Red hat hardened images
This hub aggregates every CVE we track for Red hat hardened images, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
135
CVEs tracked
4
Critical
51
High
0
In CISA KEV
Severity distribution
MEDIUM65HIGH51LOW15CRITICAL4
Monthly trend
0
0
0
0
0
0
0
0
0
0
5
5
0
6
1
1
8
12
5
23
30
13
26
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat hardened images.
- CVE-2026-58016Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"7.5
- CVE-2026-58015Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive5.9
- CVE-2026-58014Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"7.3
- CVE-2026-58013Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"6.5
- CVE-2026-58012Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()6.5
- CVE-2026-58010Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()6.5
- CVE-2026-58011Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime6.5
- CVE-2026-12610Sssd: use-after-free crash in sssd' 'sssd_pam' process6.4
- CVE-2026-14164Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()7.5
- CVE-2026-13757P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing6.2
- CVE-2026-12912Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image7.3
- CVE-2026-13595Util-linux: util-linux: heap use-after-free in libblkid nested partition probing6.8
- CVE-2026-55654Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination3.7
- CVE-2026-55655Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions5.0
- CVE-2026-55653Openssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of service4.3
Product normalization is registry-driven with AI assist and human review. How it works