Red Hat has issued a security advisory (RHSA-2026:7291) addressing a set of vulnerabilities impacting Red Hat Hardened Images RPMs, including CVE-2025-22873 among a total of 40 CVEs. These vulnerabilities span a wide range of common weakness enumerations (CWEs) such as CWE-22 (path traversal), CWE-400 (resource exhaustion), CWE-476 (null pointer dereference), and others, indicating multiple types of security issues. The affected products include Red Hat Hardened Images on the aarch64 platform and related Golang packages. The advisory is classified as high severity but lacks a CVSS score. There is no information about known exploitation in the wild. The vendor advisory link is provided but does not explicitly confirm patch status in the input data.

The vulnerabilities collectively represent a high-severity risk to affected Red Hat Hardened Images RPMs, potentially allowing attackers to exploit various security weaknesses such as path traversal, resource exhaustion, and input validation flaws. However, no known exploits have been reported in the wild to date. The impact could include unauthorized access, denial of service, or other security breaches depending on the specific vulnerability exploited.

The vendor advisory (RHSA-2026:7291) is the authoritative source for remediation guidance. Since the provided content does not explicitly confirm patch availability or state that no action is required, patch status is not yet confirmed. It is recommended to consult the official Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-27141 for the latest patch and mitigation information. Organizations using affected Red Hat Hardened Images should monitor Red Hat communications and apply updates promptly once official fixes are released.