Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-57915

Summary
Assigner-apache
Assigner Org ID-f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At-26 Jun, 2026 | 12:09
Updated At-30 Jun, 2026 | 03:16
Rejected At-
Credits

Apache Kerby: Kerberos Pre-Authentication Bypass

It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users are recommended to upgrade to version 2.1.2, which fixes this issue.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:apache
Assigner Org ID:f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At:26 Jun, 2026 | 12:09
Updated At:30 Jun, 2026 | 03:16
Rejected At:
â–¼CVE Numbering Authority (CNA)
Apache Kerby: Kerberos Pre-Authentication Bypass

It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users are recommended to upgrade to version 2.1.2, which fixes this issue.

Affected Products
Vendor
The Apache Software FoundationApache Software Foundation
Product
Apache Kerby
Collection URL
https://repo.maven.apache.org/maven2
Package Name
org.apache.kerby:kerb-server
Default Status
unaffected
Versions
Affected
  • From 0 before 2.1.2 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-304CWE-304 Missing Critical Step in Authentication
Type: CWE
CWE ID: CWE-304
Description: CWE-304 Missing Critical Step in Authentication
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Textual description of severity
text:
important
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://lists.apache.org/thread/1y3glgh3kzwoxo5m2lq504cjlh1dsrfh
vendor-advisory
Hyperlink: https://lists.apache.org/thread/1y3glgh3kzwoxo5m2lq504cjlh1dsrfh
Resource:
vendor-advisory
â–¼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2026/06/26/8
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2026/06/26/8
Resource: N/A
3. Apache Kerby: org.apache.kerby/kerb-server: Apache Kerby: Kerberos pre-authentication bypass via unrecognized PA-DATA

A flaw was found in Apache Kerby. An attacker can bypass the Kerberos pre-authentication check by sending a Pre-Authentication Data (PA-DATA) packet with an unrecognized or unsupported type. This vulnerability allows an attacker to circumvent the initial authentication step, potentially leading to unauthorized access or impersonation within a Kerberos-protected environment.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat AMQ Clients
CPEs
  • cpe:/a:redhat:amq_clients:2023
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat JBoss Enterprise Application Platform Expansion Pack
CPEs
  • cpe:/a:redhat:jbosseapxp
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
streams for Apache Kafka 2
CPEs
  • cpe:/a:redhat:amq_streams:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
streams for Apache Kafka 3
CPEs
  • cpe:/a:redhat:amq_streams:3
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Data Grid 8
CPEs
  • cpe:/a:redhat:jboss_data_grid:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Fuse 7
CPEs
  • cpe:/a:redhat:jboss_fuse:7
Default Status
unaffected
Problem Types
TypeCWE IDDescription
CWECWE-358Improperly Implemented Security Check for Standard
Type: CWE
CWE ID: CWE-358
Description: Improperly Implemented Security Check for Standard
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Exploits

Credits

Timeline
EventDate
Reported to Red Hat.2026-06-26 13:00:52
Made public.2026-06-26 12:09:54
Event: Reported to Red Hat.
Date: 2026-06-26 13:00:52
Event: Made public.
Date: 2026-06-26 12:09:54
Replaced By

Rejected Reason

References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2026-57915
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2493407
issue-tracking
x_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-57915.json
x_sadp-csaf-vex
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-57915
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2493407
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-57915.json
Resource:
x_sadp-csaf-vex
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@apache.org
Published At:26 Jun, 2026 | 13:16
Updated At:30 Jun, 2026 | 03:21

It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users are recommended to upgrade to version 2.1.2, which fixes this issue.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Secondary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
N/A
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-304Primarysecurity@apache.org
CWE-358Secondary0b0ca135-0b70-47e7-9f44-1890c2a1c46c
CWE ID: CWE-304
Type: Primary
Source: security@apache.org
CWE ID: CWE-358
Type: Secondary
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://lists.apache.org/thread/1y3glgh3kzwoxo5m2lq504cjlh1dsrfhsecurity@apache.org
N/A
http://www.openwall.com/lists/oss-security/2026/06/26/8af854a3a-2127-422b-91ae-364da2661108
N/A
https://access.redhat.com/security/cve/CVE-2026-579150b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=24934070b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-57915.json0b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
Hyperlink: https://lists.apache.org/thread/1y3glgh3kzwoxo5m2lq504cjlh1dsrfh
Source: security@apache.org
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2026/06/26/8
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-57915
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2493407
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-57915.json
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

