Threats Tagged 'cve-2026-45736'
View all threats tagged with 'cve-2026-45736'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-45736'
Click on any threat for detailed analysis and mitigation recommendations
Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement updateCVE-2026-45736 0 The ws library for Node.js versions 8.0.0 up to but not including 8.20.1 contains a vulnerability where the websocket.close() function may disclose uninitialized memory if a TypedArray is passed as the reason argument. This issue is fixed in version 8.20.1. The vulnerability has a medium severity with a CVSS score of 4.4. Join the discussion | GCVE Database | 06/19/2026, 02:03:31 UTC Added: 06/19/2026, 19:05:59 UTC |
Red Hat Security Advisory: Red Hat Developer Hub 1.9.6 release.CVE-2026-9277 0 Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins. Join the discussion | GCVE Database | 06/30/2026, 15:00:33 UTC Added: 06/15/2026, 23:17:42 UTC |
Red Hat Security Advisory: Kiali 2.4.18 for Red Hat OpenShift Service Mesh 3.0CVE-2026-9277 0 Kiali 2.4.18, for Red Hat OpenShift Service Mesh 3.0, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently. Security Fix(es): * CVE-2026-32281 redhat-user-workloads/kiali-3-0: Go crypto/x509: Denial of Service via inefficient certificate chain validation (ossm-13867) * CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13909) * CVE-2026-9277 openshift-service-mesh/kiali-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13913) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Join the discussion | GCVE Database | 06/15/2026, 22:39:05 UTC Added: 06/15/2026, 23:17:42 UTC |
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix UpdateCVE-2026-6322 0 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Security Fix(es): * automation-platform-ui: Axios: Denial of Service due to unenforced request and response size limits (CVE-2026-44488) * automation-platform-ui: Axios: Information disclosure due to prototype pollution vulnerability (CVE-2026-44495) * automation-platform-ui: fast-uri: URI authority bypass due to improper delimiter handling (CVE-2026-6322) * automation-platform-ui: Axios: Arbitrary HTTP header injection via prototype pollution (CVE-2026-42035) * automation-platform-ui: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization (CVE-2026-41240) * automation-platform-ui: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors (CVE-2026-44293) * python3.12-pyjwt: Authentication bypass due to forged JSON Web Tokens (CVE-2026-48526) * automation-controller: Dynaconf: Arbitrary code execution via Server-Side Template Injection (CVE-2026-33154) * python3.12-urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers (CVE-2026-44431) * python3.12-urllib3: Denial of Service due to excessive HTTP response decompression (CVE-2026-44432) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Join the discussion | GCVE Database | 07/01/2026, 11:09:18 UTC Added: 06/11/2026, 17:33:03 UTC |
Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement updateCVE-2026-45491 0 This update includes the following RPMs: dotnet10.0: * aspnetcore-runtime-10.0-10.0.9-1.hum1 (aarch64, x86_64) * aspnetcore-runtime-dbg-10.0-10.0.9-1.hum1 (aarch64, x86_64) * aspnetcore-targeting-pack-10.0-10.0.9-1.hum1 (aarch64, x86_64) * dotnet-apphost-pack-10.0-10.0.9-1.hum1 (aarch64, x86_64) * dotnet-host-10.0.9-1.hum1 (aarch64, x86_64) * dotnet-hostfxr-10.0-10.0.9-1.hum1 (aarch64, x86_64) * dotnet-runtime-10.0-10.0.9-1.hum1 (aarch64, x86_64) * dotnet-runtime-dbg-10.0-10.0.9-1.hum1 (aarch64, x86_64) * dotnet-sdk-10.0-10.0.109-1.hum1 (aarch64, x86_64) * dotnet-sdk-10.0-source-built-artifacts-10.0.109-1.hum1 (aarch64, x86_64) * dotnet-sdk-aot-10.0-10.0.109-1.hum1 (aarch64, x86_64) * dotnet-sdk-dbg-10.0-10.0.109-1.hum1 (aarch64, x86_64) * dotnet-targeting-pack-10.0-10.0.9-1.hum1 (aarch64, x86_64) * dotnet-templates-10.0-10.0.109-1.hum1 (aarch64, x86_64) * dotnet10.0-10.0.109-1.hum1.src (src) Join the discussion | GCVE Database | 06/17/2026, 15:25:52 UTC Added: 06/10/2026, 23:10:06 UTC |
Red Hat Security Advisory: Red Hat Developer Hub 1.10.0 release.CVE-2026-2950 0 Red Hat Developer Hub (RHDH) 1.10.0 is an enterprise-grade, self-managed developer portal based on Backstage.io, supporting major Kubernetes clusters. A security advisory (RHSA-2026:24841) was issued for this release, addressing multiple vulnerabilities including CVE-2026-2950 and six others. The advisory classifies the severity as moderate (medium) but does not provide specific CVSS scores or detailed technical exploit information. No patches or fixes are currently available for these vulnerabilities according to the vendor advisory. The product is not a cloud service, so remediation depends on user action once fixes are released. There are no known exploits in the wild at this time. Join the discussion | GCVE Database | 06/09/2026, 14:38:34 UTC Added: 06/10/2026, 11:50:14 UTC |
Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement updateCVE-2026-2950 0 This update includes the following RPMs: nodejs20: * nodejs20-20.20.2-1.hum1 (aarch64, x86_64) * nodejs20-bin-20.20.2-1.hum1 (noarch) * nodejs20-devel-20.20.2-1.hum1 (aarch64, x86_64) * nodejs20-docs-20.20.2-1.hum1 (noarch) * nodejs20-full-i18n-20.20.2-1.hum1 (aarch64, x86_64) * nodejs20-libs-20.20.2-1.hum1 (aarch64, x86_64) * nodejs20-npm-10.8.2-1.20.20.2.1.hum1 (noarch) * nodejs20-npm-bin-20.20.2-1.hum1 (noarch) * v8-11.3-devel-11.3.244.8-1.20.20.2.1.hum1 (aarch64, x86_64) * nodejs20-20.20.2-1.hum1.src (src) Join the discussion | GCVE Database | 04/11/2026, 00:49:50 UTC Added: 06/10/2026, 11:50:14 UTC |
Showing 1 to 7 of 7 results