Vulnerability-Lookup

CVE-2026-28498 (GCVE-0-2026-28498)

Vulnerability from cvelistv5 – Published: 2026-03-16 18:03 – Updated: 2026-03-16 18:14

Title

Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding

Summary

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID Tokens. Specifically, the internal hash verification logic (_verify_hash) responsible for validating the at_hash (Access Token Hash) and c_hash (Authorization Code Hash) claims exhibits a fail-open behavior when encountering an unsupported or unknown cryptographic algorithm. This flaw allows an attacker to bypass mandatory integrity protections by supplying a forged ID Token with a deliberately unrecognized alg header parameter. The library intercepts the unsupported state and silently returns True (validation passed), inherently violating fundamental cryptographic design principles and direct OIDC specifications. This issue has been patched in version 1.6.9.

Severity

8.2 (High)


                        
                          CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-354 - Improper Validation of Integrity Check Value
CWE-573 - Improper Following of Specification by Caller

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/authlib/authlib/security/advis…	x_refsource_CONFIRM
https://github.com/authlib/authlib/commit/b9bb2b2…	x_refsource_MISC
https://github.com/authlib/authlib/releases/tag/v1.6.9	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
authlib	authlib	Affected: < 1.6.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-28498",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-16T18:14:21.039703Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-16T18:14:42.149Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "authlib",
          "vendor": "authlib",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.6.9"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID Tokens. Specifically, the internal hash verification logic (_verify_hash) responsible for validating the at_hash (Access Token Hash) and c_hash (Authorization Code Hash) claims exhibits a fail-open behavior when encountering an unsupported or unknown cryptographic algorithm. This flaw allows an attacker to bypass mandatory integrity protections by supplying a forged ID Token with a deliberately unrecognized alg header parameter. The library intercepts the unsupported state and silently returns True (validation passed), inherently violating fundamental cryptographic design principles and direct OIDC specifications. This issue has been patched in version 1.6.9."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-354",
              "description": "CWE-354: Improper Validation of Integrity Check Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-573",
              "description": "CWE-573: Improper Following of Specification by Caller",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-16T18:03:28.821Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/authlib/authlib/security/advisories/GHSA-m344-f55w-2m6j",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/authlib/authlib/security/advisories/GHSA-m344-f55w-2m6j"
        },
        {
          "name": "https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b"
        },
        {
          "name": "https://github.com/authlib/authlib/releases/tag/v1.6.9",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/authlib/authlib/releases/tag/v1.6.9"
        }
      ],
      "source": {
        "advisory": "GHSA-m344-f55w-2m6j",
        "discovery": "UNKNOWN"
      },
      "title": "Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-28498",
    "datePublished": "2026-03-16T18:03:28.821Z",
    "dateReserved": "2026-02-27T20:57:47.708Z",
    "dateUpdated": "2026-03-16T18:14:42.149Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-28498",
      "date": "2026-06-15",
      "epss": "0.00201",
      "percentile": "0.09968"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-28498\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-16T18:16:07.717\",\"lastModified\":\"2026-03-17T20:40:37.573\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID Tokens. Specifically, the internal hash verification logic (_verify_hash) responsible for validating the at_hash (Access Token Hash) and c_hash (Authorization Code Hash) claims exhibits a fail-open behavior when encountering an unsupported or unknown cryptographic algorithm. This flaw allows an attacker to bypass mandatory integrity protections by supplying a forged ID Token with a deliberately unrecognized alg header parameter. The library intercepts the unsupported state and silently returns True (validation passed), inherently violating fundamental cryptographic design principles and direct OIDC specifications. This issue has been patched in version 1.6.9.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-354\"},{\"lang\":\"en\",\"value\":\"CWE-573\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:authlib:authlib:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.6.9\",\"matchCriteriaId\":\"8C677FEC-2094-49D8-ABAB-F740B6F83D38\"}]}]}],\"references\":[{\"url\":\"https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/authlib/authlib/releases/tag/v1.6.9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/authlib/authlib/security/advisories/GHSA-m344-f55w-2m6j\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-28498\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-16T18:14:21.039703Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-16T18:14:33.935Z\"}}], \"cna\": {\"title\": \"Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding\", \"source\": {\"advisory\": \"GHSA-m344-f55w-2m6j\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"authlib\", \"product\": \"authlib\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.6.9\"}]}], \"references\": [{\"url\": \"https://github.com/authlib/authlib/security/advisories/GHSA-m344-f55w-2m6j\", \"name\": \"https://github.com/authlib/authlib/security/advisories/GHSA-m344-f55w-2m6j\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b\", \"name\": \"https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/authlib/authlib/releases/tag/v1.6.9\", \"name\": \"https://github.com/authlib/authlib/releases/tag/v1.6.9\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID Tokens. Specifically, the internal hash verification logic (_verify_hash) responsible for validating the at_hash (Access Token Hash) and c_hash (Authorization Code Hash) claims exhibits a fail-open behavior when encountering an unsupported or unknown cryptographic algorithm. This flaw allows an attacker to bypass mandatory integrity protections by supplying a forged ID Token with a deliberately unrecognized alg header parameter. The library intercepts the unsupported state and silently returns True (validation passed), inherently violating fundamental cryptographic design principles and direct OIDC specifications. This issue has been patched in version 1.6.9.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-354\", \"description\": \"CWE-354: Improper Validation of Integrity Check Value\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-573\", \"description\": \"CWE-573: Improper Following of Specification by Caller\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-16T18:03:28.821Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-28498\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-16T18:14:42.149Z\", \"dateReserved\": \"2026-02-27T20:57:47.708Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-16T18:03:28.821Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

