- How many CVEs does Red Hat have?
- Red Hat has 7,778 published CVE records since 1999, including 1,815 in the last two years.
- How many Red Hat CVEs are in CISA KEV?
- Yes — 95 of Red Hat's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which Red Hat products have the most CVEs?
- The Red Hat products with the most published CVEs are Enterprise Linux, enterprise linux desktop, enterprise linux server, enterprise linux workstation, Red Hat Enterprise Linux 9.
- What are the most common weakness types in Red Hat CVEs?
- Red Hat's CVEs most often map to these CWE weakness types: CWE-416 (Use After Free), CWE-125 (Out-of-bounds Read), CWE-400 (Uncontrolled Resource Consumption), CWE-20 (Improper Input Validation).
- Are there public exploits for Red Hat vulnerabilities?
- Yes — 883 of Red Hat's CVEs have a known public exploit.
- How many critical Red Hat vulnerabilities are there?
- Red Hat has 1,019 critical and 3,127 high-severity CVEs.
- What is the average severity of Red Hat CVEs?
- The average CVSS base score across Red Hat's scored CVEs is 6.9.