60Records found

CVE-2026-55957
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.25% / 16.40%
||
7 Day CHG~0.00%
Published-29 Jun, 2026 | 20:47
Updated-02 Jul, 2026 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind

Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Users are recommended to upgrade to version 11.0.5, 10.1.37 or 9.0.101, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-304
Missing Critical Step in Authentication
CVE-2026-40542
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.46% / 36.41%
||
7 Day CHG-0.11%
Published-22 Apr, 2026 | 07:07
Updated-30 Jun, 2026 | 03:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HttpClient: SCRAM-SHA-256 mutual authentication bypass may cause the client to accept authentication without proper mutual authentication verification

Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the client to accept SCRAM-SHA-256 authentication without proper mutual authentication verification. Users are recommended to upgrade to version 5.6.1, which fixes this issue.

Action-Not Available
Vendor-The Apache Software FoundationRed Hat, Inc.
Product-httpclientApache HttpClientRed Hat OpenShift AI (RHOAI)Red Hat build of QuarkusRed Hat AMQ Broker 7Red Hat Enterprise Linux 10Cryostat 4streams for Apache Kafka 2Red Hat AMQ ClientsRed Hat build of Apicurio Registry 3Red Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3Red Hat JBoss Web Server 6Red Hat Process Automation 7Red Hat Lightspeed for Runtimes OperatorRed Hat Satellite 6OpenShift Developer Tools and ServicesRed Hat JBoss Enterprise Application Platform Expansion PackMigration Toolkit for Applications 8Red Hat build of Apache Camel - HawtIO 4Red Hat Certificate System 10Red Hat build of Apicurio Registry 2Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat build of Debezium 3Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat JBoss Core ServicesRed Hat build of Apache Camel for Spring Boot 4Red Hat Fuse 7Red Hat build of OptaPlanner 8Red Hat JBoss Web Server 5Red Hat Offline Knowledge Portalstreams for Apache Kafka 3Red Hat OpenShift Dev SpacesRed Hat Enterprise Linux 8Red Hat JBoss Enterprise Application Platform 8OpenShift Serverless
CWE ID-CWE-304
Missing Critical Step in Authentication
CWE ID-CWE-325
Missing Cryptographic Step
CVE-2026-7322
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.3||HIGH
EPSS-0.32% / 23.43%
||
7 Day CHG+0.04%
Published-28 Apr, 2026 | 13:49
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1

Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxthunderbirdThunderbirdFirefoxRed Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream E4S (v.9.4)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux 10Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-7323
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.3||HIGH
EPSS-0.38% / 29.51%
||
7 Day CHG+0.06%
Published-28 Apr, 2026 | 13:49
Updated-30 Jun, 2026 | 12:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1

Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxthunderbirdThunderbirdFirefoxRed Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream E4S (v.9.4)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux 10Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-7598
Matching Score-8
Assigner-VulDB
ShareView Details
Matching Score-8
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.47% / 37.05%
||
7 Day CHG+0.11%
Published-01 May, 2026 | 21:30
Updated-30 Jun, 2026 | 12:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libssh2 userauth.c userauth_password integer overflow

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. The attack may be launched remotely. The name of the patch is 256d04b60d80bf1190e96b0ad1e91b2174d744b1. A patch should be applied to remediate this issue.

Action-Not Available
Vendor-libssh2n/aRed Hat, Inc.
Product-libssh2libssh2Red Hat OpenShift Update ServiceRed Hat Trusted Profile AnalyzerRed Hat OpenShift Container Platform 4Red Hat Enterprise Linux 7Red Hat Hardened ImagesRed Hat Enterprise Linux 6
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2026-8390
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.3||HIGH
EPSS-0.26% / 17.30%
||
7 Day CHG+0.03%
Published-12 May, 2026 | 12:36
Updated-30 Jun, 2026 | 12:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the JavaScript: WebAssembly component

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxFirefoxRed Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6
CWE ID-CWE-416
Use After Free
CWE ID-CWE-825
Expired Pointer Dereference
CVE-2026-6753
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.3||HIGH
EPSS-0.31% / 22.38%
||
7 Day CHG+0.04%
Published-21 Apr, 2026 | 12:40
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect boundary conditions in the WebRTC component

Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxthunderbirdThunderbirdFirefoxRed Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux 10Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-6752
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.3||HIGH
EPSS-0.31% / 22.38%
||
7 Day CHG+0.03%
Published-21 Apr, 2026 | 12:40
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect boundary conditions in the WebRTC component

Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxthunderbirdThunderbirdFirefoxRed Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux 10Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2026-6751
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.3||HIGH
EPSS-0.31% / 22.41%
||
7 Day CHG+0.04%
Published-21 Apr, 2026 | 12:40
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uninitialized memory in the Audio/Video: Web Codecs component

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxthunderbirdThunderbirdFirefoxRed Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux 10Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream TUS (v.8.6)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Enterprise Linux AppStream AUS (v.8.4)Red Hat Enterprise Linux AppStream E4S (v.9.0)
CWE ID-CWE-457
Use of Uninitialized Variable
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2026-58014
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.3||HIGH
EPSS-0.29% / 21.01%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 12:57
Updated-01 Jul, 2026 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"

A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundary.

Action-Not Available
Vendor-The GNOME ProjectRed Hat, Inc.
Product-enterprise_linuxglibRed Hat Enterprise Linux 7Red Hat Hardened ImagesRed Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8GLibRed Hat Enterprise Linux 6
CWE ID-CWE-193
Off-by-one Error
CVE-2026-5172
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.3||HIGH
EPSS-0.93% / 56.35%
||
7 Day CHG+0.29%
Published-11 May, 2026 | 16:48
Updated-30 Jun, 2026 | 03:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE-2026-5172

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.

Action-Not Available
Vendor-dnsmasqRed Hat, Inc.
Product-dnsmasqRed Hat OpenShift Container Platform 4Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-48913
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.46% / 36.73%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 15:24
Updated-10 Jun, 2026 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_http2 memory corruption when file handles exhausted

Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67.

Action-Not Available
Vendor-The Apache Software Foundation
Product-http_serverApache HTTP Server
CWE ID-CWE-416
Use After Free
CVE-2026-48962
Matching Score-8
Assigner-CPAN Security Group
ShareView Details
Matching Score-8
Assigner-CPAN Security Group
CVSS Score-7.3||HIGH
EPSS-0.29% / 20.91%
||
7 Day CHG-0.01%
Published-27 May, 2026 | 03:12
Updated-30 Jun, 2026 | 03:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. _parseOutputGlob() wraps the caller-supplied output glob string in double quotes and stores it in the parser state; _getFiles() then runs the stored expression through eval STRING. A literal double quote in the output glob closes the dquote wrapper, and the characters that follow are evaluated as Perl. Arbitrary Perl in the output glob executes at the calling process's privilege.

Action-Not Available
Vendor-PMQSRed Hat, Inc.
Product-IO::CompressRed Hat Enterprise Linux BaseOS (v. 8)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux BaseOS AUS (v.8.6)Red Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux BaseOS AUS (v.8.4)Red Hat Enterprise Linux BaseOS E4S (v.8.8)Red Hat Enterprise Linux AppStream E4S (v.9.4)Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux BaseOS TUS (v.8.8)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream (v. 10)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-95
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CVE-2026-8090
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.3||HIGH
EPSS-0.32% / 23.47%
||
7 Day CHG+0.03%
Published-07 May, 2026 | 12:45
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the DOM: Networking component

Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxthunderbirdThunderbirdFirefoxRed Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream E4S (v.9.4)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux 9Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux 10Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux 8Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)Red Hat Enterprise Linux AppStream AUS (v.8.4)
CWE ID-CWE-416
Use After Free
CWE ID-CWE-825
Expired Pointer Dereference
CVE-2026-44186
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.56% / 42.58%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 15:11
Updated-11 Jun, 2026 | 04:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: Loop in `proxy_ftp_handler` in mod_proxy_ftp

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-http_serverApache HTTP Server
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2026-45360
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.65% / 46.67%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 07:48
Updated-03 Jun, 2026 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Airflow: Arbitrary import in custom deadline-reference deserialization

Apache Airflow's scheduler-side deadline-reference decoder (`SerializedCustomReference.deserialize_reference`) imported and dispatched arbitrary class paths drawn from DAG-author-controlled serialized state without an allowlist or plugin-registry gate. A DAG author whose code reaches the scheduler — the default on single-host deployments where the DAG bundle is importable from the scheduler process — could embed a custom `DeadlineReference` whose serialized form named an attacker-controlled module path, causing the scheduler to `import_string(...)` and instantiate that class with a live SQLAlchemy session attached. Affects deployments where DAG-author code is less trusted than the scheduler process. Users are advised to upgrade to `apache-airflow` 3.2.2 or later.

Action-Not Available
Vendor-The Apache Software Foundation
Product-airflowApache Airflow
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-8947
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.3||HIGH
EPSS-0.41% / 33.20%
||
7 Day CHG+0.04%
Published-19 May, 2026 | 12:29
Updated-30 Jun, 2026 | 03:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the DOM: Bindings (WebIDL) component

Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxthunderbirdThunderbirdFirefoxRed Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream AUS (v.8.6)Red Hat Enterprise Linux 7Red Hat Enterprise Linux AppStream E4S (v.9.4)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)Red Hat Enterprise Linux AppStream TUS (v.8.8)Red Hat Enterprise Linux 10Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux AppStream (v. 8)Red Hat Enterprise Linux Server (v. 7 ELS)Red Hat Enterprise Linux 6Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux AppStream E4S (v.8.8)Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)Red Hat Enterprise Linux AppStream AUS (v.8.4)
CWE ID-CWE-416
Use After Free
CWE ID-CWE-825
Expired Pointer Dereference
CVE-2026-53404
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.22% / 12.25%
||
7 Day CHG~0.00%
Published-29 Jun, 2026 | 20:39
Updated-02 Jul, 2026 | 19:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: Bad ornext processing in RewriteValve

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100. Other versions that have reached end of support may also be affected. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-670
Always-Incorrect Control Flow Implementation
CVE-2026-44185
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.58% / 43.63%
||
7 Day CHG+0.13%
Published-08 Jun, 2026 | 15:22
Updated-02 Jul, 2026 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Apache Software Foundation
Product-http_serverApache HTTP ServerRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux AppStream (v. 10)Red Hat Hardened Images
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2025-33042
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.60% / 44.44%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 11:47
Updated-20 Feb, 2026 | 15:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Avro Java SDK: Code injection on Java generated code

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. Users are recommended to upgrade to version 1.12.1 or 1.11.5, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-avroApache Avro Java SDK
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-43870
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.39% / 31.29%
||
7 Day CHG~0.00%
Published-05 May, 2026 | 07:45
Updated-06 May, 2026 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Thrift: Node.js web_server.js multi-vulnerability

Origin Validation Error, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting'), Uncontrolled Resource Consumption vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-thriftApache Thrift
CWE ID-CWE-113
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-346
Origin Validation Error
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-42498
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.55% / 41.84%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 15:17
Updated-14 May, 2026 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: WebSocket authentication header exposure

Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.2 through 9.0.117, from 8.5.24 through 8.5.100, from 7.0.83 through 7.0.109. Users are recommended to upgrade to version 11.0.22, 10.1.55 or 9.0.118, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-30001
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.51% / 39.47%
||
7 Day CHG~0.00%
Published-10 Oct, 2025 | 09:52
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache StreamPark: Authenticated users can trigger remote command execution