SUSE-SU-2026:0975-1

Vulnerability from csaf_suse - Published: 2026-03-23 16:34 - Updated: 2026-03-23 16:34

Summary

Security update for python-Authlib

Severity

Critical

Notes

Title of the patch: Security update for python-Authlib

Description of the patch: This update for python-Authlib fixes the following issues: - CVE-2026-27962: JWS `deserialize_compact()` allows for signature bypass by accepting user-controlled embedded JWK as verification key (bsc#1259738). - CVE-2026-28490: cryptographic padding oracle in JWE RSA1_5 key management algorithm (bsc#1259736). - CVE-2026-28498: fail-open in behavior OIDC hash validation allows for bypass mandatory integrity protections (bsc#1259737).

Patchnames: SUSE-2026-975,SUSE-SLE-Module-Python3-15-SP7-2026-975,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-975,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-975,openSUSE-SLE-15.6-2026-975

CVE-2026-27962

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix

Threats

Impact critical

CVE-2026-28490

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix

Threats

Impact moderate

CVE-2026-28498

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch	—	Vendor Fix

Threats

Impact critical

References

16 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1259736	self
https://bugzilla.suse.com/1259737	self
https://bugzilla.suse.com/1259738	self
https://www.suse.com/security/cve/CVE-2026-27962/	self
https://www.suse.com/security/cve/CVE-2026-28490/	self
https://www.suse.com/security/cve/CVE-2026-28498/	self
https://www.suse.com/security/cve/CVE-2026-27962	external
https://bugzilla.suse.com/1259738	external
https://www.suse.com/security/cve/CVE-2026-28490	external
https://bugzilla.suse.com/1259736	external
https://www.suse.com/security/cve/CVE-2026-28498	external
https://bugzilla.suse.com/1259737	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for python-Authlib",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for python-Authlib fixes the following issues:\n\n- CVE-2026-27962: JWS `deserialize_compact()` allows for signature bypass by accepting user-controlled embedded JWK as\n  verification key (bsc#1259738).\n- CVE-2026-28490: cryptographic padding oracle in JWE RSA1_5 key management algorithm (bsc#1259736).\n- CVE-2026-28498: fail-open in behavior OIDC hash validation allows for bypass mandatory integrity protections\n  (bsc#1259737).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-975,SUSE-SLE-Module-Python3-15-SP7-2026-975,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-975,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-975,openSUSE-SLE-15.6-2026-975",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0975-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:0975-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260975-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:0975-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024822.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259736",
        "url": "https://bugzilla.suse.com/1259736"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259737",
        "url": "https://bugzilla.suse.com/1259737"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259738",
        "url": "https://bugzilla.suse.com/1259738"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-27962 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-27962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-28490 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-28490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-28498 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-28498/"
      }
    ],
    "title": "Security update for python-Authlib",
    "tracking": {
      "current_release_date": "2026-03-23T16:34:37Z",
      "generator": {
        "date": "2026-03-23T16:34:37Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:0975-1",
      "initial_release_date": "2026-03-23T16:34:37Z",
      "revision_history": [
        {
          "date": "2026-03-23T16:34:37Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python311-Authlib-1.3.1-150600.3.17.1.noarch",
                "product": {
                  "name": "python311-Authlib-1.3.1-150600.3.17.1.noarch",
                  "product_id": "python311-Authlib-1.3.1-150600.3.17.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Python 3 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Python 3 15 SP7",
                  "product_id": "SUSE Linux Enterprise Module for Python 3 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-python3:15:sp7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-Authlib-1.3.1-150600.3.17.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch"
        },
        "product_reference": "python311-Authlib-1.3.1-150600.3.17.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-Authlib-1.3.1-150600.3.17.1.noarch as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch"
        },
        "product_reference": "python311-Authlib-1.3.1-150600.3.17.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-Authlib-1.3.1-150600.3.17.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
