Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Red Hat Enterprise Linux 10 — Vulnerabilities & Security Advisories 80

All 80 CVE vulnerabilities found in Red Hat Enterprise Linux 10, with AI-generated Chinese analysis, references, and POCs.

Vendor: Red Hat

CVE IDTitleCVSSSeverityPublished
CVE-2026-42011 Gnutls: gnutls: security bypass due to incorrect name constraint handling CWE-295 7.4 High2026-05-07
CVE-2026-42010 Gnutls: gnutls: authentication bypass via nul character in username 7.1 High2026-05-07
CVE-2026-6420 Keylime: keylime: security bypass due to hardcoded tpm quote nonce CWE-1241 6.3 Medium2026-05-06
CVE-2026-34002 Xorg: xwayland: x.org x server: information disclosure or denial of service via out-of-bounds read in xkb modifier map handling CWE-805 6.1 Medium2026-05-05
CVE-2026-34000 Xwayland: xorg: x.org x server: information disclosure and denial of service via out-of-bounds read in xkb geometry processing. CWE-125 6.1 Medium2026-05-05
CVE-2026-2708 Libsoup: libsoup: http request smuggling via duplicate content-length headers CWE-444 3.7 Low2026-04-23
CVE-2026-34003 Xorg: xwayland: x.org x server: information exposure and denial of service via out-of-bounds memory access CWE-125 7.8 High2026-04-23
CVE-2026-34001 Xorg: xwayland: x.org x server: use-after-free vulnerability leads to server crash and potential memory corruption CWE-825 7.8 High2026-04-23
CVE-2026-33999 Xorg: xwayland: x.org x server: denial of service via integer underflow in xkb compatibility map handling CWE-191 7.8 High2026-04-23
CVE-2026-6862 Efivar: efivar: denial of service due to stack overflow in device path node parsing CWE-674 5.5 Medium2026-04-22
CVE-2026-6861 Emacs: emacs: memory corruption vulnerability when processing svg css CWE-193 6.1 Medium2026-04-22
CVE-2026-6846 Binutils: binutils: arbitrary code execution via malformed xcoff object file processing CWE-122 7.8 High2026-04-22
CVE-2026-6844 Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files CWE-400 5.5 Medium2026-04-22
CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service CWE-134 5.5 Medium2026-04-22
CVE-2026-6845 Binutils: binutils: denial of service via crafted elf file CWE-476 5.0 Medium2026-04-22
CVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions CWE-732 2.5 Low2026-04-22
CVE-2026-6507 Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing CWE-787 7.5 High2026-04-17
CVE-2026-6245 Sssd: out-of-bounds read in the sssd CWE-805 5.5 Medium2026-04-15
CVE-2026-4878 Libcap: libcap: privilege escalation via toctou race condition in cap_set_file() CWE-367 6.7 Medium2026-04-09
CVE-2026-4631 Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection CWE-78 9.8 Critical2026-04-07
CVE-2026-5704 Tar: tar: hidden file injection via crafted archives CWE-434 5.0 Medium2026-04-06
CVE-2026-5673 Libtheora: libtheora: denial of service or information disclosure via malformed avi file processing CWE-125 5.6 Medium2026-04-06
CVE-2026-35094 Libinput: libinput: information disclosure via dangling pointer in lua plugin handling CWE-825 3.3 Low2026-04-01
CVE-2026-35093 Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins CWE-94 8.8 High2026-04-01
CVE-2026-35092 Corosync: corosync: denial of service via integer overflow in join message validation CWE-190 7.5 High2026-04-01
CVE-2026-35091 Corosync: corosync: denial of service and information disclosure via crafted udp packet CWE-253 8.2 High2026-04-01
CVE-2026-5201 Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image CWE-122 7.5 High2026-03-31
CVE-2026-5165 Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset CWE-825 6.7 Medium2026-03-30
CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request CWE-120 6.7 Medium2026-03-30
CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization CWE-279 5.5 Medium2026-03-27

All 80 known CVE vulnerabilities affecting Red Hat Enterprise Linux 10 with full Chinese analysis, references, and POCs where available.