RED HAT — Vulnerabilities & Security Advisories 676

Browse all 676 CVE security advisories affecting RED HAT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-3047	Org.keycloak.broker.saml: keycloak saml broker: authentication bypass due to disabled saml client completing idp-initiated login — Red Hat build of Keycloak 26.2CWE-305	8.8	High	2026-03-05
CVE-2026-3009	Org.keycloak/keycloak-services: improper enforcement of disabled identity provider in identitybrokerservice (authentication bypass) — Red Hat build of Keycloak 26.4CWE-863	8.1	High	2026-03-05
CVE-2025-12801	Nfs-utils: rpc.mountd in the nfs-utils privilege escalation — Red Hat Enterprise Linux 10CWE-279	6.5	Medium	2026-03-04
CVE-2026-0980	Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username — Red Hat Satellite 6.16 for RHEL 8CWE-78	8.3	High	2026-02-27
CVE-2026-0871	Org.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administrators — Red Hat build of Keycloak 26.4CWE-266	4.9	Medium	2026-02-27
CVE-2025-9909	Aap-gateway: improper path validation in gateway allows credential exfiltration — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-647	6.7	Medium	2026-02-27
CVE-2025-9908	Event-driven-ansible: sensitive internal headers disclosure in aap eda event streams — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-200	6.7	Medium	2026-02-27
CVE-2025-9907	Event-driven-ansible: event stream test mode exposes sensitive headers in aap eda — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-200	6.7	Medium	2026-02-27
CVE-2026-28295	Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses — Red Hat Enterprise Linux 10CWE-918	4.3	Medium	2026-02-26
CVE-2026-28296	Gvfs: ftp gvfs backend: arbitrary ftp command injection via crlf sequences in file paths — Red Hat Enterprise Linux 10CWE-93	4.3	Medium	2026-02-26
CVE-2026-3118	Rhdh: graphql injection leading to platform-wide denial of service (dos) in rh developer hub orchestrator plugin — Red Hat Developer Hub 1.8CWE-89	6.5	Medium	2026-02-25
CVE-2026-26104	Udisks: missing authorization check allows unprivileged users to back up luks headers via udisks d-bus api — Red Hat Enterprise Linux 10CWE-862	5.5	Medium	2026-02-25
CVE-2026-26103	Udisks: missing authorization check allows unprivileged users to restore luks headers via udisks d-bus api — Red Hat Enterprise Linux 10CWE-862	7.1	High	2026-02-25
CVE-2025-14905	389-ds-base: 389-ds-base: remote code execution and denial of service via heap buffer overflow — Red Hat Directory Server 11.5 E4S for RHEL 8CWE-122	7.2	High	2026-02-23
CVE-2026-2733	Org.keycloak/keycloak-services: keycloak: missing check on disabled client for docker registry protocol — Red Hat build of Keycloak 26.4CWE-285	3.8	Low	2026-02-19
CVE-2026-2443	Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure — Red Hat Enterprise Linux 10CWE-125	5.3	Medium	2026-02-13
CVE-2026-26158	Busybox: busybox: arbitrary file modification and privilege escalation via unvalidated tar archive entries — Red Hat Enterprise Linux 6CWE-73	7.0	High	2026-02-11
CVE-2026-26157	Busybox: busybox: arbitrary file overwrite and potential code execution via incomplete path sanitization — Red Hat Enterprise Linux 6CWE-73	7.0	High	2026-02-11
CVE-2025-11537	Keycloak-server: sensitive headers shown in the http access logs — Red Hat Build of KeycloakCWE-117	5.0	Medium	2026-02-10
CVE-2025-14778	Keycloak: incorrect ownership checks in /uma-policy/ — Red Hat build of Keycloak 26.2CWE-266	5.4	Medium	2026-02-09
CVE-2026-1529	Org.keycloak.services.resources.organizations: keycloak: unauthorized organization registration via improper invitation token validation — Red Hat build of Keycloak 26.2CWE-347	8.1	High	2026-02-09
CVE-2026-1486	Org.keycloak.protocol.oidc.grants: disabled identity providers are still accepted for jwt authorization grant — Red Hat build of Keycloak 26.4CWE-358	8.8	High	2026-02-09
CVE-2025-14831	Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification — Red Hat Enterprise Linux 10CWE-407	5.3	Medium	2026-02-09
CVE-2026-1709	Keylime: keylime: authentication bypass allows unauthorized administrative operations due to missing client-side tls authentication — Red Hat Enterprise Linux 10CWE-322	9.4	Critical	2026-02-06
CVE-2026-0598	Ansible-lightspeed: broken object level authorization leading to cross-user ai conversation context injection in ansible lightspeed api — Red Hat Ansible Automation Platform 2CWE-283	4.2	Medium	2026-02-06
CVE-2026-1801	Libsoup: libsoup: http request smuggling via malformed chunk headers — Red Hat Enterprise Linux 10CWE-444	5.3	Medium	2026-02-03
CVE-2026-1760	Libsoup: soupserver: denial of service via http request smuggling — Red Hat Enterprise Linux 10CWE-444	5.3	Medium	2026-02-02
CVE-2026-1761	Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response — Red Hat Enterprise Linux 10CWE-121	8.6	High	2026-02-02
CVE-2026-1757	Libxml2: memory leak leading to local denial of service in xmllint interactive shell — Red Hat Hardened ImagesCWE-401	6.2	Medium	2026-02-02
CVE-2026-1518	Keycloak: blind server-side request forgery (ssrf) via ciba backchannel notification endpoint in keycloak — Red Hat Build of KeycloakCWE-918	2.7	Low	2026-02-02

This page lists every published CVE security advisory associated with RED HAT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

RED HAT — Vulnerabilities & Security Advisories 676