Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/java-25-openjdk@1:25.0.3.0.9-1?arch=el9
Typerpm
Namespaceredhat
Namejava-25-openjdk
Version1:25.0.3.0.9-1
Qualifiers
arch el9
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1gha-995s-7qdg
vulnerability_id VCID-1gha-995s-7qdg
summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22016
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.09722
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22016
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id 1134894
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460039
reference_id 2460039
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460039
6
reference_url https://www.oracle.com/security-alerts/cpuapr2026.html
reference_id cpuapr2026.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:11:15Z/
url https://www.oracle.com/security-alerts/cpuapr2026.html
7
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
8
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
9
reference_url https://access.redhat.com/errata/RHSA-2026:9256
reference_id RHSA-2026:9256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9256
10
reference_url https://access.redhat.com/errata/RHSA-2026:9682
reference_id RHSA-2026:9682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9682
11
reference_url https://access.redhat.com/errata/RHSA-2026:9684
reference_id RHSA-2026:9684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9684
12
reference_url https://access.redhat.com/errata/RHSA-2026:9685
reference_id RHSA-2026:9685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9685
13
reference_url https://access.redhat.com/errata/RHSA-2026:9687
reference_id RHSA-2026:9687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9687
14
reference_url https://access.redhat.com/errata/RHSA-2026:9688
reference_id RHSA-2026:9688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9688
15
reference_url https://access.redhat.com/errata/RHSA-2026:9690
reference_id RHSA-2026:9690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9690
16
reference_url https://access.redhat.com/errata/RHSA-2026:9691
reference_id RHSA-2026:9691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9691
17
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
18
reference_url https://access.redhat.com/errata/RHSA-2026:9694
reference_id RHSA-2026:9694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9694
fixed_packages
aliases CVE-2026-22016
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1gha-995s-7qdg
1
url VCID-41qj-62x6-tqe5
vulnerability_id VCID-41qj-62x6-tqe5
summary giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26740.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26740.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26740
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.34086
published_at 2026-04-02T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.34051
published_at 2026-04-09T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.3405
published_at 2026-04-11T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.34007
published_at 2026-04-12T12:55:00Z
4
value 0.00139
scoring_system epss
scoring_elements 0.33983
published_at 2026-04-13T12:55:00Z
5
value 0.00139
scoring_system epss
scoring_elements 0.34017
published_at 2026-04-16T12:55:00Z
6
value 0.00139
scoring_system epss
scoring_elements 0.34004
published_at 2026-04-18T12:55:00Z
7
value 0.00139
scoring_system epss
scoring_elements 0.34118
published_at 2026-04-04T12:55:00Z
8
value 0.00139
scoring_system epss
scoring_elements 0.33978
published_at 2026-04-07T12:55:00Z
9
value 0.00139
scoring_system epss
scoring_elements 0.3402
published_at 2026-04-08T12:55:00Z
10
value 0.00151
scoring_system epss
scoring_elements 0.35498
published_at 2026-04-24T12:55:00Z
11
value 0.00151
scoring_system epss
scoring_elements 0.35733
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26740
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131368
reference_id 1131368
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131368
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448747
reference_id 2448747
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448747
6
reference_url https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.md
reference_id giflib_giftool_gce_len_heap_oobwrite_disclosure.md
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-18T18:43:32Z/
url https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.md
7
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
8
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
9
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
fixed_packages
aliases CVE-2026-26740
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-41qj-62x6-tqe5
2
url VCID-57sd-8y93-qqhu
vulnerability_id VCID-57sd-8y93-qqhu
summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34282
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.121
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34282
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460044
reference_id 2460044
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460044
5
reference_url https://www.oracle.com/security-alerts/cpuapr2026.html
reference_id cpuapr2026.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:33:23Z/
url https://www.oracle.com/security-alerts/cpuapr2026.html
6
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
7
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
8
reference_url https://access.redhat.com/errata/RHSA-2026:9256
reference_id RHSA-2026:9256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9256
9
reference_url https://access.redhat.com/errata/RHSA-2026:9687
reference_id RHSA-2026:9687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9687
10
reference_url https://access.redhat.com/errata/RHSA-2026:9688
reference_id RHSA-2026:9688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9688
11
reference_url https://access.redhat.com/errata/RHSA-2026:9690
reference_id RHSA-2026:9690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9690
12
reference_url https://access.redhat.com/errata/RHSA-2026:9691
reference_id RHSA-2026:9691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9691
13
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
14
reference_url https://access.redhat.com/errata/RHSA-2026:9694
reference_id RHSA-2026:9694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9694
