| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-1530 | Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation | Red Hat | Red Hat Satellite 6.16 for RHEL 8 | High | 8.1 | 2026-02-02 05:47:10 | Deep Dive |
| CVE-2025-13881 | Org.keycloak.services.resources.admin: keycloak: limited administrator can retrieve sensitive user attributes via admin api | Red Hat | Red Hat build of Keycloak 26.4 | Low | 2.7 | 2026-02-02 05:43:23 | Deep Dive |
| CVE-2024-4027 | Undertow: outofmemoryerror in httpservletrequestimpl.getparameternames() can cause remote dos attacks | Red Hat | OpenShift Serverless | High | 7.5 | 2026-01-30 14:25:54 | Deep Dive |
| CVE-2026-1616 | osim: Path Traversal via query parameters in Nginx configuration | Red Hat | osim | High | 7.5 | 2026-01-29 13:38:36 | Deep Dive |
| CVE-2026-1539 | Libsoup: libsoup: credential leakage via http redirects | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.8 | 2026-01-28 15:15:49 | Deep Dive |
| CVE-2026-1536 | Libsoup: libsoup: http header injection or response splitting via crlf injection in content-disposition header | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.8 | 2026-01-28 15:15:47 | Deep Dive |
| CVE-2026-1489 | Glib: glib: memory corruption via integer overflow in unicode case conversion | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.4 | 2026-01-27 14:26:48 | Deep Dive |
| CVE-2026-1485 | Glib: glib: local denial of service via buffer underflow in content type parsing | Red Hat | Red Hat Enterprise Linux 10 | Low | 2.8 | 2026-01-27 13:43:18 | Deep Dive |
| CVE-2026-1484 | Glib: integer overflow leading to buffer underflow and out-of-bounds write in glib g_base64_encode() | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.2 | 2026-01-27 13:41:54 | Deep Dive |
| CVE-2026-1467 | Libsoup: libsoup: http header injection via specially crafted urls when an http proxy is configured | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.8 | 2026-01-27 09:17:45 | Deep Dive |
| CVE-2025-9820 | Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.0 | 2026-01-26 19:58:33 | Deep Dive |
| CVE-2025-9615 | Networkmanager: networkmanager file access | Red Hat | Red Hat Enterprise Linux 10 | - | - | 2026-01-26 19:58:17 | Deep Dive |
| CVE-2026-1190 | Org.keycloak/keycloak-services: keycloak saml brokering: response delay due to unchecked notonorafter in subjectconfirmationdata | Red Hat | Red Hat build of Keycloak 26.4 | Low | 3.1 | 2026-01-26 19:36:54 | Deep Dive |
| CVE-2026-0810 | Gix-date: gix-date: undefined behavior due to invalid string generation | GitoxideLabs | gitoxide | High | 7.1 | 2026-01-26 19:36:46 | Deep Dive |
| CVE-2025-14525 | Kubevirt: kubevirt: vm administration denial of service via guest agent | Red Hat | Red Hat OpenShift Virtualization 4 | Medium | 6.4 | 2026-01-26 19:36:44 | Deep Dive |
| CVE-2025-14969 | Hibernate-reactive-core: hibernate reactive: denial of service due to connection leak on http client disconnect | Red Hat | Red Hat build of Quarkus 3.27.2 | Medium | 4.3 | 2026-01-26 19:36:40 | Deep Dive |
| CVE-2025-14459 | Virt-cdi-controller: unauthorized pvc cloning via dataimportcron | Red Hat | RHEL-9-CNV-4.19 | High | 8.5 | 2026-01-26 19:36:30 | Deep Dive |
| CVE-2025-11065 | Github.com/go-viper/mapstructure/v2: go-viper's mapstructure may leak sensitive information in logs in github.com/go-viper/mapstructure | - | - | Medium | 5.3 | 2026-01-26 19:36:29 | Deep Dive |
| CVE-2026-0603 | Org.hibernate/hibernate-core: hibernate: information disclosure and data deletion via second-order sql injection | - | - | High | 8.3 | 2026-01-23 06:31:39 | Deep Dive |
| CVE-2025-14083 | Keycloak-server: keycloak: improper access control in admin rest api leads to information disclosure | Red Hat | Red Hat build of Keycloak 26.4 | Low | 2.7 | 2026-01-21 12:04:13 | Deep Dive |