Red hat openshift lightspeed

This hub aggregates every CVE we track for Red hat openshift lightspeed, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat openshift lightspeed.

• CVE-2026-40192Pillow is vulnerable to a FITS GZIP decompression bomb7.5Apr 15, 2026
• CVE-2026-32281Inefficient policy validation in crypto/x5097.5Apr 8, 2026
• CVE-2026-32280Unexpected work during chain building in crypto/x5097.5Apr 8, 2026
• CVE-2026-32283Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls7.5Apr 8, 2026
• CVE-2026-32288Unbounded allocation for old GNU sparse in archive/tar5.5Apr 8, 2026
• CVE-2026-32289JsBraceDepth Context Tracking Bugs (XSS) in html/template6.1Apr 8, 2026
• CVE-2026-33810Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x5098.2Apr 8, 2026
• CVE-2026-35536In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.set_cookie were not checked for crafted characters.7.2Apr 3, 2026
• CVE-2026-33699pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream7.5Mar 26, 2026
• CVE-2026-25645Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function4.4Mar 25, 2026
• CVE-2026-33123pypdf has inefficient decoding of array-based streams6.5Mar 20, 2026
• CVE-2026-33056tar-rs: unpack_in can chmod arbitrary directories by following symlinks6.5Mar 20, 2026
• CVE-2026-31826pypdf: manipulated stream length values can exhaust RAM5.5Mar 10, 2026
• CVE-2026-27628pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams7.5Feb 25, 2026
• CVE-2026-27026pypdf possibly has long runtimes for malformed FlateDecode streams5.5Feb 20, 2026