| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-6395 | Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite() | - | - | Medium | 6.5 | 2025-07-10 15:20:46 | Deep Dive |
| CVE-2025-7365 | Keycloak: phishing attack via email verification step in first login flow | - | - | High | 7.1 | 2025-07-10 14:20:46 | Deep Dive |
| CVE-2025-7424 | Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes | GNOME | libxslt | High | 7.5 | 2025-07-10 14:05:42 | Deep Dive |
| CVE-2025-7425 | Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr | GNOME | libxml2 | High | 7.8 | 2025-07-10 13:53:37 | Deep Dive |
| CVE-2025-32990 | Gnutls: vulnerability in gnutls certtool template parsing | - | - | Medium | 6.5 | 2025-07-10 09:41:46 | Deep Dive |
| CVE-2025-32989 | Gnutls: vulnerability in gnutls sct extension parsing | - | - | Medium | 5.3 | 2025-07-10 08:05:26 | Deep Dive |
| CVE-2025-32988 | Gnutls: vulnerability in gnutls othername san export | - | - | Medium | 6.5 | 2025-07-10 08:04:58 | Deep Dive |
| CVE-2025-7345 | Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf | - | - | High | 7.5 | 2025-07-08 13:39:08 | Deep Dive |
| CVE-2025-5987 | Libssh: invalid return code for chacha20 poly1305 with openssl backend | - | - | High | 8.1 | 2025-07-07 14:24:13 | Deep Dive |
| CVE-2024-9453 | Jenkins-image: sensitive data disclosure when using openshift jenkins image | Jenkins | openshift-sync-plugin | Medium | 6.5 | 2025-07-04 08:36:35 | Deep Dive |
| CVE-2025-5351 | Libssh: double free vulnerability in libssh key export functions | libssh | libssh | Medium | 6.5 | 2025-07-04 08:16:47 | Deep Dive |
| CVE-2025-5372 | Libssh: incorrect return code handling in ssh_kdf() in libssh | libssh | libssh | Medium | 5.0 | 2025-07-04 06:01:28 | Deep Dive |
| CVE-2025-6017 | Rhacm: users with clusterreader role can see credentials from managed-clusters | - | - | Medium | 5.5 | 2025-07-02 06:36:47 | Deep Dive |
| CVE-2025-6920 | Ai-inference-server: authentication bypass via unprotected inference endpoint in api | Red Hat | Red Hat AI Inference Server | Medium | 5.3 | 2025-07-01 13:16:17 | Deep Dive |
| CVE-2025-49520 | Event-driven-ansible: authenticated argument injection in git url in eda project creation | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | High | 8.8 | 2025-06-30 20:45:29 | Deep Dive |
| CVE-2025-49521 | Event-driven-ansible: template injection via git branch and refspec in eda projects | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | High | 8.8 | 2025-06-30 20:45:13 | Deep Dive |
| CVE-2025-5731 | Infinispan: credential leakage in infinispan cli | Red Hat | infinispan | Medium | 5.5 | 2025-06-26 21:29:00 | Deep Dive |
| CVE-2025-5318 | Libssh: out-of-bounds read in sftp_handle() | - | - | High | 8.1 | 2025-06-24 14:10:07 | Deep Dive |
| CVE-2025-6032 | Podman: podman missing tls verification | - | - | High | 8.3 | 2025-06-24 13:50:48 | Deep Dive |
| CVE-2025-5416 | Keycloak-core: keycloak environment information | Red Hat | Red Hat Build of Keycloak | Low | 2.7 | 2025-06-20 16:04:06 | Deep Dive |