| CVE-2026-4271 | Libsoup: libsoup: denial of service via use-after-free in http/2 server | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.3 | 2026-03-17 11:14:21 | Deep Dive |
| CVE-2026-3634 | Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header | Red Hat | Red Hat Enterprise Linux 10 | Low | 3.9 | 2026-03-17 09:44:20 | Deep Dive |
| CVE-2026-3632 | Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames | Red Hat | Red Hat Enterprise Linux 10 | Low | 3.9 | 2026-03-17 09:44:20 | Deep Dive |
| CVE-2026-3633 | Libsoup: libsoup: header and http request injection via crlf injection | Red Hat | Red Hat Enterprise Linux 10 | Low | 3.9 | 2026-03-17 09:44:20 | Deep Dive |
| CVE-2026-3441 | Binutils: gnu binutils: information disclosure via specially crafted xcoff object file | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.1 | 2026-03-15 00:19:08 | Deep Dive |
| CVE-2026-3442 | Binutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linker | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.1 | 2026-03-15 00:19:03 | Deep Dive |
| CVE-2026-4111 | Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive | Red Hat | Red Hat Enterprise Linux 10 | High | 7.5 | 2026-03-13 11:45:21 | Deep Dive |
| CVE-2026-4105 | Systemd: systemd: privilege escalation via improper access control in registermachine d-bus method | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.7 | 2026-03-13 08:52:08 | Deep Dive |
| CVE-2025-57849 | Fuse: privilege escalation via excessive /etc/passwd permissions | Red Hat | Red Hat Fuse 7 | Medium | 6.4 | 2026-03-13 03:08:33 | Deep Dive |
| CVE-2025-8766 | Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container | Red Hat | Red Hat Openshift Data Foundation 4 | Medium | 6.4 | 2026-03-13 02:48:20 | Deep Dive |
| CVE-2026-2376 | Mirror-registry: quay: quay: server-side request forgery via open redirect vulnerability in web interface | Red Hat | mirror registry for Red Hat OpenShift | Medium | 4.9 | 2026-03-12 19:11:17 | Deep Dive |
| CVE-2026-3099 | Libsoup: libsoup: authentication bypass via digest authentication replay attack | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.8 | 2026-03-12 13:53:49 | Deep Dive |
| CVE-2026-2366 | Keycloak: keycloak: information disclosure via authorization bypass in admin api | Red Hat | Red Hat build of Keycloak 26.4 | Low | 3.1 | 2026-03-12 10:54:32 | Deep Dive |
| CVE-2026-3234 | Mod_proxy_cluster: mod_proxy_cluster: response body corruption via crlf injection | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.3 | 2026-03-12 10:54:25 | Deep Dive |
| CVE-2026-3429 | Org.keycloak.services.resources.account: improper access control leading to mfa deletion and account takeover in keycloak account rest api | Red Hat | Red Hat build of Keycloak 26.4 | Medium | 4.2 | 2026-03-11 16:17:24 | Deep Dive |
| CVE-2026-3911 | Org.keycloak.services.resources.admin.userresource: keycloak: information disclosure of disabled user attributes via administrative endpoint | Red Hat | Red Hat build of Keycloak 26.4 | Low | 2.7 | 2026-03-11 05:36:44 | Deep Dive |
| CVE-2026-3047 | Org.keycloak.broker.saml: keycloak saml broker: authentication bypass due to disabled saml client completing idp-initiated login | Red Hat | Red Hat build of Keycloak 26.2 | High | 8.8 | 2026-03-05 18:28:36 | Deep Dive |
| CVE-2026-3009 | Org.keycloak/keycloak-services: improper enforcement of disabled identity provider in identitybrokerservice (authentication bypass) | Red Hat | Red Hat build of Keycloak 26.4 | High | 8.1 | 2026-03-05 18:27:43 | Deep Dive |
| CVE-2025-12801 | Nfs-utils: rpc.mountd in the nfs-utils privilege escalation | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.5 | 2026-03-04 15:25:53 | Deep Dive |
| CVE-2025-10990 | Rexml: rexml: denial of service via inefficient regex parsing | - | - | High | 7.5 | 2026-02-27 13:32:02 | Deep Dive |