Red os
This hub aggregates every CVE we track for Red os, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
9,031
CVEs tracked
503
Critical
3,490
High
70
In CISA KEV
Severity distribution
MEDIUM4,678HIGH3,490CRITICAL503LOW360
Monthly trend
337
216
303
247
255
193
156
207
241
287
154
394
235
176
111
103
96
122
110
219
135
28
6
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Red os.
- BDU:2026-08412Уязвимость параметра cli_history инструмента командной строки для взаимодействия с сервисами Amazon Web Services AWS CLI, позволяющая нарушителю вызвать отказ в обслуживании5.9
- CVE-2024-21944Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root o...5.3
- CVE-2026-46520ImageMagick: Heap Buffer Over-Write in IPL decoder when reading multiple images of different dimensions7.5
- CVE-2026-45664ImageMagick: Policy Bypass in MNG coder could5.3
- BDU:2026-07974Уязвимость функционала форматирования модуля парсера SQL для Python Sqlparse, позволяющая нарушителю вызвать отказ в обслуживании5.3
- CVE-2026-46243smb: client: reject userspace cifs.spnego descriptions7.1
- CVE-2026-44881Portainer: Arbitrary File Read via Git Symlink Injection in Stack Auto-Update9.9
- CVE-2026-44848Portainer: Missing authorization on Docker plugin endpoints allows host RCE8.8
- CVE-2026-44849Portainer: Endpoint security bypass via Swarm service create/update8.8
- CVE-2026-44850Portainer: Bind-mount restriction bypass via HostConfig.Mounts8.5
- CVE-2026-44882Portainer: Kubernetes middleware continues after token validation failure, bypassing endpoint authorization8.1
- BDU:2026-07378Уязвимость функции skb_gro_receive() ядра операционных систем Linux, позволяющая нарушителю, позволяющая нарушителю получить root-привилегии7.8
- CVE-2026-46300net: skbuff: preserve shared-frag marker during coalescing7.8
- CVE-2026-9256NGINX ngx_http_rewrite_module vulnerability8.1
- CVE-2026-46333ptrace: slightly saner 'get_dumpable()' logic7.1
Product normalization is registry-driven with AI assist and human review. How it works