Openshift ai

This hub aggregates every CVE we track for Openshift ai, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Openshift ai.

• CVE-2026-40192Pillow is vulnerable to a FITS GZIP decompression bomb7.5Apr 15, 2026
• CVE-2026-5483Odh-dashboard: odh dashboard kubernetes service account exposure8.5Apr 10, 2026
• CVE-2026-32281Inefficient policy validation in crypto/x5097.5Apr 8, 2026
• CVE-2025-12805Llama-stack-k8s-operator: llama stack service exposed across namespaces due to missing networkpolicy8.1Mar 26, 2026
• CVE-2026-33056tar-rs: unpack_in can chmod arbitrary directories by following symlinks6.5Mar 20, 2026
• CVE-2026-31958Tornado has a DoS due to too many multipart parts7.5Mar 11, 2026
• CVE-2026-27024pypdf has a possible infinite loop when processing TreeObject5.5Feb 20, 2026
• CVE-2026-25727time affected by a stack exhaustion denial of service attack6.5Feb 6, 2026
• CVE-2026-1761Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response8.6Feb 2, 2026
• CVE-2026-1299email BytesGenerator header injection due to unquoted newlines7.1Jan 23, 2026
• CVE-2025-12781base64.b64decode() always accepts "+/" characters, despite setting altchars5.3Jan 21, 2026
• CVE-2025-15367POP3 command injection in user-controlled commands5.5Jan 20, 2026
• CVE-2025-15366IMAP command injection in user-controlled commands5.5Jan 20, 2026
• CVE-2026-23490pyasn1 has a DoS vulnerability in decoder7.5Jan 16, 2026
• CVE-2025-66471urllib3 Streaming API improperly handles highly compressed data7.5Dec 5, 2025