fixed_packages
aliases CVE-2026-34282
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57sd-8y93-qqhu
3
url VCID-6fzj-746j-bkbc
vulnerability_id VCID-6fzj-746j-bkbc
summary Freetype: Freetype: Information disclosure or denial of service via specially crafted font files
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23865.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23865.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23865
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02445
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03111
published_at 2026-04-24T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03077
published_at 2026-04-09T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03041
published_at 2026-04-11T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03017
published_at 2026-04-12T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03009
published_at 2026-04-13T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.02986
published_at 2026-04-16T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.02993
published_at 2026-04-18T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03114
published_at 2026-04-21T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03047
published_at 2026-04-04T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.0305
published_at 2026-04-07T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.03053
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23865
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129606
reference_id 1129606
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129606
4
reference_url https://sourceforge.net/projects/freetype/files/freetype2/2.14.2/
reference_id 2.14.2
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-02T16:25:34Z/
url https://sourceforge.net/projects/freetype/files/freetype2/2.14.2/
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2443891
reference_id 2443891
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2443891
6
reference_url https://www.facebook.com/security/advisories/cve-2026-23865
reference_id cve-2026-23865
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-02T16:25:34Z/
url https://www.facebook.com/security/advisories/cve-2026-23865
7
reference_url https://gitlab.com/freetype/freetype/-/commit/fc85a255849229c024c8e65f536fe1875d84841c
reference_id fc85a255849229c024c8e65f536fe1875d84841c
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-02T16:25:34Z/
url https://gitlab.com/freetype/freetype/-/commit/fc85a255849229c024c8e65f536fe1875d84841c
8
reference_url https://access.redhat.com/errata/RHSA-2026:7933
reference_id RHSA-2026:7933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7933
9
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
10
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
11
reference_url https://access.redhat.com/errata/RHSA-2026:9256
reference_id RHSA-2026:9256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9256
12
reference_url https://access.redhat.com/errata/RHSA-2026:9682
reference_id RHSA-2026:9682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9682
13
reference_url https://access.redhat.com/errata/RHSA-2026:9684
reference_id RHSA-2026:9684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9684
14
reference_url https://access.redhat.com/errata/RHSA-2026:9685
reference_id RHSA-2026:9685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9685
15
reference_url https://access.redhat.com/errata/RHSA-2026:9687
reference_id RHSA-2026:9687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9687
16
reference_url https://access.redhat.com/errata/RHSA-2026:9688
reference_id RHSA-2026:9688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9688
17
reference_url https://access.redhat.com/errata/RHSA-2026:9690
reference_id RHSA-2026:9690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9690
18
reference_url https://access.redhat.com/errata/RHSA-2026:9691
reference_id RHSA-2026:9691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9691
19
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
20
reference_url https://access.redhat.com/errata/RHSA-2026:9694
reference_id RHSA-2026:9694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9694
21
reference_url https://usn.ubuntu.com/8086-1/
reference_id USN-8086-1
reference_type
scores
url https://usn.ubuntu.com/8086-1/
fixed_packages
aliases CVE-2026-23865
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fzj-746j-bkbc
4
url VCID-6r1k-8y1c-q7fm
vulnerability_id VCID-6r1k-8y1c-q7fm
summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 2.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22007
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01704
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22007
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id 1134894
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460038
reference_id 2460038
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460038
6
reference_url https://www.oracle.com/security-alerts/cpuapr2026.html
reference_id cpuapr2026.html
reference_type
scores
0
value 2.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:16Z/
url https://www.oracle.com/security-alerts/cpuapr2026.html
7
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
8
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
9
reference_url https://access.redhat.com/errata/RHSA-2026:9256
reference_id RHSA-2026:9256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9256
10
reference_url https://access.redhat.com/errata/RHSA-2026:9682
reference_id RHSA-2026:9682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9682
11
reference_url https://access.redhat.com/errata/RHSA-2026:9684
reference_id RHSA-2026:9684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9684
12
reference_url https://access.redhat.com/errata/RHSA-2026:9685
reference_id RHSA-2026:9685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9685
13
reference_url https://access.redhat.com/errata/RHSA-2026:9687
reference_id RHSA-2026:9687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9687
14
reference_url https://access.redhat.com/errata/RHSA-2026:9688
reference_id RHSA-2026:9688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9688
15
reference_url https://access.redhat.com/errata/RHSA-2026:9690
reference_id RHSA-2026:9690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9690
16
reference_url https://access.redhat.com/errata/RHSA-2026:9691
reference_id RHSA-2026:9691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9691
17
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
18
reference_url https://access.redhat.com/errata/RHSA-2026:9694
reference_id RHSA-2026:9694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9694
fixed_packages
aliases CVE-2026-22007
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6r1k-8y1c-q7fm
5
url VCID-dm7h-c7wt-1kbs
vulnerability_id VCID-dm7h-c7wt-1kbs
summary libpng: libpng: Arbitrary code execution due to use-after-free vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33416.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33416.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33416
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.10979
published_at 2026-04-24T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11022
published_at 2026-04-21T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.12874
published_at 2026-04-13T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.12779
published_at 2026-04-18T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12775
published_at 2026-04-16T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.13064
published_at 2026-04-04T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12864
published_at 2026-04-07T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12943
published_at 2026-04-08T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.12994
published_at 2026-04-09T12:55:00Z
9
value 0.00042
scoring_system epss
scoring_elements 0.12954
published_at 2026-04-11T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.12919
published_at 2026-04-12T12:55:00Z
11
value 0.00051
scoring_system epss
scoring_elements 0.15898
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33416
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33416
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33416
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132012
reference_id 1132012
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132012
5
reference_url https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb
reference_id 23019269764e35ed8458e517f1897bd3c54820eb
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-26T19:49:05Z/
url https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451805
reference_id 2451805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451805
7
reference_url https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667
reference_id 7ea9eea884a2328cc7fdcb3c0c00246a50d90667
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-26T19:49:05Z/
url https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667
8
reference_url https://github.com/pnggroup/libpng/pull/824
reference_id 824
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-26T19:49:05Z/
url https://github.com/pnggroup/libpng/pull/824
9
reference_url https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25
reference_id a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-26T19:49:05Z/
url https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25
10
reference_url https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1
reference_id c1b0318b393c90679e6fa5bc1d329fd5d5012ec1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-26T19:49:05Z/
url https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1
11
reference_url https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j
reference_id GHSA-m4pc-p4q3-4c7j
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-26T19:49:05Z/
url https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j
12
reference_url https://access.redhat.com/errata/RHSA-2026:6732
reference_id RHSA-2026:6732
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6732
13
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
14
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
15
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
16
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
17
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
18
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
19
reference_url https://access.redhat.com/errata/RHSA-2026:9345
reference_id RHSA-2026:9345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9345
20
reference_url https://access.redhat.com/errata/RHSA-2026:9638
reference_id RHSA-2026:9638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9638
21
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
fixed_packages
aliases CVE-2026-33416
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dm7h-c7wt-1kbs
6
url VCID-jxgd-j4wr-tyb7
vulnerability_id VCID-jxgd-j4wr-tyb7
summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 2.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34268
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01704
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34268
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id 1134894
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460043
reference_id 2460043
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460043
6
reference_url https://www.oracle.com/security-alerts/cpuapr2026.html
reference_id cpuapr2026.html
reference_type
scores
0
value 2.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:55:07Z/
url https://www.oracle.com/security-alerts/cpuapr2026.html
7
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
8
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
9
reference_url https://access.redhat.com/errata/RHSA-2026:9256
reference_id RHSA-2026:9256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9256
10
reference_url https://access.redhat.com/errata/RHSA-2026:9682
reference_id RHSA-2026:9682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9682
11
reference_url https://access.redhat.com/errata/RHSA-2026:9684
reference_id RHSA-2026:9684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9684
12
reference_url https://access.redhat.com/errata/RHSA-2026:9685
reference_id RHSA-2026:9685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9685
13
reference_url https://access.redhat.com/errata/RHSA-2026:9687
reference_id RHSA-2026:9687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9687
14
reference_url https://access.redhat.com/errata/RHSA-2026:9688
reference_id RHSA-2026:9688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9688
15
