Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Red Hat — Vulnerabilities & Security Advisories 676

Browse all 676 CVE security advisories affecting Red Hat. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Red Hat:Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6AnsiblekeycloakRed Hat Enterprise Linux 9Red Hat build of Keycloak 26.4Red Hat Enterprise Linux 7glusterfsRed Hat Build of KeycloakkernelRed Hat Hardened ImagesRed Hat build of Keycloak 26.2newlibmirror registry for Red Hat OpenShiftRed Hat Single Sign-On 7OpenShiftundertowRed Hat Ansible Automation Platform 2.5 for RHEL 8sambaRed Hat Quay 3Red Hat Ansible Automation Platform 2wildflyipacloudformsRed Hat Advanced Cluster Security 4.2Red Hat Ansible Automation Platform 2.4 for RHEL 8cfmeRed Hat Satellite 6.16 for RHEL 8Red Hat build of Apache Camel for Spring Boot 4
CVE IDTitleCVSSSeverityPublished
CVE-2026-6383 Kubevirt: kubevirt: unauthorized subresource access due to improper rbac evaluation — Red Hat OpenShift Virtualization 4CWE-863 5.4 Medium2026-04-15
CVE-2026-37980 Org.keycloak.forms.login: keycloak: keycloak: arbitrary code execution via stored cross-site scripting (xss) in organization selection login page — Red Hat Build of KeycloakCWE-79 6.9 Medium2026-04-14
CVE-2026-5483 Odh-dashboard: odh dashboard kubernetes service account exposure — Red Hat OpenShift AI 2.16CWE-201 8.5 High2026-04-10
CVE-2026-1584 Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder — Red Hat Enterprise Linux 10CWE-476 7.5 High2026-04-09
CVE-2026-4878 Libcap: libcap: privilege escalation via toctou race condition in cap_set_file() — Red Hat Hardened ImagesCWE-367 6.7 Medium2026-04-09
CVE-2026-32591 Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration — mirror registry for Red Hat OpenShiftCWE-918 5.2 Medium2026-04-08
CVE-2026-32590 Mirror-registry: remote code execution using pickle deserialization — mirror registry for Red Hat OpenShiftCWE-502 7.1 High2026-04-08
CVE-2026-32589 Mirror-registry: quay: insecure direct object reference in blobupload — mirror registry for Red Hat OpenShiftCWE-639 7.1 High2026-04-08
CVE-2025-14243 Mirror-registry: openshift mirror registry: user enumeration via authentication error messages — mirror registry for Red Hat OpenShiftCWE-209 5.3 Medium2026-04-08
CVE-2026-2377 Mirror-registry: quay: quay: server-side request forgery via log export functionality — mirror registry for Red Hat OpenShiftCWE-918 6.5 Medium2026-04-08
CVE-2025-58713 Rhpam: privilege escalation via excessive /etc/passwd permissions — Red Hat Process Automation 7CWE-276 6.4 Medium2026-04-08
CVE-2025-57854 Osus-operator: privilege escalation via excessive /etc/passwd permissions — Red Hat OpenShift Update ServiceCWE-276 6.4 Medium2026-04-08
CVE-2025-57853 Web-terminal: privilege escalation via excessive /etc/passwd permissions — Red Hat Web TerminalCWE-276 6.4 Medium2026-04-08
CVE-2025-57851 Mce: privilege escalation via excessive /etc/passwd permissions — Multicluster Engine for KubernetesCWE-276 6.4 Medium2026-04-08
CVE-2025-57847 Ansible-automation-platform: privilege escalation via excessive group writable /etc/passwd permissions — Red Hat Ansible Automation Platform 2CWE-276 6.4 Medium2026-04-08
CVE-2025-14821 Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows — Red Hat Hardened ImagesCWE-427 7.8 High2026-04-07
CVE-2026-4631 Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection — Red Hat Enterprise Linux 10CWE-78 9.8 Critical2026-04-07
CVE-2026-5745 Libarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive — Red Hat Enterprise Linux 10CWE-476 5.5 Medium2026-04-07
CVE-2026-4740 Rhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validation — Multicluster Engine for KubernetesCWE-295 8.2 High2026-04-07
CVE-2026-5704 Tar: tar: hidden file injection via crafted archives — Red Hat Enterprise Linux 10CWE-434 5.0 Medium2026-04-06
CVE-2026-5673 Libtheora: libtheora: denial of service or information disclosure via malformed avi file processing — Red Hat Enterprise Linux 10CWE-125 5.6 Medium2026-04-06
CVE-2026-37977 Keycloak: org.keycloak.protocol.oidc.grants.ciba: keycloak: information disclosure via cors header injection due to unvalidated jwt azp claim — Red Hat Build of KeycloakCWE-346 3.7 Low2026-04-06
CVE-2026-3184 Util-linux: util-linux: access control bypass due to improper hostname canonicalization — Red Hat Hardened ImagesCWE-289 3.7 Low2026-04-03
CVE-2026-2625 Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification — Red Hat Enterprise Linux 10CWE-347 4.0 Medium2026-04-03
CVE-2026-4636 Keycloak: keycloak: uma policy bypass allows authenticated users to gain unauthorized access to victim-owned resources. — Red Hat build of Keycloak 26.2CWE-551 8.1 High2026-04-02
CVE-2026-4634 Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters — Red Hat build of Keycloak 26.2CWE-1050 7.5 High2026-04-02
CVE-2026-4325 Keycloak: keycloak: replay of action tokens via improper handling of single-use entries — Red Hat build of Keycloak 26.2CWE-653 5.3 Medium2026-04-02
CVE-2026-4282 Keycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flaw — Red Hat build of Keycloak 26.2CWE-653 7.4 High2026-04-02
CVE-2026-3872 Keycloak: keycloak: information disclosure due to redirect_uri validation bypass — Red Hat build of Keycloak 26.2CWE-601 7.3 High2026-04-02
CVE-2026-35094 Libinput: libinput: information disclosure via dangling pointer in lua plugin handling — Red Hat Enterprise Linux 10CWE-825 3.3 Low2026-04-01

This page lists every published CVE security advisory associated with Red Hat. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.