        },
        "product_reference": "python311-Authlib-1.3.1-150600.3.17.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-Authlib-1.3.1-150600.3.17.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
        },
        "product_reference": "python311-Authlib-1.3.1-150600.3.17.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-27962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-27962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a JWK Header Injection vulnerability in authlib\u0027s JWS implementation allows an unauthenticated attacker to forge arbitrary JWT tokens that pass signature verification. When key=None is passed to any JWS deserialization function, the library extracts and uses the cryptographic key embedded in the attacker-controlled JWT jwk header field. An attacker can sign a token with their own private key, embed the matching public key in the header, and have the server accept the forged token as cryptographically valid - bypassing authentication and authorization entirely. This issue has been patched in version 1.6.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch",
          "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch",
          "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-27962",
          "url": "https://www.suse.com/security/cve/CVE-2026-27962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259738 for CVE-2026-27962",
          "url": "https://bugzilla.suse.com/1259738"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-23T16:34:37Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2026-27962"
    },
    {
      "cve": "CVE-2026-28490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-28490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a cryptographic padding oracle vulnerability was identified in the Authlib Python library concerning the implementation of the JSON Web Encryption (JWE) RSA1_5 key management algorithm. Authlib registers RSA1_5 in its default algorithm registry without requiring explicit opt-in, and actively destroys the constant-time Bleichenbacher mitigation that the underlying cryptography library implements correctly. This issue has been patched in version 1.6.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch",
          "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch",
          "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-28490",
          "url": "https://www.suse.com/security/cve/CVE-2026-28490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259736 for CVE-2026-28490",
          "url": "https://bugzilla.suse.com/1259736"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-23T16:34:37Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-28490"
    },
    {
      "cve": "CVE-2026-28498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-28498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID Tokens. Specifically, the internal hash verification logic (_verify_hash) responsible for validating the at_hash (Access Token Hash) and c_hash (Authorization Code Hash) claims exhibits a fail-open behavior when encountering an unsupported or unknown cryptographic algorithm. This flaw allows an attacker to bypass mandatory integrity protections by supplying a forged ID Token with a deliberately unrecognized alg header parameter. The library intercepts the unsupported state and silently returns True (validation passed), inherently violating fundamental cryptographic design principles and direct OIDC specifications. This issue has been patched in version 1.6.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch",
          "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch",
          "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-28498",
          "url": "https://www.suse.com/security/cve/CVE-2026-28498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259737 for CVE-2026-28498",
          "url": "https://bugzilla.suse.com/1259737"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server 15 SP6-LTSS:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP6:python311-Authlib-1.3.1-150600.3.17.1.noarch",
            "openSUSE Leap 15.6:python311-Authlib-1.3.1-150600.3.17.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-23T16:34:37Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2026-28498"
    }
  ]
}

WID-SEC-W-2026-0935

Vulnerability from csaf_certbund - Published: 2026-03-31 22:00 - Updated: 2026-06-02 22:00

Summary

Red Hat Ansible Automation Platform: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Ansible Automation Platform ist eine End-to-End-Automatisierungsplattform für die Systemkonfiguration, die Softwarebereitstellung und die Orchestrierung erweiterter Workflows.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Ansible Automation Platform ausnutzen, um einen Denial of Service Angriff durchzuführen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder Cross-Site-Scripting-Angriffe durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX

