KEV Entry

CVE-2026-4631

Known Exploited Vulnerability Entry KEVIntel

Entry Details
Confirmed Exploited

CVE-2026-4631

2026-07-08 00:00 UTC


Timestamps

2026-07-08

2026-07-08


Scope

Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection | Affected: Red Hat / Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 10.0 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.6 Extended Update Support, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8 | CVSS: 9.8 (CRITICAL) | EPSS: 0.142 | Used in malware: unknown | Not yet in CISA KEV: True


References
  • {'id': 'CVE-2026-4631', 'url': 'https://www.cve.org/CVERecord?id=CVE-2026-4631'}
  • {'id': 'kevintel', 'url': 'https://kevintel.com/CVE-2026-4631'}

68d3f3d4-7e6e-4256-87a0-d668391985aa

KEVIntel
caeb2787-0d58-4236-9039-7c86c3e566f3

2026-07-09 09:00 UTC

2026-07-10 06:14 UTC

Evidence
1
Type Source Signal Confidence Details GCVE Metadata
public_report kevintel successful_exploitation 0.70
View details
{
  "added_date": "2026-07-08T00:00:00.000Z",
  "ahead_of_cisa_kev": null,
  "cvss_score": 9.8,
  "cvss_severity": "CRITICAL",
  "epss_percentile": 0.96147,
  "epss_score": 0.142,
  "feed": "KEVIntel (kevintel.com)",
  "not_yet_in_cisa_kev": true,
  "product": "Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 10.0 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.6 Extended Update Support, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8",
  "title": "Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection",
  "used_in_malware": "unknown",
  "vendor": "Red Hat"
}
-