Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1704 CRITICAL 140 HIGH 597 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 7 18 16 3
2 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 9 134 183 18
3 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 48 321 454 51
4 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 96 277 280 47
5 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 76 170 212 56
6 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
7 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
8 Red Hat Enterprise Linux 3 3.0 0 33 44 17
9 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1 6.1
- 		MEDIUM
Local 		A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket na… Update CWE-923
 Improper Restriction of Communication Channel to Intended Endpoints 		CVE-2026-55655 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2026-06-26 03:16
2026-06-23 		Show GitHub Exploit DB Packet Storm
2 3.7
- 		LOW
Network 		A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing… Update CWE-125
Out-of-bounds Read 		CVE-2026-55654 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2026-06-26 01:59
2026-06-23 		Show GitHub Exploit DB Packet Storm
3 6.5
- 		MEDIUM
Network 		A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange (DH-GEX) client path. This occurs during FIPS (Federal Information Pro… Update CWE-415
 Double Free 		CVE-2026-55653 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2026-06-26 01:57
2026-06-23 		Show GitHub Exploit DB Packet Storm
4 4.9
- 		MEDIUM
Network 		A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-11790 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2026-06-13 03:21
2026-06-9 		Show GitHub Exploit DB Packet Storm
5 6.5
- 		MEDIUM
Network 		A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2026-11789 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2026-06-13 03:30
2026-06-9 		Show GitHub Exploit DB Packet Storm
6 7.5
- 		HIGH
Network 		A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the L… CWE-476
 NULL Pointer Dereference 		CVE-2026-11788 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2026-06-13 03:30
2026-06-9 		Show GitHub Exploit DB Packet Storm
7 6.3
- 		MEDIUM
Network 		A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that … CWE-126
 Buffer Over-read 		CVE-2026-11787 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2026-06-13 03:38
2026-06-9 		Show GitHub Exploit DB Packet Storm
8 6.5
- 		MEDIUM
Network 		A flaw was found in 389 Directory Server. The LDIF parser reads past the end of a heap buffer when processing attribute types with trailing semicolons during database import, causing an out-of-bounds… CWE-125
Out-of-bounds Read 		CVE-2026-11786 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2026-06-13 03:40
2026-06-9 		Show GitHub Exploit DB Packet Storm
9 4.3
- 		MEDIUM
Network 		A flaw was found in 389 Directory Server. A type confusion in the SSO token extended operation handler causes partial stack address information to be disclosed in LDAP responses to authenticated user… CWE-843
Type Confusion 		CVE-2026-11785 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:10.0:* 		2026-06-13 03:47
2026-06-9 		Show GitHub Exploit DB Packet Storm
10 6.5
- 		MEDIUM
Network 		A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denia… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-11611 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2026-06-16 03:41
2026-06-9 		Show GitHub Exploit DB Packet Storm