Known Vulnerabilities for products from Redhat
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Redhat".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Redhat can be found at device.report : Redhat
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-35092 json | A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote,... | Not Provided | 2026-04-01 | 2026-04-07 |
| CVE-2026-35091 json | A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosyn... | Not Provided | 2026-04-01 | 2026-04-07 |
| CVE-2026-28369 json | A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spac... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-28368 json | A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where heade... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-23414 json | Not Provided | 2026-04-02 | 2026-04-02 | |
| CVE-2026-23270 json | Not Provided | 2026-03-18 | 2026-04-02 | |
| CVE-2026-5119 json | A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are t... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2026-4874 json | A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `c... | Not Provided | 2026-03-26 | 2026-04-01 |
| CVE-2026-4633 json | A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow ... | Not Provided | 2026-03-23 | 2026-04-01 |
| CVE-2026-4628 json | A flaw was found in Keycloak. An improper Access Control vulnerability in Keycloak’s User-Managed Access (UMA) resource_set... | Not Provided | 2026-03-23 | 2026-04-01 |
| CVE-2026-4366 json | A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects whe... | Not Provided | 2026-03-18 | 2026-04-01 |
| CVE-2026-3260 json | A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing mu... | Not Provided | 2026-03-24 | 2026-04-08 |
| CVE-2026-3190 json | A flaw was found in Keycloak. The User-Managed Access (UMA) 2.0 Protection API endpoint for permission tickets fails to enfor... | Not Provided | 2026-03-26 | 2026-04-02 |
| CVE-2026-3121 json | A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this per... | Not Provided | 2026-03-26 | 2026-04-02 |
| CVE-2026-2272 json | A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files, specifically in the `ico_... | Not Provided | 2026-03-26 | 2026-04-03 |
| CVE-2026-2239 json | A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the fread_pascal_string function when processing a spe... | Not Provided | 2026-03-26 | 2026-04-03 |
| CVE-2026-0968 json | A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malfor... | Not Provided | 2026-03-26 | 2026-04-03 |
| CVE-2026-0967 json | A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft sp... | Not Provided | 2026-03-26 | 2026-04-02 |
| CVE-2026-0965 json | A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can ex... | Not Provided | 2026-03-26 | 2026-04-02 |
| CVE-2025-36187 json | IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentiall... | Not Provided | 2026-03-25 | 2026-03-31 |
Known software with vulnerabilities from Redhat
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Redhat | 389 Directory Server | - |
| Application | Redhat | 3scale | - |
| Application | Redhat | Advanced Cluster Management For Kubernetes | 2.0 |
| Application | Redhat | Aeolus Conductor | - |
| Application | Redhat | Amq | 2.0 |
| Application | Redhat | Amq Online | - |
| Application | Redhat | Analog Real-time Synthesizer | - |
| Application | Redhat | Ansible | 0.0.1 |
| Application | Redhat | Ansible Engine | 0.0.1 |
| Application | Redhat | Ansible Tower | - |
| Application | Redhat | Apicast | 2.0.0 |
| Application | Redhat | Application Server | - |
| Application | Redhat | Automatic Bug Reporting Tool | 0.0.10 |
| Application | Redhat | Automation Manager | 7.3.1 |
| Application | Redhat | Beaker | 0.10.0 |
| Application | Redhat | Bigmem Kernel | - |
| Application | Redhat | Bodhi | 0.2.0 |
| Application | Redhat | Cairo | - |
| Application | Redhat | Ceph | 0.1 |
| Application | Redhat | Ceph-iscsi-cli | - |