Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

Red Hat Security Advisory: RHOAI 3.4.2 - Red Hat OpenShift AI

0
Critical
Published: 07/01/2026 (07/01/2026, 18:20:13 UTC)
Source: GCVE Database
Vendor/Project: Red Hat Product Security
Product: Red Hat

Description

Red Hat OpenShift AI (RHOAI) version 3.4.2 addresses multiple critical security vulnerabilities identified by six CVEs, including CVE-2026-2614 and others. The advisory announces updated images for RHOAI 3.4.2 but does not detail specific fixes or affected versions. No known exploits in the wild have been reported. The vendor provides documentation for upgrading clusters to apply this update fully.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/02/2026, 23:26:28 UTC

Technical Analysis

This security advisory from Red Hat Product Security covers multiple critical vulnerabilities affecting Red Hat OpenShift AI, collectively identified by six CVEs (CVE-2026-2614, CVE-2026-5241, CVE-2026-8643, CVE-2026-33245, CVE-2026-34993, CVE-2026-48710). The advisory announces the release of RHOAI 3.4.2 with updated container images intended to address these issues. The advisory does not specify affected versions or detailed vulnerability descriptions beyond referencing the CVEs and associated CWEs (including CWE-22, CWE-829, CWE-79, CWE-502, CWE-1289). No explicit patch links are provided, but the update to version 3.4.2 is the remediation. The vendor recommends following the official upgrade documentation to apply the errata update properly.

Potential Impact

The vulnerabilities are classified as critical, implying potential severe impact on confidentiality, integrity, or availability of Red Hat OpenShift AI deployments. The presence of multiple CWEs suggests risks such as path traversal, improper resource management, cross-site scripting, deserialization issues, and other security weaknesses. However, no known exploits in the wild have been reported at this time.

Mitigation Recommendations

A fix is available through the upgrade to Red Hat OpenShift AI version 3.4.2. Users should follow the official Red Hat documentation for upgrading their clusters to apply this errata update fully. No additional mitigation steps are specified or required beyond applying the update as per vendor guidance.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Csaf Category
csaf_security_advisory
Csaf Version
2.0
Publisher
Red Hat Product Security
Advisory Id
RHSA-2026:34456
Cve Count
6
Additional Cves
["CVE-2026-5241","CVE-2026-8643","CVE-2026-33245","CVE-2026-34993","CVE-2026-48710"]
Cvss Version
null

Threat ID: 6a46ece527e9c79719441c5a

Added to database: 07/02/2026, 22:57:41 UTC

Last enriched: 07/02/2026, 23:26:28 UTC

Last updated: 07/03/2026, 03:28:00 UTC

Views: 6

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses