Red hat satellite 6

This hub aggregates every CVE we track for Red hat satellite 6, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat satellite 6.

• CVE-2026-12515Katello: missing repository authorization in content_uploads exposes cross-product content existence4.3Jun 17, 2026
• CVE-2026-44604Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command7.0May 28, 2026
• CVE-2026-48864Libsolv: heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data7.8May 26, 2026
• CVE-2026-9149Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file6.5May 20, 2026
• CVE-2026-9150Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums6.5May 20, 2026
• CVE-2026-1961Forman: foreman: remote code execution via command injection in websocket proxy8.0Mar 26, 2026
• CVE-2026-4324Rubygem-katello: katello: denial of service and potential information disclosure via sql injection5.4Mar 17, 2026
• CVE-2026-0980Rubyipmi: red hat satellite: remote code execution in rubyipmi via malicious bmc username8.3Feb 27, 2026
• CVE-2026-1530Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation8.1Feb 2, 2026
• CVE-2026-1531Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification8.1Feb 2, 2026
• CVE-2026-0603Org.hibernate/hibernate-core: hibernate: information disclosure and data deletion via second-order sql injection8.3Jan 23, 2026
• CVE-2025-12790Rubygem-mqtt: rubygem-mqtt hostname validation7.4Nov 6, 2025
• CVE-2025-10622Foreman: os command injection via ct_location and fcct_location parameters8.0Nov 5, 2025
• CVE-2025-3931Yggdrasil: local privilege escalation in yggdrasil7.8May 14, 2025
• CVE-2025-4574Crossbeam-channel: crossbeam-channel vulnerable to double free on drop6.5May 13, 2025