Red hat enterprise linux
This hub aggregates every CVE we track for Red hat enterprise linux, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
10,609
CVEs tracked
755
Critical
3,588
High
109
In CISA KEV
Severity distribution
MEDIUM5,788HIGH3,588CRITICAL755LOW478
Monthly trend
213
110
150
184
128
183
107
288
149
127
254
259
282
69
377
346
75
199
106
45
103
80
57
63
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat enterprise linux.
- CVE-2026-12549Libsoup: incomplete fix for cve-2026-2443: range suffix overflow in libsoup soupserver4.8
- CVE-2026-12725Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies5.9
- CVE-2026-56211Libaom: libaom: remote code execution via svc layer context handling with attacker-controlled frames7.1
- CVE-2026-56210Libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id7.1
- CVE-2026-56209Libaom: libaom: arbitrary address write via svc layer context oob and cyclic refresh map pointer hijack7.1
- CVE-2026-56208Libaom: libaom: heap buffer overflow in av1 encoder first-pass stats buffer via lap mode7.6
- CVE-2026-3195Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)7.4
- CVE-2026-3196Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation5.5
- CVE-2026-11791389-ds-base: 389-ds-base: use-after-free in schema reload via attr_syntax_swap_ht()5.0
- CVE-2026-12505Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall7.8
- CVE-2026-12528389-ds-base: 389-ds-base: heap-buffer-overflows in __aclp__normalize_acltxt()5.4
- CVE-2026-2604Evolution-data-server: evolution data server: arbitrary file deletion via inconsistent uri handling5.6
- CVE-2026-4367Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing5.5
- CVE-2026-10649Pacemaker: pacemaker: denial of service via integer overflow in remote message decompression8.6
- CVE-2026-42014Gnutls: fix use-after-free in gnutls_pkcs11_token_set_pin6.6
Product normalization is registry-driven with AI assist and human review. How it works