Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

RED HAT — Vulnerabilities & Security Advisories 733

Browse all 733 CVE security advisories affecting RED HAT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

Top products by RED HAT: Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 6 Ansible Red Hat Build of Keycloak Red Hat build of Keycloak 26.4 keycloak Red Hat Enterprise Linux 9 Red Hat Hardened Images Red Hat build of Keycloak 26.2 Red Hat Enterprise Linux 7 glusterfs kernel newlib undertow Red Hat Ansible Automation Platform 2.5 for RHEL 8 Red Hat Single Sign-On 7 OpenShift samba ipa wildfly cloudforms Red Hat Quay 3 cfme Red Hat Advanced Cluster Security 4.2 Red Hat Ansible Automation Platform 2.4 for RHEL 8 Red Hat Quay 3.14 Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Red Hat Ansible Automation Platform 2 Ansible Tower
CVE IDTitleCVSSSeverityPublished
CVE-2026-44604 Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command — Pen Drive Powered by Red Hat LightspeedCWE-78 7.0 High2026-05-28
CVE-2026-9802 Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart — Red Hat Build of KeycloakCWE-613 6.8 Medium2026-05-28
CVE-2026-9803 Keycloak: keycloak: denial of service via malformed authorization header — Red Hat Build of KeycloakCWE-125 5.3 Medium2026-05-28
CVE-2026-9801 Keycloak: keycloak: denial of service via malformed ldap password policy response — Red Hat Build of KeycloakCWE-1284 4.9 Medium2026-05-28
CVE-2026-9798 Keycloak: keycloak: brute-force protection bypass in ciba flow — Red Hat Build of KeycloakCWE-305 4.3 Medium2026-05-28
CVE-2026-9796 Keycloak: keycloak: privilege escalation via time-of-check to time-of-use (toctou) vulnerability — Red Hat Build of KeycloakCWE-367 6.5 Medium2026-05-28
CVE-2026-9795 Keycloak: keycloak: privilege escalation via improper scope mapping enforcement — Red Hat Build of KeycloakCWE-266 7.3 High2026-05-28
CVE-2026-9794 Keycloak: keycloak: information disclosure via saml ecp endpoint — Red Hat Build of KeycloakCWE-209 5.3 Medium2026-05-28
CVE-2026-9792 Keycloak: keycloak: security restriction bypass allows unauthorized ropc token acquisition — Red Hat Build of KeycloakCWE-280 6.5 Medium2026-05-28
CVE-2026-9793 Keycloak: keycloak: security policy bypass in jwe-encrypted request object processing — Red Hat Build of KeycloakCWE-347 5.9 Medium2026-05-28
CVE-2026-9791 Keycloak-rhel9: organization data leak after feature disabled in keycloak — Red Hat Build of KeycloakCWE-863 4.3 Medium2026-05-28
CVE-2026-9704 Keycloak: keycloak: privilege escalation due to oversized subject_token jwt — Red Hat Build of KeycloakCWE-1284 6.8 Medium2026-05-27
CVE-2026-1933 Samba: missing access check on reparse point operations — Red Hat Enterprise Linux 10CWE-284 7.1 High2026-05-27
CVE-2026-2340 Samba: vfs_worm does not block directory modification — Red Hat Enterprise Linux 10CWE-280 6.5 Medium2026-05-27
CVE-2026-9689 Keycloak: org.keycloak.protocol.oidc: http parameter pollution in oidc redirect uri allows response parameter duplication - #ghi-604 — Red Hat Build of KeycloakCWE-1288 4.2 Medium2026-05-27
CVE-2026-3012 Samba: group policy certificate enrollment uses http:// without validation — Red Hat Enterprise Linux 10CWE-345 8.0 High2026-05-27
CVE-2026-42013 Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name — Red Hat Enterprise Linux 8CWE-1284 8.2 High2026-05-26
CVE-2026-42015 Gnutls: gnutls: memory corruption due to off-by-one error in pkcs#12 bag handling — Red Hat Enterprise Linux 8CWE-193 5.3 Medium2026-05-26
CVE-2026-42012 Gnutls: gnutls: certificate validation bypass due to improper handling of uri and srv sans — Red Hat Enterprise Linux 8CWE-295 7.1 High2026-05-26
CVE-2026-5260 Gnutls: gnutls: information disclosure via heap overread in rsa key exchange — Red Hat Enterprise Linux 8CWE-1284 8.2 High2026-05-26
CVE-2026-48864 Libsolv: heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data — Red Hat Hardened ImagesCWE-787 7.8 High2026-05-26
CVE-2026-4480 Samba: samba: remote code execution in printing subsystem via unescaped job description — Red Hat Enterprise Linux 10CWE-78 8.5 High2026-05-26
CVE-2026-7374 Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability — Red Hat Container Native Virtualization 4.12CWE-59 9.9 Critical2026-05-26
CVE-2026-9149 Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file — Red Hat Enterprise Linux 10CWE-122 6.5 Medium2026-05-20
CVE-2026-9150 Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums — Red Hat Enterprise Linux 10CWE-121 6.5 Medium2026-05-20
CVE-2026-9087 Keycloak: cross-session email verification proof not bound to upstream identity in first-broker-login — Red Hat Build of KeycloakCWE-639 6.4 Medium2026-05-20
CVE-2026-9064 389-ds-base: 389-ds-base: unbounded ldap controls count in get_ldapmessage_controls_ext() causes cpu and heap amplification (remote dos) — Red Hat Directory Server 11CWE-770 7.5 High2026-05-20
CVE-2026-7571 Keycloak: keycloak: access token disclosure and implicit flow bypass via forged client data — Red Hat build of Keycloak 26.4CWE-472 7.1 High2026-05-19
CVE-2026-7507 Org.keycloak/keycloak-services: session fixation in oidc login flow that can lead to account takeover — Red Hat build of Keycloak 26.2CWE-290 7.5 High2026-05-19
CVE-2026-7504 Org.keycloak/keycloak-services: open redirect when using wildcard valid redirect uris in keycloak — Red Hat build of Keycloak 26.2CWE-601 8.1 High2026-05-19

This page lists every published CVE security advisory associated with RED HAT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.