Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…
EPSS 0.7%top 53%

Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.11.10 security update

0
High
Published: 07/15/2026 (07/15/2026, 16:43:06 UTC)
Source: GCVE Database
Vendor/Project: Red Hat Product Security
Product: Red Hat

Description

Red Hat Advanced Cluster Management for Kubernetes 2.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which add new features and enhancements, bug fixes, and updated container images. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html-single/release_notes/index#acm-release-notes

Affected software

Affected versions
Red HatRed Hat Advanced Cluster Management for KubernetesRed Hat Advanced Cluster Management for Kubernetes 2.11amd64registry.redhat.io/rhacm2/cert-policy-controller-rhel9@sha256:8a1f8452deab0bbc9efd023bd14b6647d9e3f41e92a9ff9414e06e5b5e2cfcfc_amd64

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/16/2026, 10:42:59 UTC

Technical Analysis

This security advisory from Red Hat Product Security covers Red Hat Advanced Cluster Management for Kubernetes 2.11 container images. It addresses a set of 16 CVEs, including CVE-2025-9288, among others, related to various weaknesses (e.g., CWE-20, CWE-79, CWE-295). The advisory updates container images with new features, enhancements, and bug fixes. However, the advisory does not explicitly state which versions are affected or fixed, nor does it provide CVSS scores or detailed vulnerability descriptions. The update is intended to improve security posture and operational stability of the product.

Potential Impact

The vulnerabilities addressed are rated as high severity and affect Red Hat Advanced Cluster Management for Kubernetes container images. The advisory implies potential security risks if the update is not applied, but no known exploits in the wild have been reported. The impact involves multiple security weaknesses that could affect cluster management and security policy enforcement across hybrid cloud environments.

Mitigation Recommendations

Red Hat has released updated container images as part of the 2.11.10 release to address these vulnerabilities. Users should apply this update after ensuring all previously released relevant errata are installed. Detailed update instructions are available from Red Hat's official documentation. Since this is not a cloud service, remediation is managed by the user applying the update. Patch status is confirmed by the vendor advisory indicating updated images are available.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Csaf Category
csaf_security_advisory
Csaf Version
2.0
Publisher
Red Hat Product Security
Advisory Id
RHSA-2026:40138
Cve Count
16
Additional Cves
["CVE-2025-13465","CVE-2026-21721","CVE-2026-22029","CVE-2026-25639","CVE-2026-42508","CVE-2026-44486","CVE-2026-44487","CVE-2026-44488","CVE-2026-44492","CVE-2026-44494","CVE-2026-44495","CVE-2026-44496","CVE-2026-44990","CVE-2026-46384","CVE-2026-46385"]
Cvss Version
null

Threat ID: 6a58b3f068715ace43d65bcc

Added to database: 07/16/2026, 10:35:28 UTC

Last enriched: 07/16/2026, 10:42:59 UTC

Last updated: 07/16/2026, 19:47:30 UTC

Views: 2

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses