Red hat update infrastructure
This hub aggregates every CVE we track for Red hat update infrastructure, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
15
CVEs tracked
0
Critical
9
High
0
In CISA KEV
Severity distribution
HIGH9MEDIUM5LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
2
7
1
3
0
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat update infrastructure.
- CVE-2026-5121Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing7.5
- CVE-2026-4519webbrowser.open() allows leading dashes in URLs3.3
- CVE-2026-4424Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing7.5
- CVE-2025-14831Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification5.3
- CVE-2026-1299email BytesGenerator header injection due to unquoted newlines7.1
- CVE-2025-15367POP3 command injection in user-controlled commands5.5
- CVE-2025-15366IMAP command injection in user-controlled commands5.5
- CVE-2025-15281wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory7.5
- CVE-2026-23490pyasn1 has a DoS vulnerability in decoder7.5
- CVE-2026-0861Integer overflow in memalign leads to heap corruption8.4
- CVE-2026-22801LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*6.8
- CVE-2025-66471urllib3 Streaming API improperly handles highly compressed data7.5
- CVE-2025-13836Excessive read buffering DoS in http.client7.5
- CVE-2025-6075Quadratic complexity in os.path.expandvars() with user-controlled template5.5
- CVE-2025-59375libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.7.5
Product normalization is registry-driven with AI assist and human review. How it works