Incorrect Execution-Assigned Permissions vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-streamparkApache StreamPark
CWE ID-CWE-279
Incorrect Execution-Assigned Permissions
CVE-2025-27821
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.86% / 54.10%
||
7 Day CHG~0.00%
Published-26 Jan, 2026 | 09:44
Updated-27 Jan, 2026 | 20:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HDFS native client: Out of bounds write in URI parser of native HDFS client

Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-hadoopHDFS native client
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-43869
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.63% / 45.85%
||
7 Day CHG+0.34%
Published-05 May, 2026 | 07:25
Updated-01 Jul, 2026 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Thrift: TSSLTransportFactory.java hostname verification

Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Apache Software Foundation
Product-thriftApache ThriftOpenShift Service Mesh 2Cryostat 4 on RHEL 9Red Hat OpenStack Platform 18.0Red Hat Advanced Cluster Management for Kubernetes 2.15Multicluster Global Hub 1.3.4Multicluster Global Hub 1.6.2Multicluster Global Hub 1.7.1Red Hat Advanced Cluster Management for Kubernetes 2.16Red Hat AI Inference ServerRed Hat Fuse 7Red Hat Advanced Cluster Management for Kubernetes 2.13Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Advanced Cluster Management for Kubernetes 2Multicluster Global HubRed Hat OpenShift distributed tracing 3.10.1Red Hat OpenShift distributed tracing 3Red Hat Data Grid 8Red Hat OpenShift Container Platform 4Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1Red Hat Enterprise Linux 8Multicluster Global Hub 1.5.4Red Hat build of Apache Camel 4 for Quarkus 3Red Hat OpenShift AI (RHOAI)Multicluster Global Hub 1.4.5
CWE ID-CWE-295
Improper Certificate Validation
CWE ID-CWE-297
Improper Validation of Certificate with Host Mismatch
CVE-2026-4177
Matching Score-8
Assigner-CPAN Security Group
ShareView Details
Matching Score-8
Assigner-CPAN Security Group
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 34.44%
||
7 Day CHG-0.07%
Published-16 Mar, 2026 | 22:30
Updated-30 Jun, 2026 | 03:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n->type_id in place, corrupting shared node data. A memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return.

Action-Not Available
Vendor-toddrTODDRRed Hat, Inc.
Product-yaml\YAML::SyckRed Hat Enterprise Linux Server Optional (v. 7 ELS)Red Hat Enterprise Linux CRB (v. 8)Red Hat Enterprise Linux 6
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-41605
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.97% / 57.41%
||
7 Day CHG+0.42%
Published-28 Apr, 2026 | 09:20
Updated-30 Jun, 2026 | 03:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Thrift: Swift Compact Protocol integer overflow

Integer Overflow or Wraparound vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software FoundationRed Hat, Inc.
Product-thriftApache ThriftRed Hat OpenShift AI (RHOAI)Multicluster Global Hub 1.3.4Red Hat OpenShift Container Platform 4Multicluster Global Hub 1.5.4Multicluster Global Hub 1.4.5Red Hat OpenShift GitOpsRed Hat AI Inference ServerRed Hat OpenShift distributed tracing 3Red Hat Enterprise Linux AI (RHEL AI) 3Red Hat Advanced Cluster Management for Kubernetes 2.15Multicluster Global Hub 1.6.2OpenShift Service Mesh 2Red Hat OpenShift distributed tracing 3.9.3
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-38709
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-3.91% / 89.03%
||
7 Day CHG~0.00%
Published-04 Apr, 2024 | 19:19
Updated-04 Nov, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: HTTP response splitting

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

Action-Not Available
Vendor-Fedora ProjectBroadcom Inc.Apple Inc.The Apache Software FoundationDebian GNU/LinuxNetApp, Inc.
Product-http_serverdebian_linuxontap_toolsfabric_operating_systemfedoramacosontapApache HTTP Serverhttp_server
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2026-39892
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.65% / 46.71%
||
7 Day CHG+0.13%
Published-08 Apr, 2026 | 20:49
Updated-01 Jul, 2026 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
cryptography has a buffer overflow if non-contiguous buffers were passed to APIs

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulnerability is fixed in 46.0.7.

Action-Not Available
Vendor-cryptography.iopycaRed Hat, Inc.
Product-cryptographycryptographyRed Hat Ansible Automation Platform 2.6 for RHEL 9Lightspeed CoreRed Hat AI Inference ServerRed Hat Quay 3Red Hat AI Inference Server 3.3Red Hat Ansible Automation Platform 2.5 for RHEL 8Red Hat Quay 3.16Red Hat OpenShift AI 2.25Red Hat Quay 3.9Red Hat Trusted Artifact Signer 1.4Red Hat Ansible Automation Platform 2.5 for RHEL 9Red Hat Enterprise Linux 9Red Hat Enterprise Linux AI (RHEL AI) 3Red Hat Quay 3.17Red Hat Ansible Automation Platform 2Red Hat Enterprise Linux 8Red Hat Satellite 6Red Hat Quay 3.14Red Hat Quay 3.12Red Hat Discovery 2Red Hat Ansible Automation Platform 2.6 for RHEL 10Migration Toolkit for Applications 8OpenShift LightspeedRed Hat Ansible Automation Platform 2.6Red Hat Quay 3.10Red Hat Hardened ImagesRed Hat OpenShift AI (RHOAI)Red Hat Quay 3.15Red Hat Ansible Automation Platform Ansible Core 2
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2026-7324
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.3||HIGH
EPSS-0.30% / 21.68%
||
7 Day CHG-0.00%
Published-28 Apr, 2026 | 13:49
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory safety bugs fixed in Thunderbird 150.0.1

Memory safety bugs present in Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1 and Thunderbird 150.0.1.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxthunderbirdThunderbirdFirefoxRed Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2026-3099
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.36% / 27.50%
||
7 Day CHG~0.00%
Published-12 Mar, 2026 | 13:53
Updated-01 May, 2026 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libsoup: libsoup: authentication bypass via digest authentication replay attack

A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count (nc) attribute. This vulnerability allows a remote attacker to capture a single valid authentication header and replay it repeatedly. Consequently, the attacker can bypass authentication and gain unauthorized access to protected resources, impersonating the legitimate user.

Action-Not Available
Vendor-The GNOME ProjectRed Hat, Inc.
Product-enterprise_linuxlibsoupRed Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9
CWE ID-CWE-323
Reusing a Nonce, Key Pair in Encryption
CVE-2026-29168
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.63% / 45.69%
||
7 Day CHG~0.00%
Published-05 May, 2026 | 13:10
Updated-06 May, 2026 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_md unrestricted OCSP response

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's  mod_md via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-http_serverApache HTTP Server
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-2635
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-7.3||HIGH
EPSS-0.97% / 57.52%
||
7 Day CHG-0.16%
Published-20 Feb, 2026 | 22:25
Updated-30 Jun, 2026 | 12:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MLflow Use of Default Password Authentication Bypass Vulnerability

MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the basic_auth.ini file. The file contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of the administrator. Was ZDI-CAN-28256.

Action-Not Available
Vendor-MLflowRed Hat, Inc.
Product-MLflowRed Hat OpenShift AI (RHOAI)
CWE ID-CWE-1393
Use of Default Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-25990
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.37% / 28.70%
||
7 Day CHG-0.00%
Published-11 Feb, 2026 | 20:53
Updated-01 Jul, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pillow has an out-of-bounds write when loading PSD images

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1.

Action-Not Available
Vendor-python-pillowRed Hat, Inc.Python Software Foundation
Product-pillowPillowRed Hat Enterprise Linux 7Red Hat Ansible Automation Platform 2.6 for RHEL 9Red Hat AI Inference ServerRed Hat AI Inference Server 3.3Red Hat Satellite 6.16 for RHEL 9Red Hat Satellite 6.16 for RHEL 8Red Hat Ansible Automation Platform 2.5 for RHEL 8Red Hat Quay 3.16Red Hat OpenShift AI 3.3Red Hat OpenShift AI 2.25Red Hat Quay 3.9Red Hat Ansible Automation Platform 2.5 for RHEL 9Red Hat Enterprise Linux AI (RHEL AI) 3Red Hat Satellite 6.18 for RHEL 9Red Hat Ansible Automation Platform 2Red Hat AI Inference Server 3.2Red Hat Ansible Automation Platform 2.5Red Hat Satellite 6.17 for RHEL 9Red Hat Enterprise Linux 8Red Hat Satellite 6Red Hat Quay 3.12OpenShift LightspeedRed Hat Ansible Automation Platform 2.6 for RHEL 10Red Hat Ansible Automation Platform 2.6Red Hat Quay 3.10Red Hat OpenShift AI (RHOAI)Red Hat Quay 3.15
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-2033
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-7.3||HIGH
EPSS-1.68% / 74.16%
||
7 Day CHG-0.12%
Published-20 Feb, 2026 | 22:12
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability

MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26649.

Action-Not Available
Vendor-MLflowRed Hat, Inc.
Product-MLflowRed Hat OpenShift AI (RHOAI)
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2026-12773
Matching Score-8
Assigner-VulDB
ShareView Details
Matching Score-8
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.61% / 44.92%
||
7 Day CHG+0.01%
Published-21 Jun, 2026 | 03:15
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BerriAI litellm MCP Proxy user_api_key_auth_mcp.py UserAPIKeyAuth improper authentication

A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function UserAPIKeyAuth of the file litellm/proxy/_experimental/mcp_server/auth/user_api_key_auth_mcp.py of the component MCP Proxy. Executing a manipulation can lead to improper authentication. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-litellmBerriAIRed Hat, Inc.
Product-litellmlitellmExploit IntelligenceRed Hat Ansible Automation Platform 2Red Hat OpenShift AI (RHOAI)
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-303
Incorrect Implementation of Authentication Algorithm
CVE-2024-47561
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.2||CRITICAL
EPSS-3.28% / 86.91%
||
7 Day CHG~0.00%
Published-03 Oct, 2024 | 10:23
Updated-10 Jul, 2025 | 21:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Avro Java SDK: Arbitrary Code Execution when reading Avro schema (Java SDK)

Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4  or 1.12.0, which fix this issue.

Action-Not Available
Vendor-NetApp, Inc.The Apache Software Foundation
Product-avrobrocade_san_navigatoractive_iq_unified_managerApache Avro Java SDKavro
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-59118
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-1.57% / 72.28%
||
7 Day CHG~0.00%
Published-12 Nov, 2025 | 09:15
Updated-13 Nov, 2025 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache OFBiz: Critical Remote Command Execution via Unrestricted File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.03. Users are recommended to upgrade to version 24.09.03, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-ofbizApache OFBiz
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-51427
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.53% / 40.80%
||
7 Day CHG+0.16%
Published-19 May, 2026 | 00:00
Updated-30 Jun, 2026 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'].

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-n/aRed Hat OpenShift AI (RHOAI)
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-46701
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-2.61% / 83.51%
||
7 Day CHG~0.00%
Published-29 May, 2025 | 19:06
Updated-03 Nov, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: Security constraint bypass for CGI scripts

Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-178
Improper Handling of Case Sensitivity
CVE-2020-35452
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-53.19% / 98.85%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 07:10
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mod_auth_digest possible stack overflow by one nul byte

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow

Action-Not Available
Vendor-The Apache Software FoundationFedora ProjectDebian GNU/LinuxOracle Corporation
Product-http_serverdebian_linuxinstantis_enterprisetrackfedorazfs_storage_appliance_kitenterprise_manager_ops_centerApache HTTP Server
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-36448
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.70% / 48.60%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 09:53
Updated-13 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache IoTDB Workbench: SSRF Vulnerability (EOL)

** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-The Apache Software Foundation
Product-iotdb_workbenchApache IoTDB Workbench
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-42584
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.3||HIGH
EPSS-0.63% / 45.88%
||
7 Day CHG+0.21%
Published-13 May, 2026 | 18:10
Updated-01 Jul, 2026 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netty: HttpClientCodec response desynchronization

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll() once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103, then 200 with GET body, then 200 for HEAD, the queue pairs HEAD with the first 200. The HEAD rule then skips reading that message’s body, so the GET entity bytes stay on the stream and the following 200 is parsed from the wrong offset. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.

