Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threats Tagged 'cve-2026-32282'

View all threats tagged with 'cve-2026-32282'. Filter and sort to focus on specific types of threats.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.
Active filters (1):Tag: cve-2026-32282

Threats Tagged 'cve-2026-32282'

Click on any threat for detailed analysis and mitigation recommendations

Red Hat Security Advisory: Satellite 6.17.9 Async UpdateCVE-2026-5135
0

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Security Fix(es): * python-pillow: Pillow: Denial of Service via decompression bomb in FITS image processing (CVE-2026-40192) * dynflow-utils: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) * yggdrasil-worker-forwarder: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) * foreman: Foreman: Privilege escalation to administrator-level access via usergroup role assignment manipulation (CVE-2026-5136) * foreman: Foreman: Information disclosure via improper validation of nested request parameters (CVE-2026-5138) * foreman: Foreman: Unauthorized modification of host configurations via broken access control (CVE-2026-5135) * foreman: foreman: Cross-tenant private SSH key disclosure via taxonomy scoping bypass (CVE-2026-5142) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * orphan cleanup triggers CapsuleContent::UpdateContentCounts regardless of automatic_content_count_updates setting (SAT-45923) * The custom repository fails to sync with the Capsule server, resulting in an error (SAT-44719)

Join the discussion
Red Hat Security Advisory: Satellite 6.19.2 Async UpdateCVE-2026-5135
0

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Security Fix(es): * candlepin: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects (CVE-2026-27727) * yggdrasil-worker-forwarder: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) * yggdrasil-worker-forwarder: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application (CVE-2026-33810) * yggdrasil-worker-forwarder: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) * yggdrasil-worker-forwarder: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) * yggdrasil-worker-forwarder: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) * yggdrasil-worker-forwarder: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281) * python-pillow: Pillow: Denial of Service via decompression bomb in FITS image processing (CVE-2026-40192) * python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens (CVE-2026-48526) * foreman: foreman: Cross-tenant private SSH key disclosure via taxonomy scoping bypass (CVE-2026-5142) * foreman: Foreman: Information disclosure via improper validation of nested request parameters (CVE-2026-5138) * foreman: Foreman: Privilege escalation to administrator-level access via usergroup role assignment manipulation (CVE-2026-5136) * foreman: Foreman: Unauthorized modification of host configurations via broken access control (CVE-2026-5135)

Join the discussion
Red Hat Security Advisory: Satellite 6.18.7 Async UpdateCVE-2026-5135
0

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Security Fix(es): * foreman: Unauthorized modification of host configurations via broken access control (CVE-2026-5135) * foreman: Privilege escalation to administrator-level access via usergroup role assignment manipulation (CVE-2026-5136) * foreman: Information disclosure via improper validation of nested request parameters (CVE-2026-5138) * foreman: Cross-tenant private SSH key disclosure via taxonomy scoping bypass (CVE-2026-5142) * yggdrasil-worker-forwarder: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) * python-pillow: Pillow: Denial of Service via decompression bomb in FITS image processing (CVE-2026-40192) Bug Fix(es): * orphan cleanup triggers CapsuleContent::UpdateContentCounts regardless of automatic_content_count_updates setting (SAT-47204)

Join the discussion
Red Hat Security Advisory: Satellite 6.18.6 Async UpdateCVE-2026-25990
0

Red Hat Satellite 6.18.6 for RHEL 9 addresses multiple security vulnerabilities including an out-of-bounds write in the Pillow library via a specially crafted PSD image (CVE-2026-25990), arbitrary code execution through deserialization of crafted objects in c3p0 (CVE-2026-27830), and a symlink following issue in Root.Chmod (CVE-2026-32282). These vulnerabilities affect system management and provisioning components used to maintain systems without public Internet access. The update is rated as having an Important security impact by Red Hat Product Security.

Join the discussion

Showing 1 to 4 of 4 results

Filters:Tag: cve-2026-32282
Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses