Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Red Hat — Vulnerabilities & Security Advisories 691

Browse all 691 CVE security advisories affecting Red Hat. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

Top products by Red Hat: Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 6 Ansible keycloak Red Hat Enterprise Linux 9 Red Hat build of Keycloak 26.4 Red Hat Hardened Images Red Hat Enterprise Linux 7 glusterfs Red Hat Build of Keycloak kernel Red Hat build of Keycloak 26.2 newlib mirror registry for Red Hat OpenShift Red Hat Ansible Automation Platform 2.5 for RHEL 8 undertow OpenShift Red Hat Single Sign-On 7 samba Red Hat Advanced Cluster Security 4.2 Red Hat Quay 3 wildfly cloudforms ipa Red Hat Ansible Automation Platform 2.4 for RHEL 8 cfme Red Hat build of Apache Camel for Spring Boot 4 Red Hat Ansible Automation Platform 2 Ansible Tower
CVE IDTitleCVSSSeverityPublished
CVE-2026-3442 Binutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linker — Red Hat Enterprise Linux 10CWE-125 6.1 Medium2026-03-15
CVE-2026-4111 Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive — Red Hat Enterprise Linux 10CWE-835 7.5 High2026-03-13
CVE-2026-4105 Systemd: systemd: privilege escalation via improper access control in registermachine d-bus method — Red Hat Hardened ImagesCWE-284 6.7 Medium2026-03-13
CVE-2025-57849 Fuse: privilege escalation via excessive /etc/passwd permissions — Red Hat Fuse 7CWE-276 6.4 Medium2026-03-13
CVE-2025-8766 Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container — Red Hat Openshift Data Foundation 4CWE-276 6.4 Medium2026-03-13
CVE-2026-2376 Mirror-registry: quay: quay: server-side request forgery via open redirect vulnerability in web interface — mirror registry for Red Hat OpenShiftCWE-601 4.9 Medium2026-03-12
CVE-2026-3099 Libsoup: libsoup: authentication bypass via digest authentication replay attack — Red Hat Enterprise Linux 10CWE-323 5.8 Medium2026-03-12
CVE-2026-2366 Keycloak: keycloak: information disclosure via authorization bypass in admin api — Red Hat build of Keycloak 26.4CWE-639 3.1 Low2026-03-12
CVE-2026-3234 Mod_proxy_cluster: mod_proxy_cluster: response body corruption via crlf injection — Red Hat Enterprise Linux 10CWE-93 4.3 Medium2026-03-12
CVE-2026-3429 Org.keycloak.services.resources.account: improper access control leading to mfa deletion and account takeover in keycloak account rest api — Red Hat build of Keycloak 26.4CWE-284 4.2 Medium2026-03-11
CVE-2026-3911 Org.keycloak.services.resources.admin.userresource: keycloak: information disclosure of disabled user attributes via administrative endpoint — Red Hat build of Keycloak 26.4CWE-359 2.7 Low2026-03-11
CVE-2026-3047 Org.keycloak.broker.saml: keycloak saml broker: authentication bypass due to disabled saml client completing idp-initiated login — Red Hat build of Keycloak 26.2CWE-305 8.8 High2026-03-05
CVE-2026-3009 Org.keycloak/keycloak-services: improper enforcement of disabled identity provider in identitybrokerservice (authentication bypass) — Red Hat build of Keycloak 26.4CWE-863 8.1 High2026-03-05
CVE-2025-12801 Nfs-utils: rpc.mountd in the nfs-utils privilege escalation — Red Hat Enterprise Linux 10CWE-279 6.5 Medium2026-03-04
CVE-2026-0980 Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username — Red Hat Satellite 6.16 for RHEL 8CWE-78 8.3 High2026-02-27
CVE-2026-0871 Org.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administrators — Red Hat build of Keycloak 26.4CWE-266 4.9 Medium2026-02-27
CVE-2025-9909 Aap-gateway: improper path validation in gateway allows credential exfiltration — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-647 6.7 Medium2026-02-27
CVE-2025-9908 Event-driven-ansible: sensitive internal headers disclosure in aap eda event streams — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-200 6.7 Medium2026-02-27
CVE-2025-9907 Event-driven-ansible: event stream test mode exposes sensitive headers in aap eda — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-200 6.7 Medium2026-02-27
CVE-2026-28295 Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses — Red Hat Enterprise Linux 10CWE-918 4.3 Medium2026-02-26
CVE-2026-28296 Gvfs: ftp gvfs backend: arbitrary ftp command injection via crlf sequences in file paths — Red Hat Enterprise Linux 10CWE-93 4.3 Medium2026-02-26
CVE-2026-3118 Rhdh: graphql injection leading to platform-wide denial of service (dos) in rh developer hub orchestrator plugin — Red Hat Developer Hub 1.8CWE-89 6.5 Medium2026-02-25
CVE-2026-26104 Udisks: missing authorization check allows unprivileged users to back up luks headers via udisks d-bus api — Red Hat Enterprise Linux 10CWE-862 5.5 Medium2026-02-25
CVE-2026-26103 Udisks: missing authorization check allows unprivileged users to restore luks headers via udisks d-bus api — Red Hat Enterprise Linux 10CWE-862 7.1 High2026-02-25
CVE-2025-14905 389-ds-base: 389-ds-base: remote code execution and denial of service via heap buffer overflow — Red Hat Directory Server 11.5 E4S for RHEL 8CWE-122 7.2 High2026-02-23
CVE-2026-2733 Org.keycloak/keycloak-services: keycloak: missing check on disabled client for docker registry protocol — Red Hat build of Keycloak 26.4CWE-285 3.8 Low2026-02-19
CVE-2026-2443 Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure — Red Hat Enterprise Linux 10CWE-125 5.3 Medium2026-02-13
CVE-2026-26158 Busybox: busybox: arbitrary file modification and privilege escalation via unvalidated tar archive entries — Red Hat Hardened ImagesCWE-73 7.0 High2026-02-11
CVE-2026-26157 Busybox: busybox: arbitrary file overwrite and potential code execution via incomplete path sanitization — Red Hat Hardened ImagesCWE-73 7.0 High2026-02-11
CVE-2025-11537 Keycloak-server: sensitive headers shown in the http access logs — Red Hat Build of KeycloakCWE-117 5.0 Medium2026-02-10

This page lists every published CVE security advisory associated with Red Hat. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.