Openshift container platform
This hub aggregates every CVE we track for Openshift container platform, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
460
CVEs tracked
73
Critical
184
High
11
In CISA KEV
Severity distribution
HIGH184MEDIUM180CRITICAL73LOW23
Monthly trend
5
6
6
1
0
3
1
3
2
1
8
12
0
2
0
1
4
11
5
17
18
14
3
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Openshift container platform.
- CVE-2026-55653Openssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of service4.3
- CVE-2026-1784Ose-cluster-ingress-operator: remote code execution through haproxy configuration injection8.8
- CVE-2026-10533Openshift: openshift: non-admin user can bypass resourcequota and flood etcd with events causing cluster-wide api degradation5.0
- CVE-2026-46579Openshift/router: openshift/router: mtls client certificate spoofing via unstripped x-ssl-client headers on http frontend7.4
- CVE-2026-42965Openshift/router: openshift/router: cloud metadata ssrf via fqdn-typed endpointslice bypasses destination validation7.7
- CVE-2026-4408Samba: remote code execution in samr9.0
- CVE-2026-1933Samba: missing access check on reparse point operations7.1
- CVE-2026-2340Samba: vfs_worm does not block directory modification6.5
- CVE-2026-3012Samba: group policy certificate enrollment uses http:// without validation8.0
- CVE-2026-48864Libsolv: heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data7.8
- CVE-2026-4480Samba: samba: remote code execution in printing subsystem via unescaped job description9.0
- CVE-2026-9149Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file6.5
- CVE-2026-9150Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums6.5
- CVE-2026-42009Gnutls: gnutls: denial of service via dtls packet reordering vulnerability7.5
- CVE-2026-41888Distribution: Tag deletion bypasses `storage.delete.enabled` configuration6.5
Product normalization is registry-driven with AI assist and human review. How it works