High Severity Threats

Red Hat has issued a security advisory (RHSA-2026:7412) for Red Hat Hardened Images RPMs, including multiple bind packages. The update addresses bugs and enhancements related to CVE-2026-3593 and CVE-2026-5947. No specific fixes or exploit details are provided in the advisory. The severity is classified as high. No known exploits are reported in the wild. The advisory includes updated RPM versions for bind components on aarch64 and x86_64 architectures. Patch status is not explicitly confirmed in the advisory text.

This vulnerability affects the Linux kernel, which is the core component of the Linux operating system. Multiple weaknesses identified under CVE-2026-43284 and CVE-2026-43500 could allow an attacker to gain administrator (root) privileges. The affected Linux distributions include Amazon Linux 2, Debian, and Fedora. No CVSS score is provided, and there is no indication of known exploits in the wild. No patch or remediation information is currently available from the vendor advisory.

Red Hat has released a security update for its build of Quarkus version 3. 27. 1. SP1 addressing three vulnerabilities: two in the lz4-java library involving information disclosure and denial of service via out-of-bounds memory operations, and one cross-site scripting vulnerability in Eclipse Vert. x web. These issues have been rated as important by Red Hat Product Security. The update is intended to fix these vulnerabilities and users are advised to apply it after ensuring all previous relevant errata are installed.

Red Hat OpenShift Container Platform 4. 18. 6 includes security updates addressing two vulnerabilities: a use-after-free flaw in libxml2 (CVE-2024-56171) and a denial of service vulnerability in Go JOSE parsing (CVE-2025-27144). These issues affect on-premise or private cloud deployments of OpenShift Container Platform 4. 18. Users are advised to upgrade to the updated container images and packages available through the appropriate release channels. Detailed upgrade instructions are provided by Red Hat. The update also includes various bug fixes and enhancements unrelated to security.

Multiple vulnerabilities have been identified in Red Hat AI Inference Server Model Optimization Tools 3. 2. 2 (CUDA). These issues are cataloged under six CVEs, including CVE-2025-68131 and others, affecting the specified Red Hat AI Inference Server versions. The advisory does not provide details on the nature of the vulnerabilities or their exploitation but categorizes the severity as high. No patches or fixes are currently available according to the vendor advisory. There are no known exploits in the wild at this time. The vendor advisory emphasizes the availability of updated images but does not explicitly state that these address the vulnerabilities.

A vulnerability in etcd allows read access via the PrevKv feature in etcd transactions to potentially bypass Role-Based Access Control (RBAC) authorization checks. This could enable unauthorized users to read data they should not have access to. The vulnerability is identified as CWE-863, indicating improper authorization. There is no CVSS score available, no known exploits in the wild, and no patch or remediation information provided. The affected products include Microsoft Azure Linux 3. 0 and etcd versions related to Microsoft. No geographic targeting is indicated.

Red Hat has released a security update for its build of Quarkus 3. 20. 4. SP1 addressing three vulnerabilities: two in lz4-java involving information disclosure and denial of service due to insufficient buffer clearing and out-of-bounds memory operations, and one cross-site scripting vulnerability in Eclipse Vert. x web. The update is rated as important by Red Hat Product Security. No CVSS scores are provided for these vulnerabilities. The update should be applied after ensuring all prior relevant errata are installed.

Red Hat OpenShift Container Platform 4. 17. 22 includes security updates addressing two vulnerabilities: a use-after-free flaw in libxml2 (CVE-2024-56171) and a denial of service vulnerability in Go JOSE parsing (CVE-2025-27144). These issues affect on-premise or private cloud deployments of OpenShift Container Platform 4. 17. Users are advised to upgrade to the updated container images and packages available in the appropriate release channels. Detailed upgrade instructions are provided by Red Hat. The update is rated with an important security impact by Red Hat Product Security.

This advisory addresses multiple vulnerabilities in the Logging subsystem for Red Hat OpenShift 6. 1. 4. The issues include non-linear parsing of case-insensitive content in golang. org/x/net/html (CVE-2024-45338), sensitive HTTP headers being incorrectly sent after cross-domain redirects (CVE-2024-45336), and a denial of service vulnerability in Go JOSE's parsing (CVE-2025-27144). These vulnerabilities affect various containers within the logging stack such as logging-loki, cluster-logging-operator, lokistack-gateway, and opa-openshift. The advisory provides upgrade instructions to apply fixes. No known exploits in the wild have been reported. The severity is rated high by Red Hat. Patch status is not explicitly stated but upgrade instructions indicate that fixes are available.

This advisory addresses two vulnerabilities in the logging components of Red Hat OpenShift 6. 0. 6. The first vulnerability (CVE-2025-27144) affects the lokistack-gateway-container, where Go JOSE's parsing is vulnerable to denial of service. The second vulnerability (CVE-2024-45338) affects the logging-loki-container, involving non-linear parsing of case-insensitive content in golang. org/x/net/html. Both issues could impact the stability and reliability of the logging subsystem in Red Hat OpenShift. Red Hat has issued an important security advisory with instructions for upgrading and applying the update to remediate these vulnerabilities. There are no known exploits in the wild at this time.