Red Hat Lightspeed Core
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Lightspeed Core.
By the Year
In 2026 there have been 2 vulnerabilities in Red Hat Lightspeed Core with an average score of 8.2 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 8.15 |
It may take a day or so for new Lightspeed Core vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Lightspeed Core Security Vulnerabilities
SQL Injection via Authorization Header in LiteLLM Proxy (v1.81.16-1.83.6)
CVE-2026-42208
9.8 - Critical
- May 08, 2026
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An unauthenticated attacker could send a specially crafted Authorization header to any LLM API route (for example POST /chat/completions) and reach this query through the proxy's error-handling path. An attacker could read data from the proxy's database and may be able to modify it, leading to unauthorised access to the proxy and the credentials it manages. This issue has been patched in version 1.83.7.
SQL Injection
CVE-2026-6385 FFmpeg DVD Subtitle Signed Int Overflow -> Heap OOB Write
CVE-2026-6385
6.5 - Medium
- April 15, 2026
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds checks, leading to a heap out-of-bounds write. Successful exploitation can result in a denial of service (DoS) due to an application crash, and potentially lead to arbitrary code execution.
Integer Overflow or Wraparound
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Lightspeed Core or by Red Hat? Click the Watch button to subscribe.
