Skip to main content

Red Hat

Vendor security scorecard – 3200 CVEs in the selected period

Period: 30d 90d 6m 1y All
Risk 7260
3200
CVEs
142
Critical
1140
High
4
KEV
135
PoC
30
Unpatched C/H
96.4%
Patch Rate
0.1%
Avg EPSS

Severity Breakdown

CRITICAL
142
HIGH
1140
MEDIUM
1917
LOW
0

Monthly CVE Trend

Top Risky CVEs

CVE Summary Severity CVSS EPSS Priority Signals
CVE-2026-3910 Chrome's V8 JavaScript engine contains an inappropriate implementation (CVE-2026-3910, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox via crafted HTML pages. KEV-listed with public PoC, this V8 vulnerability affects all Chromium-based browsers and enables drive-by exploitation through any web page containing malicious JavaScript. HIGH 8.8 0.1% 119
KEV PoC
CVE-2026-11645 Remote code execution in Google Chrome's V8 JavaScript engine prior to 149.0.7827.103 allows a remote attacker to execute arbitrary code inside the renderer sandbox by enticing a victim to visit a crafted HTML page. The flaw is an out-of-bounds read and write (CWE-125) rated High severity by Chromium with a CVSS 8.8, and no public exploit identified at time of analysis, though V8 memory-corruption issues historically attract exploit development. HIGH 8.8 0.1% 119
KEV PoC
CVE-2026-3909 Google Chrome's Skia graphics library contains an out-of-bounds write (CVE-2026-3909, CVSS 8.8) enabling remote attackers to perform memory corruption through crafted HTML pages. KEV-listed with public PoC and patches available, this vulnerability in the core graphics rendering engine affects all Chromium-based browsers. HIGH 8.8 0.1% 119
KEV PoC
CVE-2026-2441 Google Chrome's CSS engine contains a use-after-free vulnerability (CVE-2026-2441, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox through crafted HTML pages. KEV-listed with public PoC, this vulnerability enables drive-by exploitation when users visit malicious or compromised websites. HIGH 8.8 0.1% 114
KEV PoC
CVE-2026-24054 Sandbox escape in Kata Containers allowing guest VM to access host resources. CVSS 10.0 — undermines the core security guarantee of hardware-isolated containers. PoC and patch available. CRITICAL 10.0 0.1% 70
PoC
CVE-2026-25952 Use-after-free in FreeRDP xf_SetWindowMinMaxInfo before version 3.23.0. X11 client window management triggers memory corruption. PoC and patch available. CRITICAL 9.8 0.1% 69
PoC
CVE-2026-25953 Use-after-free in FreeRDP xf_AppUpdateWindowFromSurface before 3.23.0. Surface-to-window update triggers memory corruption. PoC and patch available. CRITICAL 9.8 0.1% 69
PoC
CVE-2026-25997 Use-after-free in FreeRDP xf_clipboard_format_equal before 3.23.0. Clipboard format comparison uses freed memory. Fifth FreeRDP UAF. PoC and patch available. CRITICAL 9.8 0.1% 69
PoC
CVE-2026-25959 Use-after-free in FreeRDP xf_cliprdr_provide_data clipboard handling before 3.23.0. Clipboard data exchange triggers memory corruption. PoC and patch available. CRITICAL 9.8 0.1% 69
PoC
CVE-2026-25955 Use-after-free in FreeRDP xf_AppUpdateWindowFromSurface before 3.23.0. Different code path from CVE-2026-25953. PoC and patch available. CRITICAL 9.8 0.1% 69
PoC
CVE-2026-27699 Path traversal in basic-ftp Node.js FTP client library before 5.2.0 allows malicious FTP servers to write files outside the intended download directory. PoC and patch available. CRITICAL 9.1 0.1% 66
PoC
CVE-2026-26331 yt-dlp is a command-line audio/video downloader. [CVSS 8.8 HIGH] HIGH 8.8 0.7% 65
PoC
CVE-2025-71329 Denial of service in the image-size Node.js library through version 2.0.2 allows remote unauthenticated attackers to permanently hang the Node.js event loop by supplying a crafted JXL or HEIF image containing a box with a zero-valued size field. Publicly available exploit code exists and an upstream fix has been merged, making this a credible availability threat for any service that accepts user-supplied images and runs them through image-size. No active exploitation has been reported in CISA KEV at time of analysis. HIGH 8.7 0.1% 64
PoC
CVE-2025-71330 Denial of service in the image-size Node.js library (versions up to and including 2.0.2) allows remote unauthenticated attackers to permanently stall the Node.js event loop by submitting a malformed ICNS image. The flaw stems from an infinite loop in the ICNS parser when an entry length field is zero, and publicly available exploit code exists per VulnCheck and an independent write-up; no public exploit identified at time of analysis indicates active exploitation, but the POC makes weaponization trivial. HIGH 8.7 0.1% 64
PoC
CVE-2026-25635 Remote code execution in Calibre prior to version 9.2.0 through a path traversal flaw in the CHM reader allows local attackers to write arbitrary files with user permissions, enabling payload execution via the Windows Startup folder. Public exploit code exists for this vulnerability. Windows users should upgrade to Calibre 9.2.0 or later to remediate the risk. HIGH 8.6 0.2% 63
PoC

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy