| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-14969 | Hibernate-reactive-core: hibernate reactive: denial of service due to connection leak on http client disconnect | Red Hat | Red Hat build of Quarkus 3.27.2 | Medium | 4.3 | 2026-01-26 19:36:40 | Deep Dive |
| CVE-2025-14459 | Virt-cdi-controller: unauthorized pvc cloning via dataimportcron | Red Hat | RHEL-9-CNV-4.19 | High | 8.5 | 2026-01-26 19:36:30 | Deep Dive |
| CVE-2025-11065 | Github.com/go-viper/mapstructure/v2: go-viper's mapstructure may leak sensitive information in logs in github.com/go-viper/mapstructure | - | - | Medium | 5.3 | 2026-01-26 19:36:29 | Deep Dive |
| CVE-2026-0603 | Org.hibernate/hibernate-core: hibernate: information disclosure and data deletion via second-order sql injection | - | - | High | 8.3 | 2026-01-23 06:31:39 | Deep Dive |
| CVE-2026-0992 | Libxml2: libxml2: denial of service via crafted xml catalogs | Red Hat | Red Hat Hardened Images | Low | 2.9 | 2026-01-15 14:20:25 | Deep Dive |
| CVE-2026-0989 | Libxml2: unbounded relaxng include recursion leading to stack overflow | Red Hat | Red Hat Hardened Images | Low | 3.7 | 2026-01-15 14:20:23 | Deep Dive |
| CVE-2026-0990 | Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing | Red Hat | Red Hat Hardened Images | Medium | 5.9 | 2026-01-15 14:20:07 | Deep Dive |
| CVE-2025-12548 | Github.com/che-incubator/che-code: eclipse che — unauthenticated rce and secret exfiltration via tcp/3333 | Red Hat | Red Hat OpenShift Dev Spaces (RHOSDS) 3.22 | Critical | 9.0 | 2026-01-13 15:35:01 | Deep Dive |
| CVE-2026-0719 | Libsoup: signed to unsigned conversion error leading to stack-based buffer overflow in libsoup ntlm authentication | Red Hat | Red Hat Enterprise Linux 10 | High | 8.6 | 2026-01-08 12:38:31 | Deep Dive |
| CVE-2025-14946 | Libnbd: libnbd: arbitrary code execution via ssh argument injection through a malicious uri | Red Hat | libnbd | Medium | 4.8 | 2025-12-19 13:02:38 | Deep Dive |
| CVE-2025-14443 | Ose-openshift-apiserver: openshift api server: server-side request forgery (ssrf) vulnerability in imagestreamimport mechanism | Red Hat | Red Hat OpenShift Container Platform 4 | Medium | 6.4 | 2025-12-16 12:14:48 | Deep Dive |
| CVE-2025-13888 | Openshift-gitops-operator: openshift gitops: namespace admin cluster takeover via privileged jobs | redhat-developer | gitops-operator | Critical | 9.1 | 2025-12-15 15:36:49 | Deep Dive |
| CVE-2025-14512 | Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow | GNOME | glib | Medium | 6.5 | 2025-12-11 07:11:02 | Deep Dive |
| CVE-2025-14104 | Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames | util-linux | util-linux | Medium | 6.1 | 2025-12-05 16:22:09 | Deep Dive |
| CVE-2024-3884 | Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded | Red Hat | Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 | High | 7.5 | 2025-12-03 18:40:26 | Deep Dive |
| CVE-2025-57850 | Codeready-ws: privilege escalation via excessive /etc/passwd permissions | Red Hat | Red Hat OpenShift Dev Spaces | Medium | 6.4 | 2025-12-02 18:53:36 | Deep Dive |
| CVE-2025-13601 | Glib: integer overflow in in g_escape_uri_string() | - | - | High | 7.7 | 2025-11-26 14:44:23 | Deep Dive |
| CVE-2025-54770 | Grub2: use-after-free in net_set_vlan | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:30:10 | Deep Dive |
| CVE-2025-61664 | Grub2: missing unregister call for normal_exit command may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:55 | Deep Dive |
| CVE-2025-61663 | Grub2: missing unregister call for normal commands may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:53 | Deep Dive |