Skip to main content

Red Hat

Vendor security scorecard – 8628 CVEs in the selected period

Period: 30d 90d 6m 1y All
Risk 18760
8628
CVEs
274
Critical
2646
High
18
KEV
567
PoC
212
Unpatched C/H
93.2%
Patch Rate
0.3%
Avg EPSS

Severity Breakdown

CRITICAL
274
HIGH
2646
MEDIUM
5634
LOW
71

Monthly CVE Trend

Top Risky CVEs

CVE Summary Severity CVSS EPSS Priority Signals
CVE-2010-1871 JBoss Seam 2 in Red Hat JBoss EAP 4.3.0 fails to sanitize JBoss Expression Language inputs, allowing remote attackers to achieve arbitrary code execution via crafted URL parameters when the Java Security Manager is misconfigured. HIGH 8.8 93.7% 233
KEV PoC No patch
CVE-2025-24813 A critical path equivalence vulnerability in Apache Tomcat's Default Servlet allows unauthenticated remote code execution through specially crafted PUT requests using internal dot notation in filenames. With EPSS of 94% and active exploitation in the wild, this represents one of the most dangerous Tomcat vulnerabilities in recent years, affecting versions 9.0.0-9.0.98, 10.1.0-10.1.34, and 11.0.0-11.0.2. CRITICAL 9.8 94.2% 228
KEV PoC
CVE-2025-49113 Roundcube Webmail contains a critical PHP object deserialization vulnerability (CVE-2025-49113, CVSS 9.9) that allows authenticated users to achieve remote code execution through a crafted upload URL. With EPSS 90.4% and KEV listing, this vulnerability in one of the most widely deployed open-source webmail platforms enables any email user to compromise the mail server, accessing all hosted mailboxes. CRITICAL 9.9 90.4% 225
KEV PoC
CVE-2025-55182 React Server Components in React 19.x contain a critical pre-authentication remote code execution vulnerability (CVE-2025-55182, CVSS 10.0) through unsafe deserialization of HTTP request payloads. With EPSS 71.1% and KEV listing, this vulnerability affects any application using React Server Components with react-server-dom-webpack, react-server-dom-turbopack, or react-server-dom-parcel — enabling complete server compromise through a single HTTP request. CRITICAL 10.0 71.1% 216
KEV PoC
CVE-2017-12149 In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. CRITICAL 9.8 94.3% 213
KEV PoC No patch
CVE-2025-31125 Vite is a frontend tooling framework for javascript. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Actively exploited in the wild (cisa kev) and public exploit code available. MEDIUM 5.3 83.3% 180
KEV PoC
CVE-2013-2068 Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 78.5%. CRITICAL 9.4 78.5% 160
PoC No patch
CVE-2025-1974 A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access to achieve arbitrary code execution in the controller context. Dubbed 'IngressNightmare', this flaw exposes cluster Secrets including TLS certificates and service account tokens accessible to the ingress controller. CRITICAL 9.8 90.3% 159
PoC
CVE-2025-29927 Next.js versions 1.11.4 through 15.2.2 contain a critical middleware authorization bypass via the x-middleware-subrequest header. Attackers can send crafted requests that skip middleware entirely, bypassing authentication, authorization, and security headers enforced at the middleware layer. CRITICAL 9.1 93.0% 158
PoC
CVE-2025-32463 Sudo before 1.9.17p1 contains a local root escalation vulnerability (CVE-2025-32463, CVSS 9.3) through the --chroot option, which loads /etc/nsswitch.conf from the user-controlled chroot directory instead of the host system. KEV-listed with EPSS 26.5% and public PoC, this vulnerability allows any user with sudo --chroot access to achieve root privileges by placing a malicious nsswitch configuration and library in their chroot. CRITICAL 9.3 26.5% 158
KEV PoC
CVE-2025-1094 PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperly neutralize quoting syntax, enabling SQL injection when function results are used to construct psql input. This vulnerability was used as the initial access vector in the BeyondTrust RS compromise chain. HIGH 8.1 79.7% 155
PoC
CVE-2025-1302 The jsonpath-plus npm package before version 10.3.0 contains a remote code execution vulnerability due to improper input sanitization in the eval='safe' mode. Despite being labeled 'safe', the evaluation mode allows attackers to escape the sandbox and execute arbitrary JavaScript, affecting any application processing untrusted JSONPath expressions. HIGH 8.9 88.9% 153
PoC
CVE-2017-7504 HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat Jboss Application Server <= Jboss 4.X does not restrict the classes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 90.3% and no vendor patch available. CRITICAL 9.8 90.3% 139
No patch
CVE-2025-30208 Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 89.0%. MEDIUM 5.3 89.0% 135
PoC
CVE-2013-2186 The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 87.1%. HIGH 7.5 87.1% 125

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy