| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5265 | Ovn: ovn: heap over-read in icmp error response generation - security issue | Red Hat | Fast Datapath for RHEL 7 | Medium | 6.5 | 2026-04-24 12:25:07 | Deep Dive |
| CVE-2026-5367 | Ovn: ovn: information disclosure via crafted dhcpv6 packets | Red Hat | Fast Datapath for RHEL 7 | High | 8.6 | 2026-04-24 12:25:05 | Deep Dive |
| CVE-2026-6732 | Libxml2: libxml2: denial of service via crafted xsd-validated document | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.5 | 2026-04-23 22:19:34 | Deep Dive |
| CVE-2026-2708 | Libsoup: libsoup: http request smuggling via duplicate content-length headers | Red Hat | Red Hat Enterprise Linux 10 | Low | 3.7 | 2026-04-23 21:51:23 | Deep Dive |
| CVE-2026-34003 | Xorg: xwayland: x.org x server: information exposure and denial of service via out-of-bounds memory access | Red Hat | Red Hat Enterprise Linux 10 | High | 7.8 | 2026-04-23 14:54:05 | Deep Dive |
| CVE-2026-34001 | Xorg: xwayland: x.org x server: use-after-free vulnerability leads to server crash and potential memory corruption | Red Hat | Red Hat Enterprise Linux 10 | High | 7.8 | 2026-04-23 14:54:00 | Deep Dive |
| CVE-2026-33999 | Xorg: xwayland: x.org x server: denial of service via integer underflow in xkb compatibility map handling | Red Hat | Red Hat Enterprise Linux 10 | High | 7.8 | 2026-04-23 14:53:59 | Deep Dive |
| CVE-2025-66286 | Webkitgtk: authorization bypass through webpage::send-request signal handler | Red Hat | Red Hat Enterprise Linux 6 | Medium | 4.7 | 2026-04-23 12:33:50 | Deep Dive |
| CVE-2025-13763 | Libopensc: opensc: multiple uses of uninitialized variable | OpenSC | OpenSC | Medium | 5.7 | 2026-04-23 12:27:42 | Deep Dive |
| CVE-2026-6862 | Efivar: efivar: denial of service due to stack overflow in device path node parsing | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-04-22 13:45:46 | Deep Dive |
| CVE-2026-6861 | Emacs: emacs: memory corruption vulnerability when processing svg css | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.1 | 2026-04-22 13:39:41 | Deep Dive |
| CVE-2026-6859 | Instructlab: instructlab: arbitrary code execution due to hardcoded `trust_remote_code=true` | Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 | High | 8.8 | 2026-04-22 13:04:05 | Deep Dive |
| CVE-2026-6857 | Camel-infinispan: camel-infinispan: remote code execution via unsafe deserialization | Red Hat | Red Hat build of Apache Camel 4 for Quarkus 3 | High | 7.5 | 2026-04-22 12:55:01 | Deep Dive |
| CVE-2026-6855 | Instructlab: instructlab: path traversal allows arbitrary directory creation and file write | Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 | High | 7.1 | 2026-04-22 12:29:45 | Deep Dive |
| CVE-2026-6848 | Quay: red hat quay: authentication bypass allows privileged actions without valid credentials | Red Hat | Red Hat Quay 3 | Medium | 5.4 | 2026-04-22 09:06:20 | Deep Dive |
| CVE-2026-6846 | Binutils: binutils: arbitrary code execution via malformed xcoff object file processing | Red Hat | Red Hat Enterprise Linux 10 | High | 7.8 | 2026-04-22 08:37:14 | Deep Dive |
| CVE-2026-6844 | Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-04-22 08:37:10 | Deep Dive |
| CVE-2026-6843 | Nano: nano: format string vulnerability leads to denial of service | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-04-22 08:30:05 | Deep Dive |
| CVE-2026-6845 | Binutils: binutils: denial of service via crafted elf file | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.0 | 2026-04-22 07:54:19 | Deep Dive |
| CVE-2026-6842 | Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions | Red Hat | Red Hat Enterprise Linux 10 | Low | 2.5 | 2026-04-22 07:34:26 | Deep Dive |