Red hat openshift virtualization 4

This hub aggregates every CVE we track for Red hat openshift virtualization 4, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat openshift virtualization 4.

• CVE-2026-9804Kubevirt: kubevirt: vmexport directory symlink escape enables exporter pod file read7.7May 28, 2026
• CVE-2026-6383Kubevirt: kubevirt: unauthorized subresource access due to improper rbac evaluation5.4Apr 15, 2026
• CVE-2025-14525Kubevirt: kubevirt: vm administration denial of service via guest agent6.4Jan 26, 2026
• CVE-2025-14459Virt-cdi-controller: unauthorized pvc cloning via dataimportcron8.5Jan 26, 2026
• CVE-2025-14946Libnbd: libnbd: arbitrary code execution via ssh argument injection through a malicious uri4.8Dec 19, 2025
• CVE-2025-57848Container-native-virtualization: privilege escalation via excessive /etc/passwd permissions5.2Oct 23, 2025
• CVE-2025-7195Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd5.2Aug 7, 2025
• CVE-2025-8556Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results3.7Aug 6, 2025
• CVE-2024-9355Golang-fips: golang fips zeroed buffer6.5Oct 1, 2024
• CVE-2024-4467Qemu-kvm: 'qemu-img info' leads to host file read/write7.8Jul 2, 2024
• CVE-2024-3727Containers/image: digest type does not guarantee valid type8.3May 9, 2024
• CVE-2024-31420Cnv: dos through repeatedly calling vm-dump-metrics until virt handler crashes6.5Apr 3, 2024
• CVE-2024-31419Cnv: information disclosure through the usage of vm-dump-metrics4.3Apr 3, 2024
• CVE-2024-1394Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads7.5Mar 21, 2024
• CVE-2023-3089Ocp & fips mode7.0Jul 5, 2023