Red hat build of openjdk
This hub aggregates every CVE we track for Red hat build of openjdk, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
46
CVEs tracked
1
Critical
11
High
0
In CISA KEV
Severity distribution
MEDIUM25HIGH11LOW9CRITICAL1
Monthly trend
4
0
0
0
0
0
0
0
0
3
0
0
2
0
0
0
0
1
3
1
1
7
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat build of openjdk.
- CVE-2026-34282Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Ja...7.5
- CVE-2026-34268Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java...2.9
- CVE-2026-22021Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:...5.3
- CVE-2026-22018Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Jav...3.7
- CVE-2026-22013Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE:...5.3
- CVE-2026-22007Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java...2.9
- CVE-2026-34757LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure5.1
- CVE-2026-23865An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR ...5.3
- CVE-2026-27171zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.2.9
- CVE-2026-22801LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*6.8
- CVE-2026-22693Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS5.3
- CVE-2026-22184zlib <= 1.3.1.2 untgz Global Buffer Overflow in TGZfname()9.8
- CVE-2025-66293LIBPNG has an out-of-bounds read in png_image_read_composite7.1
- CVE-2025-50106Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8...8.1
- CVE-2025-30749Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8...8.1
Product normalization is registry-driven with AI assist and human review. How it works