| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-12150 | Org.keycloak/keycloak-services: webauthn attestation statement verification bypass | Keycloak | keycloak | Low | 3.1 | 2026-02-27 08:10:15 | Deep Dive |
| CVE-2026-0980 | Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username | Red Hat | Red Hat Satellite 6.16 for RHEL 8 | High | 8.3 | 2026-02-27 07:30:43 | Deep Dive |
| CVE-2026-0871 | Org.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administrators | Red Hat | Red Hat build of Keycloak 26.4 | Medium | 4.9 | 2026-02-27 07:30:27 | Deep Dive |
| CVE-2025-13327 | Uv: uv: specially crafted zip archives lead to arbitrary code execution due to parsing differentials | astral-sh | uv | Medium | 6.3 | 2026-02-27 07:30:20 | Deep Dive |
| CVE-2025-9909 | Aap-gateway: improper path validation in gateway allows credential exfiltration | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | Medium | 6.7 | 2026-02-27 07:30:01 | Deep Dive |
| CVE-2025-9908 | Event-driven-ansible: sensitive internal headers disclosure in aap eda event streams | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | Medium | 6.7 | 2026-02-27 07:29:32 | Deep Dive |
| CVE-2025-9907 | Event-driven-ansible: event stream test mode exposes sensitive headers in aap eda | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | Medium | 6.7 | 2026-02-27 07:29:06 | Deep Dive |
| CVE-2025-9572 | Foreman: satellite: graphql api permission bypass leads to information disclosure | The Foreman | Foreman | Medium | 5.0 | 2026-02-27 07:28:44 | Deep Dive |
| CVE-2026-28295 | Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.3 | 2026-02-26 15:33:24 | Deep Dive |
| CVE-2026-28296 | Gvfs: ftp gvfs backend: arbitrary ftp command injection via crlf sequences in file paths | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.3 | 2026-02-26 15:10:48 | Deep Dive |
| CVE-2026-3118 | Rhdh: graphql injection leading to platform-wide denial of service (dos) in rh developer hub orchestrator plugin | Red Hat | Red Hat Developer Hub 1.8 | Medium | 6.5 | 2026-02-25 11:25:55 | Deep Dive |
| CVE-2026-26104 | Udisks: missing authorization check allows unprivileged users to back up luks headers via udisks d-bus api | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-02-25 10:51:15 | Deep Dive |
| CVE-2026-26103 | Udisks: missing authorization check allows unprivileged users to restore luks headers via udisks d-bus api | Red Hat | Red Hat Enterprise Linux 10 | High | 7.1 | 2026-02-25 10:31:51 | Deep Dive |
| CVE-2025-14905 | 389-ds-base: 389-ds-base: remote code execution and denial of service via heap buffer overflow | Red Hat | Red Hat Directory Server 11.5 E4S for RHEL 8 | High | 7.2 | 2026-02-23 15:41:48 | Deep Dive |
| CVE-2026-2243 | Qemu-kvm: heap buffer out-of-bounds read in vmdk compressed grain parsing | - | - | Medium | 5.1 | 2026-02-19 17:47:01 | Deep Dive |
| CVE-2026-2733 | Org.keycloak/keycloak-services: keycloak: missing check on disabled client for docker registry protocol | Red Hat | Red Hat build of Keycloak 26.4 | Low | 3.8 | 2026-02-19 07:48:09 | Deep Dive |
| CVE-2026-0665 | Qemu-kvm: heap off-by-one in kvm xen physdevop_map_pirq | - | - | Medium | 6.5 | 2026-02-18 20:50:04 | Deep Dive |
| CVE-2025-8860 | Qemu-kvm: uefi-vars: information disclosure vulnerability in uefi_vars_write callback | - | - | Low | 3.3 | 2026-02-18 20:49:06 | Deep Dive |
| CVE-2025-14876 | Qemu-kvm: unbounded allocation in virtio-crypto | - | - | Medium | 5.5 | 2026-02-18 20:47:54 | Deep Dive |
| CVE-2025-1272 | Kernel: secure boot does not automatically enable kernel lockdown | Fedora Project | Fedora Linux | High | 7.7 | 2026-02-18 20:29:15 | Deep Dive |