Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Red Hat — Vulnerabilities & Security Advisories 691

Browse all 691 CVE security advisories affecting Red Hat. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

Found 10 results / 691Clear Filters
Top products by Red Hat: Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 6 Ansible keycloak Red Hat Enterprise Linux 9 Red Hat build of Keycloak 26.4 Red Hat Hardened Images Red Hat Enterprise Linux 7 glusterfs Red Hat Build of Keycloak kernel Red Hat build of Keycloak 26.2 newlib mirror registry for Red Hat OpenShift Red Hat Ansible Automation Platform 2.5 for RHEL 8 undertow OpenShift Red Hat Single Sign-On 7 samba Red Hat Advanced Cluster Security 4.2 Red Hat Quay 3 wildfly cloudforms ipa Red Hat Ansible Automation Platform 2.4 for RHEL 8 cfme Red Hat build of Apache Camel for Spring Boot 4 Red Hat Ansible Automation Platform 2 Ansible Tower
CVE IDTitleCVSSSeverityPublished
CVE-2026-4636 Keycloak: keycloak: uma policy bypass allows authenticated users to gain unauthorized access to victim-owned resources. — Red Hat build of Keycloak 26.2CWE-551 8.1 High2026-04-02
CVE-2026-4282 Keycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flaw — Red Hat build of Keycloak 26.2CWE-653 7.4 High2026-04-02
CVE-2026-4325 Keycloak: keycloak: replay of action tokens via improper handling of single-use entries — Red Hat build of Keycloak 26.2CWE-653 5.3 Medium2026-04-02
CVE-2026-4634 Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters — Red Hat build of Keycloak 26.2CWE-1050 7.5 High2026-04-02
CVE-2026-3872 Keycloak: keycloak: information disclosure due to redirect_uri validation bypass — Red Hat build of Keycloak 26.2CWE-601 7.3 High2026-04-02
CVE-2026-2603 Keycloak: keycloak: unauthorized authentication via disabled saml identity provider — Red Hat build of Keycloak 26.2CWE-306 8.1 High2026-03-18
CVE-2026-2092 Keycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertions — Red Hat build of Keycloak 26.2CWE-1287 7.7 High2026-03-18
CVE-2026-3047 Org.keycloak.broker.saml: keycloak saml broker: authentication bypass due to disabled saml client completing idp-initiated login — Red Hat build of Keycloak 26.2CWE-305 8.8 High2026-03-05
CVE-2025-14778 Keycloak: incorrect ownership checks in /uma-policy/ — Red Hat build of Keycloak 26.2CWE-266 5.4 Medium2026-02-09
CVE-2026-1529 Org.keycloak.services.resources.organizations: keycloak: unauthorized organization registration via improper invitation token validation — Red Hat build of Keycloak 26.2CWE-347 8.1 High2026-02-09

This page lists every published CVE security advisory associated with Red Hat. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.