java-25-openjdk-fastdebug (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package java-25-openjdk-fastdebug, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (17)
CVE-2026-26740 — CVSS 8.2 (high): Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension…
CVE-2026-33636 — CVSS 7.6 (high): LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files…
CVE-2026-34282 — CVSS 7.5 (high): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component…
CVE-2026-21945 — CVSS 7.5 (high): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component…
CVE-2026-22016 — CVSS 7.5 (high): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP)…
CVE-2026-33416 — CVSS 7.5 (high): LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files…
CVE-2025-64720 — CVSS 7.1 (high): LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files…
CVE-2025-65018 — CVSS 7.1 (high): LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files…
CVE-2026-21933 — CVSS 6.1 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component…
CVE-2026-22013 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS)…
CVE-2026-22021 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE)…
CVE-2026-23865 — CVSS 5.3 (medium): An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an…
CVE-2026-21925 — CVSS 4.8 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: RMI)…
CVE-2026-22008 — CVSS 3.7 (low): Vulnerability in Oracle Java SE (component: Libraries). The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to…
CVE-2026-22018 — CVSS 3.7 (low): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component…
CVE-2026-34268 — CVSS 2.9 (low): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component…
CVE-2026-22007 — CVSS 2.9 (low): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component…