Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Red Hat Enterprise Linux 10 — Vulnerabilities & Security Advisories 83

All 83 CVE vulnerabilities found in Red Hat Enterprise Linux 10, with AI-generated Chinese analysis, references, and POCs.

This page is a vulnerability aggregation resource for Red Hat Enterprise Linux 10, focusing on Common Weakness Enumeration (CWE) identifiers. It compiles security issues affecting this specific enterprise operating system version, covering reported weaknesses from their initial disclosure through to current status updates. The collection includes a comprehensive range of vulnerability types, such as buffer overflows, injection flaws, and permission bypasses, providing a holistic view of the security landscape for this software platform. Here, users can track vendor advisories issued by Red Hat to understand the context and severity of reported issues. The page serves as a historical record, allowing security professionals to look up a product's vulnerability history and identify trends in how specific weakness classes have impacted the system over time. By aggregating these details, the resource facilitates better risk assessment and remediation planning. Readers can gain insights into the nature of the defects found in Red Hat Enterprise Linux 10, understand the associated Common Weakness Enumeration classifications, and monitor the progress of security patches. This structured approach ensures that administrators and analysts have access to accurate, centralized information regarding the security posture of the operating system. The data is presented to support informed decision-making in maintaining system integrity and compliance, without relying on marketing language or speculative content.

Vendor: Red Hat

CVE IDTitleCVSSSeverityPublished
CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability CWE-475 7.5 High2026-05-18
CVE-2026-4802 Cockpit: cockpit: arbitrary command execution via crafted links in system logs ui CWE-78 8.0 High2026-05-11
CVE-2026-6420 Keylime: keylime: security bypass due to hardcoded tpm quote nonce CWE-1241 6.3 Medium2026-05-06
CVE-2026-34002 Xorg: xwayland: x.org x server: information disclosure or denial of service via out-of-bounds read in xkb modifier map handling CWE-805 6.1 Medium2026-05-05
CVE-2026-34000 Xwayland: xorg: x.org x server: information disclosure and denial of service via out-of-bounds read in xkb geometry processing. CWE-125 6.1 Medium2026-05-05
CVE-2026-2708 Libsoup: libsoup: http request smuggling via duplicate content-length headers CWE-444 3.7 Low2026-04-23
CVE-2026-34003 Xorg: xwayland: x.org x server: information exposure and denial of service via out-of-bounds memory access CWE-125 7.8 High2026-04-23
CVE-2026-34001 Xorg: xwayland: x.org x server: use-after-free vulnerability leads to server crash and potential memory corruption CWE-825 7.8 High2026-04-23
CVE-2026-33999 Xorg: xwayland: x.org x server: denial of service via integer underflow in xkb compatibility map handling CWE-191 7.8 High2026-04-23
CVE-2026-6862 Efivar: efivar: denial of service due to stack overflow in device path node parsing CWE-674 5.5 Medium2026-04-22
CVE-2026-6861 Emacs: emacs: memory corruption vulnerability when processing svg css CWE-193 6.1 Medium2026-04-22
CVE-2026-6846 Binutils: binutils: arbitrary code execution via malformed xcoff object file processing CWE-122 7.8 High2026-04-22
CVE-2026-6844 Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files CWE-400 5.5 Medium2026-04-22
CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service CWE-134 5.5 Medium2026-04-22
CVE-2026-6845 Binutils: binutils: denial of service via crafted elf file CWE-476 5.0 Medium2026-04-22
CVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions CWE-732 2.5 Low2026-04-22
CVE-2026-6507 Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing CWE-787 7.5 High2026-04-17
CVE-2026-6245 Sssd: out-of-bounds read in the sssd CWE-805 5.5 Medium2026-04-15
CVE-2026-4878 Libcap: libcap: privilege escalation via toctou race condition in cap_set_file() CWE-367 6.7 Medium2026-04-09
CVE-2026-4631 Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection CWE-78 9.8 Critical2026-04-07
CVE-2026-5704 Tar: tar: hidden file injection via crafted archives CWE-434 5.0 Medium2026-04-06
CVE-2026-5673 Libtheora: libtheora: denial of service or information disclosure via malformed avi file processing CWE-125 5.6 Medium2026-04-06
CVE-2026-35094 Libinput: libinput: information disclosure via dangling pointer in lua plugin handling CWE-825 3.3 Low2026-04-01
CVE-2026-35093 Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins CWE-94 8.8 High2026-04-01
CVE-2026-35092 Corosync: corosync: denial of service via integer overflow in join message validation CWE-190 7.5 High2026-04-01
CVE-2026-35091 Corosync: corosync: denial of service and information disclosure via crafted udp packet CWE-253 8.2 High2026-04-01
CVE-2026-5201 Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image CWE-122 7.5 High2026-03-31
CVE-2026-5165 Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset CWE-825 6.7 Medium2026-03-30
CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request CWE-120 6.7 Medium2026-03-30
CVE-2026-5119 Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment CWE-319 5.9 Medium2026-03-30

All 83 known CVE vulnerabilities affecting Red Hat Enterprise Linux 10 with full Chinese analysis, references, and POCs where available.