Red hat enterprise linux
This hub aggregates every CVE we track for Red hat enterprise linux, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
10,663
CVEs tracked
768
Critical
3,602
High
109
In CISA KEV
Severity distribution
MEDIUM5,814HIGH3,602CRITICAL768LOW479
Monthly trend
110
150
184
128
183
107
288
149
127
254
259
282
69
377
346
75
199
107
45
118
80
57
87
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat enterprise linux.
- CVE-2026-58016Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"7.5
- CVE-2026-58015Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive5.9
- CVE-2026-58014Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"7.3
- CVE-2026-58013Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"6.5
- CVE-2026-58012Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()6.5
- CVE-2026-58010Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()6.5
- CVE-2026-58011Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime6.5
- CVE-2026-12610Sssd: use-after-free crash in sssd' 'sssd_pam' process6.4
- CVE-2026-14164Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()7.5
- CVE-2026-13757P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing6.2
- CVE-2026-12912Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image7.3
- CVE-2026-13601Yelp: yelp-xsl: overly permissive content security policy in yelp allows host file disclosure from flatpak applications7.1
- CVE-2026-13595Util-linux: util-linux: heap use-after-free in libblkid nested partition probing6.8
- CVE-2026-57966Spice-vdagent: path traversal in file transfer via unsanitized filename4.4
- CVE-2026-57965Spice-vdagent: integer overflow in udscs_write() leading to heap buffer overflow5.1
Product normalization is registry-driven with AI assist and human review. How it works