reference_url https://access.redhat.com/errata/RHSA-2026:9690
reference_id RHSA-2026:9690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9690
16
reference_url https://access.redhat.com/errata/RHSA-2026:9691
reference_id RHSA-2026:9691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9691
17
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
18
reference_url https://access.redhat.com/errata/RHSA-2026:9694
reference_id RHSA-2026:9694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9694
fixed_packages
aliases CVE-2026-34268
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxgd-j4wr-tyb7
7
url VCID-m54j-wfuk-yua7
vulnerability_id VCID-m54j-wfuk-yua7
summary Vulnerability in Oracle Java SE (component: Libraries). The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22008.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22008.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22008
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07437
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22008
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460029
reference_id 2460029
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460029
4
reference_url https://www.oracle.com/security-alerts/cpuapr2026.html
reference_id cpuapr2026.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:38Z/
url https://www.oracle.com/security-alerts/cpuapr2026.html
5
reference_url https://access.redhat.com/errata/RHSA-2026:7286
reference_id RHSA-2026:7286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7286
6
reference_url https://access.redhat.com/errata/RHSA-2026:7311
reference_id RHSA-2026:7311
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7311
7
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
8
reference_url https://access.redhat.com/errata/RHSA-2026:9694
reference_id RHSA-2026:9694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9694
fixed_packages
aliases CVE-2026-22008
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m54j-wfuk-yua7
8
url VCID-ptgq-884e-mkft
vulnerability_id VCID-ptgq-884e-mkft
summary libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33636.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33636.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33636
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.09433
published_at 2026-04-07T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.09521
published_at 2026-04-04T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.09508
published_at 2026-04-08T12:55:00Z
3
value 0.00033
scoring_system epss
scoring_elements 0.09555
published_at 2026-04-09T12:55:00Z
4
value 0.00033
scoring_system epss
scoring_elements 0.09569
published_at 2026-04-11T12:55:00Z
5
value 0.00033
scoring_system epss
scoring_elements 0.0954
published_at 2026-04-12T12:55:00Z
6
value 0.00033
scoring_system epss
scoring_elements 0.09524
published_at 2026-04-13T12:55:00Z
7
value 0.00033
scoring_system epss
scoring_elements 0.09418
published_at 2026-04-16T12:55:00Z
8
value 0.00033
scoring_system epss
scoring_elements 0.0942
published_at 2026-04-18T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10217
published_at 2026-04-02T12:55:00Z
10
value 0.00049
scoring_system epss
scoring_elements 0.15153
published_at 2026-04-21T12:55:00Z
11
value 0.00049
scoring_system epss
scoring_elements 0.15193
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33636
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33636
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132013
reference_id 1132013
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132013
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451819
reference_id 2451819
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451819
6
reference_url https://github.com/pnggroup/libpng/commit/7734cda20cf1236aef60f3bbd2267c97bbb40869
reference_id 7734cda20cf1236aef60f3bbd2267c97bbb40869
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:45:14Z/
url https://github.com/pnggroup/libpng/commit/7734cda20cf1236aef60f3bbd2267c97bbb40869
7
reference_url https://github.com/pnggroup/libpng/commit/aba9f18eba870d14fb52c5ba5d73451349e339c3
reference_id aba9f18eba870d14fb52c5ba5d73451349e339c3
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:45:14Z/
url https://github.com/pnggroup/libpng/commit/aba9f18eba870d14fb52c5ba5d73451349e339c3
8
reference_url https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2
reference_id GHSA-wjr5-c57x-95m2
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:45:14Z/
url https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2
9
reference_url https://access.redhat.com/errata/RHSA-2026:6732
reference_id RHSA-2026:6732
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6732
10
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
11
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
12
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
13
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
14
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
15
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
16
reference_url https://access.redhat.com/errata/RHSA-2026:9345
reference_id RHSA-2026:9345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9345
17
reference_url https://access.redhat.com/errata/RHSA-2026:9638
reference_id RHSA-2026:9638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9638
18
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
fixed_packages
aliases CVE-2026-33636
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ptgq-884e-mkft
9
url VCID-sz6r-65q1-q3bh
vulnerability_id VCID-sz6r-65q1-q3bh
summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22021
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11666
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22021
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id 1134894
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460042
reference_id 2460042
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460042
6
reference_url https://www.oracle.com/security-alerts/cpuapr2026.html
reference_id cpuapr2026.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:58:16Z/
url https://www.oracle.com/security-alerts/cpuapr2026.html
7
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
8
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
9
reference_url https://access.redhat.com/errata/RHSA-2026:9256
reference_id RHSA-2026:9256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9256
