Vulnerabilities in Red Hat

1,519 results
Vexday analysis

Com 1.477 CVEs catalogadas e 232 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao Red Hat exige monitoramento contínuo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 1 CVE confirmada no CISA KEV — a CVE-2023-4911, que apresenta EPSS de 0,7861, indicando probabilidade elevada de exploração e merecendo atenção prioritária de equipes de resposta. Das 34 vulnerabilidades de severidade crítica, 18 contam com prova de conceito pública disponível, o que reduz a barreira técnica para exploração e aumenta o risco operacional. O tipo de falha mais recorrente é CWE-125 (leitura fora dos limites), padrão que frequentemente viabiliza vazamento de dados ou corrupção de memória e deve orientar revisões de hardening e priorização de patches.

CVE-2026-6862MEDIUMEfivar: efivar: denial of service due to stack overflow in device path node parsingEPSS 0.1%CVE-2026-6844MEDIUMBinutils: binutils: denial of service vulnerabilities in readelf via crafted elf filesEPSS 0.1%CVE-2025-13193MEDIUMLibvirt: information disclosure via world-readable vm snapshotsEPSS 0.1%CVE-2026-54228HIGHAbrt: toctou race condition in abrt-dbus setelement allows arbitrary file writes to dump directoriesEPSS 0.1%CVE-2026-3196MEDIUMQemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocationEPSS 0.1%CVE-2026-14330MEDIUMPipewire: pulse server alloca stack overflowEPSS 0.1%CVE-2025-53861LOWAap: sensitive cookie(s) set without security flagsEPSS 0.1%CVE-2026-13322LOWKubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of serviceEPSS 0.1%CVE-2026-13208MEDIUMKubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts vmi identity from unauthenticated grpc request bodyEPSS 0.1%CVE-2025-11568MEDIUMLuksmeta: data corruption when handling luks1 partitions with luksmetaEPSS 0.1%CVE-2026-54229HIGHAbrt: chownproblemdir succeeds during active post-create event processing due to inadequate lockingEPSS 0.1%CVE-2026-6842LOWNano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissionsEPSS 0.1%CVE-2026-2625MEDIUMRust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verificationEPSS 0.1%CVE-2026-55655MEDIUMOpenssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versionsEPSS 0.1%CVE-2023-5342MEDIUMShim: expired secure boot certificateEPSS 0.1%CVE-2026-26103HIGHUdisks: missing authorization check allows unprivileged users to restore luks headers via udisks d-bus apiEPSS 0.1%CVE-2026-26104MEDIUMUdisks: missing authorization check allows unprivileged users to back up luks headers via udisks d-bus apiEPSS 0.1%CVE-2026-54099HIGHWindows-machine-config-operator: windows-machine-config-operator: wicd csr extra-organization allows privilege escalation to system:mastersEPSS 0.1%CVE-2026-14781MEDIUMKeycloak-services: keycloak-services: oidc email_verified claim incorrectly applied to userinfo emailEPSS