Action-Not Available
Vendor-io.nettyRed Hat, Inc.The Netty Project
Product-nettynettynetty-codec-httpCryostat 4 on RHEL 9Red Hat OpenShift Dev Spaces 3.28Red Hat OpenShift Dev SpacesRed Hat build of Apicurio Registry 2Red Hat Build of KeycloakRed Hat Process Automation 7Red Hat AMQ ClientsRed Hat Fuse 7Red Hat build of Quarkus 3.33.2Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat OpenShift AI (RHOAI)Red Hat build of Apicurio Registry 3Red Hat Enterprise Linux AI (RHEL AI) 3Red Hat build of Apache Camel for Spring Boot 4Red Hat Data Grid 8streams for Apache Kafka 3Red Hat build of Debezium 3Red Hat JBoss Enterprise Application Platform 7Red Hat Satellite 6OpenShift Serverlessstreams for Apache Kafka 2Red Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3Red Hat AMQ Broker 7Red Hat JBoss Enterprise Application Platform 8Red Hat build of OptaPlanner 8Red Hat build of Quarkus 3.27.4
CWE ID-CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVE-2025-61735
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.50% / 39.08%
||
7 Day CHG+0.01%
Published-02 Oct, 2025 | 09:47
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Kylin: Server-Side Request Forgery

Server-Side Request Forgery (SSRF) vulnerability in Apache Kylin. This issue affects Apache Kylin: from 4.0.0 through 5.0.2. You are fine as long as the Kylin's system and project admin access is well protected. Users are recommended to upgrade to version 5.0.3, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-kylinApache Kylin
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-29226
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.47% / 37.49%
||
7 Day CHG~0.00%
Published-19 May, 2026 | 09:19
Updated-19 May, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache OFBiz: Low-Privilege SSRF in Content Component

Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz via Content component operations. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-ofbizApache OFBiz
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-29131
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-2.05% / 78.93%
||
7 Day CHG~0.00%
Published-21 Mar, 2024 | 09:07
Updated-01 May, 2025 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.

Action-Not Available
Vendor-NetApp, Inc.Fedora ProjectThe Apache Software Foundation
Product-commons_configurationfedoraontap_toolssnapcenterApache Commons Configurationcommons_configuration
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-29007
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.78% / 51.59%
||
7 Day CHG~0.00%
Published-04 Apr, 2024 | 07:49
Updated-02 Sep, 2025 | 21:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache CloudStack: When downloading templates or ISOs, the management server and SSVM follow HTTP redirects with potentially dangerous consequences

The CloudStack management server and secondary storage VM could be tricked into making requests to restricted or random resources by means of following 301 HTTP redirects presented by external servers when downloading templates or ISOs. Users are recommended to upgrade to version 4.18.1.1 or 4.19.0.1, which fixes this issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-cloudstackApache CloudStackcloudstack
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-1233
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.3||HIGH
EPSS-0.78% / 51.35%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 07:01
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Eap: wildfly-elytron has a ssrf security issue

A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 8.0 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9Red Hat JBoss Enterprise Application PlatformRed Hat JBoss Enterprise Application Platform 8Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-6236
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.3||HIGH
EPSS-0.33% / 24.65%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 01:04
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Eap: oidc app attempting to access the second tenant, the user should be prompted to log

A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in OidcSessionTokenStore when determining if a cached token should be used or not. This logic needs to be updated to take into account the new "provider-url" option in addition to the "realm" option. EAP-7 does not provide the vulnerable provider-url configuration option in its OIDC implementation and is not affected by this flaw.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat JBoss Enterprise Application Platform 7Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 8
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2023-49250
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.70% / 48.78%
||
7 Day CHG~0.00%
Published-20 Feb, 2024 | 10:00
Updated-18 Mar, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil

Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle (MITM) attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-dolphinschedulerApache DolphinSchedulerdolphinscheduler
CWE ID-CWE-295
Improper Certificate Validation
  • Previous
  • 1
  • 2
  • Next
Details not found