Openshift ai
This hub aggregates every CVE we track for Openshift ai, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
30
CVEs tracked
2
Critical
18
High
1
In CISA KEV
Severity distribution
HIGH18MEDIUM10CRITICAL2
Monthly trend
1
1
1
0
0
3
0
0
0
0
2
2
0
1
1
0
3
5
3
3
3
1
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Openshift ai.
- CVE-2026-42271LiteLLM: Authenticated command execution via MCP stdio test endpointsKEV8.8
- CVE-2026-40192Pillow is vulnerable to a FITS GZIP decompression bomb7.5
- CVE-2026-5483Odh-dashboard: odh dashboard kubernetes service account exposure8.5
- CVE-2026-32281Inefficient policy validation in crypto/x5097.5
- CVE-2025-12805Llama-stack-k8s-operator: llama stack service exposed across namespaces due to missing networkpolicy8.1
- CVE-2026-33056tar-rs: unpack_in can chmod arbitrary directories by following symlinks6.5
- CVE-2026-31958Tornado has a DoS due to too many multipart parts7.5
- CVE-2026-27024pypdf has a possible infinite loop when processing TreeObject5.5
- CVE-2026-25727time affected by a stack exhaustion denial of service attack6.5
- CVE-2026-1761Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response8.6
- CVE-2026-1299email BytesGenerator header injection due to unquoted newlines7.1
- CVE-2025-12781base64.b64decode() always accepts "+/" characters, despite setting altchars5.3
- CVE-2025-15367POP3 command injection in user-controlled commands5.5
- CVE-2025-15366IMAP command injection in user-controlled commands5.5
- CVE-2026-23490pyasn1 has a DoS vulnerability in decoder7.5
Product normalization is registry-driven with AI assist and human review. How it works