Threats Tagged 'cve-2026-27942'

Red Hat Developer Hub (RHDH) 1. 9. 3 addresses multiple security vulnerabilities affecting its enterprise-grade developer portal based on Backstage. io. The vulnerabilities include a range of issues identified by 15 CVEs, covering weaknesses such as improper input validation, code injection, and path traversal. The advisory indicates a high severity level and provides updated images and fixes for identified bugs. No known exploits are reported in the wild. The vendor advisory does not explicitly confirm patch availability but announces the 1. 9. 3 release as a security update addressing these issues.

Red Hat Advanced Cluster Security for Kubernetes (RHACS) version 4. 8. 10 includes a security and bug fix update addressing multiple vulnerabilities. The update resolves a set of 12 CVEs, including CVE-2026-25128 and others, affecting various components of RHACS. The advisory recommends upgrading to this version to benefit from the security patches and enhancements. No known exploits in the wild have been reported for these vulnerabilities. The update also fixes a specific issue where Helm charts did not configure image pull secrets for the scanner ServiceAccount. The vendor advisory provides updated container images for affected architectures. Users of earlier RHACS versions are advised to upgrade to 4. 8.

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with `preserveOrder:true`. Version 5.3.8 fixes the issue. As a workaround, use XML builder with `preserveOrder:false` or check the input data before passing to builder.

LowVulnerabilityUnited StatesIndiaGermany+7#cve#cve-2026-27942#cwe-120