Redhat Update Infrastructure — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Update Infrastructure, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-48864 — CVSS 7.8 (high): A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within…
CVE-2023-50781 — CVSS 7.5 (high): A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key…
CVE-2023-50782 — CVSS 7.5 (high): A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers…
CVE-2026-9149 — CVSS 6.5 (medium): A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file…
CVE-2026-9150 — CVSS 6.5 (medium): A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing…
CVE-2022-3644 — CVSS 5.5 (medium): The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write…