10
reference_url https://access.redhat.com/errata/RHSA-2026:9682
reference_id RHSA-2026:9682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9682
11
reference_url https://access.redhat.com/errata/RHSA-2026:9684
reference_id RHSA-2026:9684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9684
12
reference_url https://access.redhat.com/errata/RHSA-2026:9685
reference_id RHSA-2026:9685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9685
13
reference_url https://access.redhat.com/errata/RHSA-2026:9687
reference_id RHSA-2026:9687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9687
14
reference_url https://access.redhat.com/errata/RHSA-2026:9688
reference_id RHSA-2026:9688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9688
15
reference_url https://access.redhat.com/errata/RHSA-2026:9690
reference_id RHSA-2026:9690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9690
16
reference_url https://access.redhat.com/errata/RHSA-2026:9691
reference_id RHSA-2026:9691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9691
17
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
18
reference_url https://access.redhat.com/errata/RHSA-2026:9694
reference_id RHSA-2026:9694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9694
fixed_packages
aliases CVE-2026-22021
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sz6r-65q1-q3bh
10
url VCID-xte1-h9nn-4bbk
vulnerability_id VCID-xte1-h9nn-4bbk
summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22018
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11666
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22018
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id 1134894
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460041
reference_id 2460041
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460041
6
reference_url https://www.oracle.com/security-alerts/cpuapr2026.html
reference_id cpuapr2026.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:52Z/
url https://www.oracle.com/security-alerts/cpuapr2026.html
7
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
8
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
9
reference_url https://access.redhat.com/errata/RHSA-2026:9256
reference_id RHSA-2026:9256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9256
10
reference_url https://access.redhat.com/errata/RHSA-2026:9682
reference_id RHSA-2026:9682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9682
11
reference_url https://access.redhat.com/errata/RHSA-2026:9684
reference_id RHSA-2026:9684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9684
12
reference_url https://access.redhat.com/errata/RHSA-2026:9685
reference_id RHSA-2026:9685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9685
13
reference_url https://access.redhat.com/errata/RHSA-2026:9687
reference_id RHSA-2026:9687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9687
14
reference_url https://access.redhat.com/errata/RHSA-2026:9688
reference_id RHSA-2026:9688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9688
15
reference_url https://access.redhat.com/errata/RHSA-2026:9690
reference_id RHSA-2026:9690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9690
16
reference_url https://access.redhat.com/errata/RHSA-2026:9691
reference_id RHSA-2026:9691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9691
17
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
18
reference_url https://access.redhat.com/errata/RHSA-2026:9694
reference_id RHSA-2026:9694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9694
fixed_packages
aliases CVE-2026-22018
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xte1-h9nn-4bbk
11
url VCID-zsun-4q6p-8fek
vulnerability_id VCID-zsun-4q6p-8fek
summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22013
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12118
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22013
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id 1134894
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460040
reference_id 2460040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460040
6
reference_url https://www.oracle.com/security-alerts/cpuapr2026.html
reference_id cpuapr2026.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:09:34Z/
url https://www.oracle.com/security-alerts/cpuapr2026.html
7
reference_url https://access.redhat.com/errata/RHSA-2026:9254
reference_id RHSA-2026:9254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9254
8
reference_url https://access.redhat.com/errata/RHSA-2026:9255
reference_id RHSA-2026:9255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9255
9
reference_url https://access.redhat.com/errata/RHSA-2026:9256
reference_id RHSA-2026:9256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9256
10
reference_url https://access.redhat.com/errata/RHSA-2026:9682
reference_id RHSA-2026:9682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9682
11
reference_url https://access.redhat.com/errata/RHSA-2026:9684
reference_id RHSA-2026:9684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9684
12
reference_url https://access.redhat.com/errata/RHSA-2026:9685
reference_id RHSA-2026:9685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9685
13
reference_url https://access.redhat.com/errata/RHSA-2026:9687
reference_id RHSA-2026:9687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9687
14
reference_url https://access.redhat.com/errata/RHSA-2026:9688
reference_id RHSA-2026:9688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9688
15
reference_url https://access.redhat.com/errata/RHSA-2026:9690
reference_id RHSA-2026:9690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9690
16
reference_url https://access.redhat.com/errata/RHSA-2026:9691
reference_id RHSA-2026:9691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9691
17
reference_url https://access.redhat.com/errata/RHSA-2026:9693
reference_id RHSA-2026:9693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9693
18
reference_url https://access.redhat.com/errata/RHSA-2026:9694
reference_id RHSA-2026:9694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9694
fixed_packages
aliases CVE-2026-22013
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zsun-4q6p-8fek
Fixing_vulnerabilities
Risk_score3.7
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-25-openjdk@1:25.0.3.0.9-1%3Farch=el9