Ublinux
This hub aggregates every CVE we track for Ublinux, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
128
CVEs tracked
19
Critical
71
High
7
In CISA KEV
Severity distribution
HIGH71MEDIUM35CRITICAL19LOW3
Monthly trend
1
0
0
0
0
10
6
3
2
0
0
4
0
0
0
0
0
0
0
1
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Ublinux.
- CVE-2025-22873Improper access to parent directory of root in os3.8
- CVE-2025-6019Libblockdev: lpe from allow_active to root in libblockdev via udisks7.0
- CVE-2025-6021Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml27.5
- CVE-2025-49091KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed...8.2
- CVE-2025-49113Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload....KEV9.9
- CVE-2025-30232A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.8.1
- CVE-2025-27363An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and vari...KEV8.1
- CVE-2024-12797RFC7250 handshakes with unauthenticated servers don't abort as expected6.3
- CVE-2025-0725gzip integer overflow7.3
- CVE-2025-0665eventfd double close9.8
- CVE-2024-11741Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fi...4.3
- CVE-2025-21533Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.24 and prior to 7.1.6. Easily exploitable vulne...5.5
- CVE-2025-24014segmentation fault in win_line() in Vim < 9.1.10434.2
- CVE-2024-50349Git does not sanitize URLs when asking for credentials interactively4.7
- CVE-2024-52006Newline confusion in credential helpers can lead to credential exfiltration in git7.5
Product normalization is registry-driven with AI assist and human review. How it works