Vulnerabilities in Red Hat

1,519 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2026-12505HIGHCifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcallEPSS 0.1%CVE-2026-9793MEDIUMKeycloak: keycloak: security policy bypass in jwe-encrypted request object processingEPSS 0.1%CVE-2026-13757MEDIUMP11-kit: stack exhaustion via unbounded recursion in rpc attribute parsingEPSS 0.1%CVE-2026-10805MEDIUMNetworkmanager: networkmanager: local privilege escalation via malformed mud urls in dhclient backendEPSS 0.1%CVE-2025-14946MEDIUMLibnbd: libnbd: arbitrary code execution via ssh argument injection through a malicious uriEPSS 0.1%CVE-2026-4948MEDIUMFirewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorizationEPSS 0.1%CVE-2026-58381MEDIUMGimp: gimp: double-free in read_layer_block()EPSS 0.1%CVE-2025-14010MEDIUMAnsible-collection-community-general: ansible-collection-community-general: keycloak user module leaks credentials in verbose outputEPSS 0.1%CVE-2026-54231MEDIUMAbrt: unsanitized systemd journal content written to dump directory files enables content injectionEPSS 0.1%CVE-2026-2243MEDIUMQemu-kvm: heap buffer out-of-bounds read in vmdk compressed grain parsingEPSS 0.1%CVE-2025-57851MEDIUMMce: privilege escalation via excessive /etc/passwd permissionsEPSS 0.1%CVE-2025-61663MEDIUMGrub2: missing unregister call for normal commands may lead to use-after-freeEPSS 0.1%CVE-2026-5164MEDIUMVirtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap requestEPSS 0.1%CVE-2026-4740HIGHRhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validationEPSS 0.1%CVE-2026-5165MEDIUMVirtio-win: virtio-win: memory corruption via use-after-free in virtio blk device resetEPSS 0.1%CVE-2026-13316MEDIUMForeman: ssrf to cloud metada service through unvalidated test_url parameters in foreman configEPSS 0.1%CVE-2026-6861MEDIUMEmacs: emacs: memory corruption vulnerability when processing svg cssEPSS 0.1%CVE-2026-6843MEDIUMNano: nano: format string vulnerability leads to denial of serviceEPSS 0.1%CVE-2026-52721MEDIUMGstreamer1-plugins-bad-free: gstreamer: multiple out-of-bounds reads in pcapparse ipv4/tcp header parsingEPSS 0.1%CVE-2026-13218MEDIUMKubevirt: kubevirt: symlink following in writetocachedfile allows host file overwrite from virt-launcherEPSS 0.1%