IsItPatchedInstant security status for any software version
← All products

Red Hat Enterprise Linux

Red Hat · Operating System
85/100 Good

Summary iPlain-English security verdict for Red Hat Enterprise Linux, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.

Red Hat Enterprise Linux currently scores 85/100 — good. 23 actively-exploited vulnerabilities (CISA KEV) affect older releases (e.g. CVE-2021-40438) — staying on the latest supported version keeps you clear of them. The latest supported release is 10.2. It's largely safe; apply minor updates as they appear. Note: this product is assessed at the product level on recent (365-day) activity rather than an exact per-version match, so it is never marked a confident "healthy".

Disclosure trend iNew CVEs published for Red Hat Enterprise Linux each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.

'19
'20
'21
'22
'23
'24
'25
'26

⚠ 2 of its known vulnerabilities are linked to ransomware campaigns (CISA KEV).

Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.

Most urgent first — actively exploited, then likeliest to be exploited.

CVE-2021-40438 CRITICAL ● exploited Server-side request forgery (SSRF) EPSS 94% → see advisory CVE-2023-44487 HIGH ● exploited Uncontrolled resource consumption EPSS 94% → see advisory CVE-2013-2251 CRITICAL ● exploited Injection EPSS 94% → see advisory CVE-2014-6271 CRITICAL ● exploited OS command injection EPSS 94% → see advisory CVE-2019-11043 HIGH ● exploited ⚠ ransomware Buffer overflow EPSS 94% → see advisory CVE-2016-5195 HIGH ● exploited CWE-362 EPSS 94% → see advisory CVE-2010-1871 HIGH ● exploited CWE-917 EPSS 94% → see advisory CVE-2019-0211 HIGH ● exploited Use-after-free EPSS 90% → see advisory CVE-2018-14667 CRITICAL ● exploited Code injection EPSS 89% → see advisory CVE-2014-7169 CRITICAL ● exploited OS command injection EPSS 89% → see advisory CVE-2021-4034 HIGH ● exploited Out-of-bounds write EPSS 87% → see advisory CVE-2016-9079 HIGH ● exploited Use-after-free EPSS 85% → see advisory

Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.

How long each Red Hat Enterprise Linux release line is supported — and when it sunsets.

10 latest 10.2 Supported until 2035-05-31
9 latest 9.8 Supported until 2032-05-31
8 latest 8.10 Supported until 2029-05-31
7 latest 7.9 End of life ended 2024-06-30
6 latest 6.10 End of life ended 2020-11-30
5 latest 5.11 End of life ended 2017-03-31
4 latest 4.9 End of life ended 2012-02-29
See all upcoming end-of-life dates →

ℹ product-level posture (last 365d); exact per-version verdict pending precise version mapping

Last checked: Wed, 10 Jun 2026 22:18:30 UTC