Red hat enterprise linux ai

This hub aggregates every CVE we track for Red hat enterprise linux ai, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat enterprise linux ai.

• CVE-2026-33812Excessive memory allocation when decoding malicious SFNT in golang.org/x/image6.1Apr 21, 2026
• CVE-2026-40962FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.4.9Apr 16, 2026
• CVE-2026-40192Pillow is vulnerable to a FITS GZIP decompression bomb7.5Apr 15, 2026
• CVE-2026-34734HDF5: H5T__conv_struct Use After Free7.8Apr 9, 2026
• CVE-2026-32281Inefficient policy validation in crypto/x5097.5Apr 8, 2026
• CVE-2026-32280Unexpected work during chain building in crypto/x5097.5Apr 8, 2026
• CVE-2026-32283Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls7.5Apr 8, 2026
• CVE-2026-32288Unbounded allocation for old GNU sparse in archive/tar5.5Apr 8, 2026
• CVE-2026-27143Missing bound checks can lead to memory corruption in safe Go in cmd/compile9.8Apr 8, 2026
• CVE-2026-33810Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x5098.2Apr 8, 2026
• CVE-2026-32289JsBraceDepth Context Tracking Bugs (XSS) in html/template6.1Apr 8, 2026
• CVE-2026-32282TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix6.4Apr 8, 2026
• CVE-2026-35536In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.set_cookie were not checked for crafted characters.7.2Apr 3, 2026
• CVE-2026-33699pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream7.5Mar 26, 2026
• CVE-2026-33809OOM from malicious IFD offset in golang.org/x/image/tiff5.3Mar 25, 2026