CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2026-42010 – Gnutls: gnutls: authentication bypass via nul character in username
https://notcve.org/view.php?id=CVE-2026-42010
07 May 2026 — A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process. • https://access.redhat.com/errata/RHSA-2026:13274 • CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2026-33845 – Gnutls: gnutls: denial of service via dtls zero-length fragment
https://notcve.org/view.php?id=CVE-2026-33845
30 Apr 2026 — A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service. • https://access.redhat.com/errata/RHSA-2026:13274 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 3.7EPSS: 0%CPEs: 8EXPL: 1CVE-2026-3832 – Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response
https://notcve.org/view.php?id=CVE-2026-3832
30 Apr 2026 — A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust. • https://access.redhat.com/errata/RHSA-2026:13274 • CWE-179: Incorrect Behavior Order: Early Validation •
CVSS: 7.4EPSS: 0%CPEs: 8EXPL: 1CVE-2026-3833 – Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison
https://notcve.org/view.php?id=CVE-2026-3833
30 Apr 2026 — A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized acce... • https://access.redhat.com/errata/RHSA-2026:13274 • CWE-178: Improper Handling of Case Sensitivity •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2026-4647 – Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library
https://notcve.org/view.php?id=CVE-2026-4647
23 Mar 2026 — A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks. Se encontró ... • https://access.redhat.com/security/cve/CVE-2026-4647 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7079 – Openshift-console: unauthenticated installation of helm charts
https://notcve.org/view.php?id=CVE-2024-7079
24 Jul 2024 — A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser() middleware function. Contrary to its name, this middleware function does not verify the validity of the user's credentials. As a result, unauthenticated users can access this endpoint. • https://access.redhat.com/security/cve/CVE-2024-7079 • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.1EPSS: 48%CPEs: 54EXPL: 109CVE-2024-6387 – Openssh: regresshion - race condition in ssh allows rce/dos
https://notcve.org/view.php?id=CVE-2024-6387
01 Jul 2024 — A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Se encontró una condición de ejecución del controlador de señales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anter... • https://packetstorm.news/files/id/179290 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-364: Signal Handler Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5037 – Openshift/telemeter: iss check during jwt authentication can be bypassed
https://notcve.org/view.php?id=CVE-2024-5037
05 Jun 2024 — A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication. Se encontró una falla en Telemeter de OpenShift. Si se cumplen ciertas condiciones, un atacante puede usar un token falsificado para evitar la verificación del problema ("iss") durante la autenticación del token web JSON (JWT). Red Hat OpenShift Container Platform release 4.16.1 is now available with updates to package... • https://access.redhat.com/errata/RHSA-2024:4151 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6476 – Cri-o: pods are able to break out of resource confinement on cgroupv2
https://notcve.org/view.php?id=CVE-2023-6476
09 Jan 2024 — A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node. Se encontró una falla en CRI-O que involucra una anotación experimental que lleva a que un contenedor no esté confinado. Esto puede permitir que un pod especifique y obtenga cualquier cantidad de memoria/CPU, eludiendo el programador de ... • https://access.redhat.com/errata/RHSA-2024:0195 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 52%CPEs: 79EXPL: 5CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •