Red Hat Multicluster Global Hub 1.7.1 includes security updates that address twelve vulnerabilities identified by CVE identifiers including CVE-2025-41118 and CVE-2026-21728 among others. The product allows centralized management of multiple Kubernetes hub clusters. The advisory (RHSA-2026:24503) provides updated container images for multiple architectures and fixes security issues classified under various CWEs such as improper access control, race conditions, and memory corruption. The update is rated as Important by Red Hat Product Security. No CVSS base score is provided in the advisory. The vendor recommends upgrading to the updated version 1.7.1 to apply these fixes.

The vulnerabilities addressed in this update affect the security posture of Red Hat Multicluster Global Hub 1.7.1, potentially impacting the management and security of multiple Kubernetes hub clusters. The advisory rates the overall security impact as Important, indicating a high severity level but not critical. There are no reports of known exploits in the wild at this time. The vulnerabilities span multiple categories of weaknesses, which could lead to unauthorized access, denial of service, or other security issues if left unpatched.

Red Hat has released version 1.7.1 of Multicluster Global Hub containing security fixes and updated container images. Users should upgrade to this version to mitigate the vulnerabilities. The vendor advisory (RHSA-2026:24503) provides detailed instructions and updated image references for multiple architectures. No additional mitigation steps beyond applying the update are indicated. Patch status is confirmed as available via the official Red Hat advisory.