. This vulnerability allows a local attacker to trigger an out-of-bounds …	Mar 11, 2026
CVE-2026-31870	high	7.5	A flaw was found in cpp-httplib. A remote attacker, acting as a malicious server or through a man-in…	Mar 11, 2026
CVE-2026-30226	medium	5.9	A flaw was found in the Svelte devalue JavaScript library. A remote attacker could exploit a prototy…	Mar 11, 2026