CVE-2025-69223

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2025-69873

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2026-25639

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2026-25990

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2026-29074

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2026-30827

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2026-30922

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2026-26007

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2026-1615

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2026-28498

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2026-28802

Affected products

Known affected 16 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
Red Hat OpenShift Network Observability 1.11.2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.11.2`	Network Observability 1.11.2
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
HCL BigFix WebUI HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	WebUI
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat Enterprise Linux 8.8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8.8`	8.8
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM App Connect Enterprise IBM	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Ansible Automation Platform <2.5 Red Hat / Ansible Automation Platform		<2.5
Red Hat Ansible Automation Platform <2.6 Red Hat / Ansible Automation Platform		<2.6
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

References

63 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2026:6308	external
https://access.redhat.com/errata/RHSA-2026:6309	external
https://access.redhat.com/errata/RHSA-2026:6404	external
https://access.redhat.com/errata/RHSA-2026:6278	external
https://alas.aws.amazon.com/AL2/ALAS2-2026-3215.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://access.redhat.com/errata/RHSA-2026:5910	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://access.redhat.com/errata/RHSA-2026:8218	external
https://www.ibm.com/support/pages/node/7269544	external
https://access.redhat.com/errata/RHSA-2026:8490	external
https://access.redhat.com/errata/RHSA-2026:8437	external
https://access.redhat.com/errata/RHSA-2026:10184	external
https://access.redhat.com/errata/RHSA-2026:10093	external
https://access.redhat.com/errata/RHSA-2026:12176	external
https://access.redhat.com/errata/RHSA-2026:11916	external
https://access.redhat.com/errata/RHSA-2026:11856	external
http://linux.oracle.com/errata/ELSA-2026-12176.html	external
https://access.redhat.com/errata/RHSA-2026:13553	external
https://access.redhat.com/errata/RHSA-2026:13508	external
https://access.redhat.com/errata/RHSA-2026:13512	external
https://access.redhat.com/errata/RHSA-2026:13545	external
https://access.redhat.com/errata/RHSA-2026:13826	external
https://access.redhat.com/errata/RHSA-2026:13917	external
https://access.redhat.com/errata/RHSA-2026:13916	external
https://errata.build.resf.org/RLSA-2026:13672	external
https://access.redhat.com/errata/RHSA-2026:13902	external
http://linux.oracle.com/errata/ELSA-2026-13916.html	external
https://errata.build.resf.org/RLSA-2026:13902	external
https://access.redhat.com/errata/RHSA-2026:14020	external
http://linux.oracle.com/errata/ELSA-2026-13917.html	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://errata.build.resf.org/RLSA-2026:13916	external
https://access.redhat.com/errata/RHSA-2026:14873	external
https://access.redhat.com/errata/RHSA-2026:14874	external
https://linux.oracle.com/errata/ELSA-2026-13902.html	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://errata.build.resf.org/RLSA-2026:13917	external
https://support.hcl-software.com/csm?id=kb_articl…	external
https://lists.debian.org/debian-lts-announce/2026…	external
https://access.redhat.com/errata/RHSA-2026:16535	external
https://access.redhat.com/errata/RHSA-2026:15091	external
https://access.redhat.com/errata/RHSA-2026:14774	external
https://access.redhat.com/errata/RHSA-2026:17083	external
https://access.redhat.com/errata/RHSA-2026:16874	external
https://www.ibm.com/support/pages/node/7273312	external
https://access.redhat.com/errata/RHSA-2026:19138	external
https://access.redhat.com/errata/RHSA-2026:19355	external
https://access.redhat.com/errata/RHSA-2026:19375	external
https://access.redhat.com/errata/RHSA-2026:19712	external
https://access.redhat.com/errata/RHSA-2026:20588	external
https://access.redhat.com/errata/RHSA-2026:21431	external
https://access.redhat.com/errata/RHSA-2026:21517	external
https://access.redhat.com/errata/RHSA-2026:22131	external
https://access.redhat.com/errata/RHSA-2026:22134	external
https://access.redhat.com/errata/RHSA-2026:22135	external
https://access.redhat.com/errata/RHSA-2026:22133	external
https://access.redhat.com/errata/RHSA-2026:22132	external
https://access.redhat.com/errata/RHSA-2026:22330	external
https://access.redhat.com/errata/RHSA-2026:22465	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Ansible Automation Platform ist eine End-to-End-Automatisierungsplattform f\u00fcr die Systemkonfiguration, die Softwarebereitstellung und die Orchestrierung erweiterter Workflows.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Ansible Automation Platform ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder Cross-Site-Scripting-Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0935 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0935.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0935 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0935"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2026-03-31",
        "url": "https://access.redhat.com/errata/RHSA-2026:6308"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2026-03-31",
        "url": "https://access.redhat.com/errata/RHSA-2026:6309"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:6404 vom 2026-04-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:6404"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:6278 vom 2026-04-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:6278"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2026-3215 vom 2026-04-01",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3215.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20929-1 vom 2026-04-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025088.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:5910 vom 2026-04-02",
        "url": "https://access.redhat.com/errata/RHSA-2026:5910"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21021-1 vom 2026-04-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025209.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:8218 vom 2026-04-15",
        "url": "https://access.redhat.com/errata/RHSA-2026:8218"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7269544 vom 2026-04-15",
        "url": "https://www.ibm.com/support/pages/node/7269544"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:8490 vom 2026-04-16",
        "url": "https://access.redhat.com/errata/RHSA-2026:8490"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:8437 vom 2026-04-16",
        "url": "https://access.redhat.com/errata/RHSA-2026:8437"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:10184 vom 2026-04-23",
        "url": "https://access.redhat.com/errata/RHSA-2026:10184"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:10093 vom 2026-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2026:10093"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:12176 vom 2026-04-30",
        "url": "https://access.redhat.com/errata/RHSA-2026:12176"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:11916 vom 2026-04-30",
        "url": "https://access.redhat.com/errata/RHSA-2026:11916"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:11856 vom 2026-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2026:11856"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-12176 vom 2026-05-01",
        "url": "http://linux.oracle.com/errata/ELSA-2026-12176.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13553 vom 2026-05-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:13553"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13508 vom 2026-05-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:13508"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13512 vom 2026-05-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:13512"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13545 vom 2026-05-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:13545"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13826 vom 2026-05-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:13826"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13917 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:13917"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13916 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:13916"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13672 vom 2026-05-06",
        "url": "https://errata.build.resf.org/RLSA-2026:13672"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13902 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:13902"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-13916 vom 2026-05-07",
        "url": "http://linux.oracle.com/errata/ELSA-2026-13916.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13902 vom 2026-05-07",
        "url": "https://errata.build.resf.org/RLSA-2026:13902"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14020 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14020"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-13917 vom 2026-05-07",
        "url": "http://linux.oracle.com/errata/ELSA-2026-13917.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-85B819B928 vom 2026-05-08",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-85b819b928"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13916 vom 2026-05-07",
        "url": "https://errata.build.resf.org/RLSA-2026:13916"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14873 vom 2026-05-07",
        "url": "https://access.redhat.com/errata/RHSA-2026:14873"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14874 vom 2026-05-07",
        "url": "https://access.redhat.com/errata/RHSA-2026:14874"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-13902 vom 2026-05-07",
        "url": "https://linux.oracle.com/errata/ELSA-2026-13902.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-301CBBE347 vom 2026-05-08",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-301cbbe347"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-793B55138D vom 2026-05-08",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-793b55138d"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13917 vom 2026-05-07",
        "url": "https://errata.build.resf.org/RLSA-2026:13917"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin",
        "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0130587"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4579 vom 2026-05-11",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00023.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:16535 vom 2026-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2026:16535"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:15091 vom 2026-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2026:15091"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14774 vom 2026-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2026:14774"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:17083 vom 2026-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2026:17083"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:16874 vom 2026-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2026:16874"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7273312 vom 2026-05-18",
        "url": "https://www.ibm.com/support/pages/node/7273312"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19138 vom 2026-05-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:19138"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19355 vom 2026-05-20",
        "url": "https://access.redhat.com/errata/RHSA-2026:19355"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19375 vom 2026-05-20",
        "url": "https://access.redhat.com/errata/RHSA-2026:19375"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19712 vom 2026-05-21",
        "url": "https://access.redhat.com/errata/RHSA-2026:19712"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:20588 vom 2026-05-26",
        "url": "https://access.redhat.com/errata/RHSA-2026:20588"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21431 vom 2026-05-28",
        "url": "https://access.redhat.com/errata/RHSA-2026:21431"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21517 vom 2026-05-28",
        "url": "https://access.redhat.com/errata/RHSA-2026:21517"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:22131 vom 2026-06-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:22131"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:22134 vom 2026-06-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:22134"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:22135 vom 2026-06-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:22135"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:22133 vom 2026-06-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:22133"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:22132 vom 2026-06-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:22132"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:22330 vom 2026-06-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:22330"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:22465 vom 2026-06-02",
        "url": "https://access.redhat.com/errata/RHSA-2026:22465"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Ansible Automation Platform: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-02T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-03T06:33:04.847+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-0935",
      "initial_release_date": "2026-03-31T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-31T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-04-01T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat, Amazon und SUSE aufgenommen"
        },
        {
          "date": "2026-04-12T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-04-14T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-16T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-23T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-28T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-29T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-03T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2026-05-04T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-05T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat und Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2026-05-06T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Oracle Linux, Rocky Enterprise Software Foundation und Red Hat aufgenommen"
        },
        {
          "date": "2026-05-07T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Fedora, Rocky Enterprise Software Foundation, Red Hat und Oracle Linux aufgenommen"
        },
        {
          "date": "2026-05-10T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von HCL aufgenommen"
        },
        {
          "date": "2026-05-11T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2026-05-12T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-14T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-18T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2026-05-19T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-20T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-25T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-27T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-31T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-06-01T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-06-02T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "25"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "WebUI",
                "product": {
                  "name": "HCL BigFix WebUI",
                  "product_id": "T036098",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:bigfix:webui"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "BigFix"
          }
        ],
        "category": "vendor",
        "name": "HCL"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM App Connect Enterprise",
            "product": {
              "name": "IBM App Connect Enterprise",
              "product_id": "T051349",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:app_connect_enterprise:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "IBM DB2",
            "product": {
              "name": "IBM DB2",
              "product_id": "T048379",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:db2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.5",
                "product": {
                  "name": "Red Hat Ansible Automation Platform \u003c2.5",
                  "product_id": "T052317"
                }
              },
              {
                "category": "product_version",
                "name": "2.5",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.5",
                  "product_id": "T052317-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform:2.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c2.6",
                "product": {
                  "name": "Red Hat Ansible Automation Platform \u003c2.6",
                  "product_id": "T052318"
                }
              },
              {
                "category": "product_version",
                "name": "2.6",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.6",
                  "product_id": "T052318-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform:2.6"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Ansible Automation Platform"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "10.0 Extended Update Support",
                "product": {
                  "name": "Red Hat Enterprise Linux 10.0 Extended Update Support",
                  "product_id": "T054024",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.0_extended_update_support"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.8",
                "product": {
                  "name": "Red Hat Enterprise Linux 8.8",
                  "product_id": "T054696",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:8.8"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.15.64",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.15.64",
                  "product_id": "T054018"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.15.64",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.15.64",
                  "product_id": "T054018-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.15.64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Network Observability 1.11.2",
                "product": {
                  "name": "Red Hat OpenShift Network Observability 1.11.2",
                  "product_id": "T054021",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:network_observability_1.11.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-69223",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2025-69223"
    },
    {
      "cve": "CVE-2025-69873",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2025-69873"
    },
    {
      "cve": "CVE-2026-25639",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-25639"
    },
    {
      "cve": "CVE-2026-25990",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-25990"
    },
    {
      "cve": "CVE-2026-29074",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-29074"
    },
    {
      "cve": "CVE-2026-30827",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-30827"
    },
    {
      "cve": "CVE-2026-30922",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-30922"
    },
    {
      "cve": "CVE-2026-26007",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-26007"
    },
    {
      "cve": "CVE-2026-1615",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-1615"
    },
    {
      "cve": "CVE-2026-28498",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-28498"
    },
    {
      "cve": "CVE-2026-28802",
      "product_status": {
        "known_affected": [
          "T054024",
          "T054021",
          "67646",
          "T054018",
          "T004914",
          "T036098",
          "T032255",
          "74185",
          "T054696",
          "2951",
          "T002207",
          "T051349",
          "T052317",
          "T052318",
          "398363",
          "T048379"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-28802"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-28498 (GCVE-0-2026-28498)

SUSE-SU-2026:0975-1

WID-SEC-W-2026-0935

Tags

Sightings

Nomenclature