| CVE-2026-5121 | Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing | Red Hat | Red Hat Enterprise Linux 7 Extended Lifecycle Support | High | 7.5 | 2026-03-30 07:47:29 | Deep Dive |
| CVE-2026-28369 | Undertow: undertow: request smuggling via malformed http request headers | Red Hat | Red Hat build of Apache Camel for Spring Boot 4 | High | 8.7 | 2026-03-27 16:13:06 | Deep Dive |
| CVE-2026-28367 | Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator | Red Hat | Red Hat build of Apache Camel for Spring Boot 4 | High | 8.7 | 2026-03-27 16:13:05 | Deep Dive |
| CVE-2026-28368 | Undertow: undertow: request smuggling via inconsistent header parsing | Red Hat | Red Hat build of Apache Camel for Spring Boot 4 | High | 8.7 | 2026-03-27 16:13:04 | Deep Dive |
| CVE-2026-4948 | Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-03-27 05:30:24 | Deep Dive |
| CVE-2026-0965 | Libssh: libssh: denial of service via improper configuration file handling | Red Hat | Red Hat Enterprise Linux 10 | 低危 | - | 2026-03-26 20:06:33 | Deep Dive |
| CVE-2026-0967 | Libssh: libssh: denial of service via inefficient regular expression processing | Red Hat | Red Hat Enterprise Linux 10 | 低危 | - | 2026-03-26 20:06:31 | Deep Dive |
| CVE-2026-0968 | Libssh: libssh: denial of service due to malformed sftp message | Red Hat | Red Hat Enterprise Linux 10 | Low | 3.1 | 2026-03-26 20:06:30 | Deep Dive |
| CVE-2026-0964 | Libssh: improper sanitation of paths received from scp servers | Red Hat | Red Hat Enterprise Linux 10 | 中危 | - | 2026-03-26 20:06:29 | Deep Dive |
| CVE-2026-0966 | Libssh: buffer underflow in ssh_get_hexa() on invalid input | Red Hat | Red Hat Hardened Images | - | - | 2026-03-26 20:06:28 | Deep Dive |
| CVE-2026-2100 | P11-kit: null dereference via c_derivekey with specific null parameters | Red Hat | Red Hat Hardened Images | Medium | 5.3 | 2026-03-26 20:01:46 | Deep Dive |
| CVE-2026-3121 | Keycloak: org.keycloak/keycloak-services: keycloak: privilege escalation via manage-clients permission | Red Hat | Red Hat build of Keycloak 26.4 | Medium | 6.5 | 2026-03-26 19:13:26 | Deep Dive |
| CVE-2026-4897 | Polkit: polkit: denial of service via unbounded input processing through standard input | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-03-26 14:56:06 | Deep Dive |
| CVE-2026-4874 | Org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: keycloak: server-side request forgery via oidc token endpoint manipulation | Red Hat | Red Hat Build of Keycloak | Low | 3.1 | 2026-03-26 07:12:38 | Deep Dive |
| CVE-2026-3260 | Undertow: undertow: denial of service due to premature multipart/form-data parsing in get requests | Red Hat | Red Hat build of Apache Camel for Spring Boot 4 | Medium | 5.9 | 2026-03-24 04:11:16 | Deep Dive |
| CVE-2026-4647 | Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.1 | 2026-03-23 13:37:44 | Deep Dive |
| CVE-2026-4585 | Tiandy Easy7 Integrated Management Platform Configuration ImportSystemConfiguration.jsp os command injection | Tiandy | Easy7 Integrated Management Platform | Critical | 9.8 | 2026-03-23 11:15:06 | Deep Dive |
| CVE-2026-4628 | Keycloak: org.keycloak.authorization: keycloak: unauthorized resource modification due to improper access control | Red Hat | Red Hat Build of Keycloak | Medium | 4.3 | 2026-03-23 08:09:22 | Deep Dive |
| CVE-2026-4536 | Acrel Environmental Monitoring Cloud Platform unrestricted upload | Acrel | Environmental Monitoring Cloud Platform | High | 7.3 | 2026-03-22 04:02:11 | Deep Dive |
| CVE-2026-4426 | Libarchive: libarchive: denial of service via malformed iso file processing | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.5 | 2026-03-19 13:53:39 | Deep Dive |