| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5367 | Ovn: ovn: information disclosure via crafted dhcpv6 packets | Red Hat | Fast Datapath for RHEL 7 | High | 8.6 | 2026-04-24 12:25:05 | Deep Dive |
| CVE-2026-6732 | Libxml2: libxml2: denial of service via crafted xsd-validated document | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.5 | 2026-04-23 22:19:34 | Deep Dive |
| CVE-2026-6862 | Efivar: efivar: denial of service due to stack overflow in device path node parsing | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-04-22 13:45:46 | Deep Dive |
| CVE-2026-6857 | Camel-infinispan: camel-infinispan: remote code execution via unsafe deserialization | Red Hat | Red Hat build of Apache Camel 4 for Quarkus 3 | High | 7.5 | 2026-04-22 12:55:01 | Deep Dive |
| CVE-2026-6846 | Binutils: binutils: arbitrary code execution via malformed xcoff object file processing | Red Hat | Red Hat Enterprise Linux 10 | High | 7.8 | 2026-04-22 08:37:14 | Deep Dive |
| CVE-2026-6844 | Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-04-22 08:37:10 | Deep Dive |
| CVE-2026-6843 | Nano: nano: format string vulnerability leads to denial of service | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-04-22 08:30:05 | Deep Dive |
| CVE-2026-6845 | Binutils: binutils: denial of service via crafted elf file | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.0 | 2026-04-22 07:54:19 | Deep Dive |
| CVE-2026-6842 | Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions | Red Hat | Red Hat Enterprise Linux 10 | Low | 2.5 | 2026-04-22 07:34:26 | Deep Dive |
| CVE-2026-34279 | Oracle Enterprise Manager Base Platform 安全漏洞 | Oracle Corporation | Oracle Enterprise Manager Base Platform | Critical | 9.1 | 2026-04-21 20:35:20 | Deep Dive |
| CVE-2026-24468 | OpenAEV Vulnerable to Username/Email Enumeration Through Differential HTTP Responses in Password Reset API | OpenAEV-Platform | openaev | Medium | 5.3 | 2026-04-20 15:45:49 | Deep Dive |
| CVE-2026-24467 | OpenAEV's Improper Password Reset Token Management Leads to Unauthenticated Account Takeover and Platform Compromise | OpenAEV-Platform | openaev | Critical | 9.0 | 2026-04-20 15:40:56 | Deep Dive |
| CVE-2026-40324 | Hot Chocolate's Utf8GraphQLParser has Stack Overflow via Deeply Nested GraphQL Documents | ChilliCream | graphql-platform | Critical | 9.1 | 2026-04-17 23:05:26 | Deep Dive |
| CVE-2026-40321 | DotNetNuke.Core has stored cross-site-scripting (XSS) via SVG upload | dnnsoftware | Dnn.Platform | High | 8.0 | 2026-04-17 21:10:33 | Deep Dive |
| CVE-2026-40306 | DNN has same HostGUID for all new installs | dnnsoftware | Dnn.Platform | - | - | 2026-04-17 21:09:30 | Deep Dive |
| CVE-2026-40305 | DNN has Force Friend Request Acceptance | dnnsoftware | Dnn.Platform | Medium | 4.3 | 2026-04-17 21:06:09 | Deep Dive |
| CVE-2026-6507 | Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing | Red Hat | Red Hat Enterprise Linux 10 | High | 7.5 | 2026-04-17 12:23:32 | Deep Dive |
| CVE-2026-6494 | Aap-mcp-server: aap mcp server: log injection allows social engineering attacks via unsanitized input | Red Hat | Red Hat Ansible Automation Platform 2 | Medium | 5.3 | 2026-04-17 08:18:51 | Deep Dive |
| CVE-2026-34164 | Valtimo: Sensitive data exposure through inbox message logging in InboxHandlingService | valtimo-platform | valtimo | Medium | 4.9 | 2026-04-16 21:17:35 | Deep Dive |
| CVE-2026-6245 | Sssd: out-of-bounds read in the sssd | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-04-15 18:35:19 | Deep Dive |