Known Vulnerabilities for products from Redhat
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Redhat".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Redhat can be found at device.report : Redhat
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-37977 json | A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) header injection vulnerabi... | Not Provided | 2026-04-06 | 2026-04-24 |
| CVE-2026-35092 json | A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote,... | Not Provided | 2026-04-01 | 2026-04-07 |
| CVE-2026-35091 json | A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosyn... | Not Provided | 2026-04-01 | 2026-04-07 |
| CVE-2026-32591 json | A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstre... | Not Provided | 2026-04-08 | 2026-04-21 |
| CVE-2026-32590 json | A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediat... | Not Provided | 2026-04-08 | 2026-04-21 |
| CVE-2026-32589 json | A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository o... | Not Provided | 2026-04-08 | 2026-04-21 |
| CVE-2026-28369 json | A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spac... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-28368 json | A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where heade... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-28367 json | A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminat... | Not Provided | 2026-03-27 | 2026-04-10 |
| CVE-2026-23414 json | Not Provided | 2026-04-02 | 2026-04-13 | |
| CVE-2026-23270 json | Not Provided | 2026-03-18 | 2026-04-18 | |
| CVE-2026-5704 json | A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidde... | Not Provided | 2026-04-06 | 2026-04-22 |
| CVE-2026-5483 json | A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Hat Ope... | Not Provided | 2026-04-10 | 2026-04-21 |
| CVE-2026-5121 json | A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer alloc... | Not Provided | 2026-03-30 | 2026-04-23 |
| CVE-2026-5119 json | A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are t... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2026-4897 json | A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the `po... | Not Provided | 2026-03-26 | 2026-04-21 |
| CVE-2026-4887 json | A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote ... | Not Provided | 2026-03-26 | 2026-04-20 |
| CVE-2026-4874 json | A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `c... | Not Provided | 2026-03-26 | 2026-04-01 |
| CVE-2026-4775 json | A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putco... | Not Provided | 2026-03-24 | 2026-04-21 |
| CVE-2026-4636 json | A flaw was found in Keycloak. An authenticated user with the uma_protection role can bypass User-Managed Access (UMA) policy ... | Not Provided | 2026-04-02 | 2026-04-16 |
Known software with vulnerabilities from Redhat
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Redhat | 389 Directory Server | - |
| Application | Redhat | 3scale | - |
| Application | Redhat | Advanced Cluster Management For Kubernetes | 2.0 |
| Application | Redhat | Aeolus Conductor | - |
| Application | Redhat | Amq | 2.0 |
| Application | Redhat | Amq Online | - |
| Application | Redhat | Analog Real-time Synthesizer | - |
| Application | Redhat | Ansible | 0.0.1 |
| Application | Redhat | Ansible Engine | 0.0.1 |
| Application | Redhat | Ansible Tower | - |
| Application | Redhat | Apicast | 2.0.0 |
| Application | Redhat | Application Server | - |
| Application | Redhat | Automatic Bug Reporting Tool | 0.0.10 |
| Application | Redhat | Automation Manager | 7.3.1 |
| Application | Redhat | Beaker | 0.10.0 |
| Application | Redhat | Bigmem Kernel | - |
| Application | Redhat | Bodhi | 0.2.0 |
| Application | Redhat | Cairo | - |
| Application | Redhat | Ceph | 0.1 |
| Application | Redhat | Ceph-iscsi-cli | - |